www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.jpada.com/cgi-bin/click.pl?cid=nl010245202206&lid=217801&uid=202812725?utm_source=img1&utm_medium=newslett...
Effective URL:
https://www.123greetings.com/events/sukkot/sukkot10.html
Submission: On February 05 via api (February 5th 2022, 2:07:18 pm UTC) from BE — Scanned from DE

Summary HTTP 477 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 60 IPs in 10 countries across 57 domains to perform 477 HTTP transactions. The main IP is 184.72.245.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com. The Cisco Umbrella rank of the primary domain is 284678.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.

This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	184.73.249.63 184.73.249.63	14618 (AMAZON-AES) (AMAZON-AES)
1 2	184.72.245.68 184.72.245.68	14618 (AMAZON-AES) (AMAZON-AES)
27	8.248.143.252 8.248.143.252	3356 (LEVEL3) (LEVEL3)
3	2a04:4e42:54::84 2a04:4e42:54::84	54113 (FASTLY) (FASTLY)
19	8.241.121.252 8.241.121.252	3356 (LEVEL3) (LEVEL3)
1	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
67	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1 3	54.224.71.103 54.224.71.103	14618 (AMAZON-AES) (AMAZON-AES)
1	67.27.235.252 67.27.235.252	3356 (LEVEL3) (LEVEL3)
24	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	67.27.159.252 67.27.159.252	3356 (LEVEL3) (LEVEL3)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
18	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
60	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 13	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	52.216.110.53 52.216.110.53	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
11	2600:9000:215... 2600:9000:2156:6600:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3 6	44.237.151.190 44.237.151.190	16509 (AMAZON-02) (AMAZON-02)
25	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
14 56	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
6 12	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
6 9	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
10	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4	2600:9000:225... 2600:9000:225f:fa00:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.90.104.248 104.90.104.248	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
6	99.80.121.211 99.80.121.211	16509 (AMAZON-02) (AMAZON-02)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
3	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e033	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2600:9000:224... 2600:9000:224a:4e00:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
2 2	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
7 8	3.121.12.72 3.121.12.72	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.119.250 52.214.119.250	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:fe29:439e:4d6:8c92	16509 (AMAZON-02) (AMAZON-02)
4 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	185.86.138.120 185.86.138.120	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.156.184.150 18.156.184.150	16509 (AMAZON-02) (AMAZON-02)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1 1	52.212.85.16 52.212.85.16	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
4 4	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1 1	3.122.111.84 3.122.111.84	16509 (AMAZON-02) (AMAZON-02)
2 2	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
1 1	2600:9000:224... 2600:9000:224a:ae00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
9	2600:9000:215... 2600:9000:2156:8200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
3 3	3.120.72.86 3.120.72.86	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
3 3	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	() ()
13	35.169.97.154 35.169.97.154	() ()
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	() ()
477	60

1 184.73.249.63 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-249-63.compute-1.amazonaws.com

www.jpada.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.72.245.68 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com

www.123greetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 8.248.143.252 (United States)

ASN3356 (LEVEL3, US)

c.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:54::84 (United States)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 8.241.121.252 (United States)

ASN3356 (LEVEL3, US)

i.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

67 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.224.71.103 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-71-103.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.27.235.252 (United States)

ASN3356 (LEVEL3, US)

x.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.27.159.252 (United States)

ASN3356 (LEVEL3, US)

v.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.110.53 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2156:6600:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.237.151.190 (Boardman, United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-151-190.us-west-2.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 142.250.186.130 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.234.21 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.173.22 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225f:fa00:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.104.248 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-248.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.80.121.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-121-211.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:f7::5c7b:e033 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:224a:4e00:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.93 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.121.12.72 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-12-72.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.119.250 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-119-250.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:fe29:439e:4d6:8c92 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.120 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.184.150 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-184-150.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.85.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-85-16.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.28 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.111.84 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-111-84.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.192.27 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.168 (Uppsala, Sweden) 3 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:ae00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2156:8200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.72.86 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-72-86.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.150 (Portsmouth, United Kingdom) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (None, ) 2 redirects

ASN- ()

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 35.169.97.154 (None, )

ASN- ()

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ab::2c79 (None, )

ASN- ()

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
133	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124 efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com	1 MB
99	doubleclick.net 14 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	466 KB
51	123g.us c.123g.us — Cisco Umbrella Rank: 688066 i.123g.us — Cisco Umbrella Rank: 225890 x.123g.us v.123g.us	1 MB
28	adsafeprotected.com 3 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 711 static.adsafeprotected.com — Cisco Umbrella Rank: 533 dt.adsafeprotected.com	287 KB
25	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	948 KB
21	avantisvideo.com cdn.avantisvideo.com — Cisco Umbrella Rank: 17061 static.avantisvideo.com — Cisco Umbrella Rank: 17427 cdn1.avantisvideo.com — Cisco Umbrella Rank: 19522 avm.avantisvideo.com — Cisco Umbrella Rank: 17498 events1.avantisvideo.com Failed	296 KB
21	google.com 1 redirects apis.google.com — Cisco Umbrella Rank: 140 adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	76 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com	216 KB
15	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	549 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	11 KB
9	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 408 cdn.krxd.net — Cisco Umbrella Rank: 1256 consumer.krxd.net — Cisco Umbrella Rank: 1549	89 KB
9	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	8 KB
8	bidswitch.net 7 redirects x.bidswitch.net — Cisco Umbrella Rank: 287	5 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 ajax.googleapis.com — Cisco Umbrella Rank: 293	11 KB
6	yahoo.com 5 redirects ads.yahoo.com — Cisco Umbrella Rank: 913 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470 ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	4 KB
6	google.de adservice.google.de — Cisco Umbrella Rank: 8028	1 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	111 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 608	2 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 595	2 KB
4	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	1 KB
4	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2665 log.pinterest.com — Cisco Umbrella Rank: 3668	20 KB
3	sitescout.com 3 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 626	1 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 876	3 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 5889	1 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 808 s.tribalfusion.com — Cisco Umbrella Rank: 2305	2 KB
3	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1255	1 KB
3	createjs.com code.createjs.com — Cisco Umbrella Rank: 1220	188 KB
3	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 483	2 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 359 rtb.openx.net — Cisco Umbrella Rank: 1548	716 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98 web.facebook.com — Cisco Umbrella Rank: 217	3 KB
3	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2773	2 KB
2	admedo.com 2 redirects pool.admedo.com	715 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 329	529 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 528	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 312	921 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1902	1 KB
2	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 702 a.rfihub.com — Cisco Umbrella Rank: 3309	2 KB
2	everesttech.net 2 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3397 sync-tm.everesttech.net — Cisco Umbrella Rank: 560	912 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 327	942 B
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1372	150 B
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 35707	1 KB
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1751	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 868	344 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	84 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 109 i1.ytimg.com — Cisco Umbrella Rank: 1448	9 KB
2	123greetings.com 1 redirects www.123greetings.com — Cisco Umbrella Rank: 284678	10 KB
1	aniview.com play.aniview.com	739 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 19998	522 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	584 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 707	440 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 529	759 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2859	104 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 745	711 B
1	amazonaws.com s3.amazonaws.com	413 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	36 KB
1	jpada.com 1 redirects www.jpada.com	249 B
477	57

	Domain	Requested by
67	pagead2.googlesyndication.com	www.123greetings.com pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
60	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.123greetings.com efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com cdn.ampproject.org s0.2mdn.net
56	cm.g.doubleclick.net	14 redirects googleads.g.doubleclick.net efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
27	c.123g.us	www.123greetings.com c.123g.us
25	s0.2mdn.net	www.123greetings.com efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com s0.2mdn.net code.createjs.com
19	i.123g.us	www.123greetings.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com www.123greetings.com
15	www.googletagservices.com	googleads.g.doubleclick.net c.123g.us securepubads.g.doubleclick.net efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.123greetings.com
13	dt.adsafeprotected.com	efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
13	www.google.com	1 redirects tpc.googlesyndication.com www.123greetings.com efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
11	fonts.gstatic.com	fonts.googleapis.com
10	googleads4.g.doubleclick.net	www.123greetings.com
9	static.adsafeprotected.com	fw.adsafeprotected.com efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
9	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	x.bidswitch.net	7 redirects
8	cdn.avantisvideo.com	securepubads.g.doubleclick.net cdn.avantisvideo.com
6	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
6	beacon.krxd.net	efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com cdn.krxd.net
6	fw.adsafeprotected.com	3 redirects www.123greetings.com
6	efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net
6	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
6	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	image6.pubmatic.com	4 redirects
4	static.avantisvideo.com	cdn.avantisvideo.com
4	partner.googleadservices.com	pagead2.googlesyndication.com
4	v.123g.us	www.123greetings.com
3	pixel-sync.sitescout.com	3 redirects
3	pm.w55c.net	3 redirects
3	d5p.de17a.com	3 redirects
3	cms.quantserve.com	1 redirects efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
3	ups.analytics.yahoo.com	3 redirects
3	code.createjs.com	s0.2mdn.net
3	cdn1.avantisvideo.com	cdn.avantisvideo.com
3	sync.search.spotxchange.com	2 redirects googleads.g.doubleclick.net
3	trkn.us	1 redirects www.123greetings.com
3	assets.pinterest.com	www.123greetings.com assets.pinterest.com
2	pool.admedo.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	sync.1rx.io	2 redirects
2	a.tribalfusion.com	1 redirects googleads.g.doubleclick.net
2	pixel.rubiconproject.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	pixel.advertising.com	2 redirects
2	ssbsync.smartadserver.com	efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	r.scoota.co	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	cdn.krxd.net	s0.2mdn.net cdn.krxd.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	web.facebook.com	connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	apis.google.com	www.123greetings.com apis.google.com
2	connect.facebook.net	www.123greetings.com connect.facebook.net
2	www.123greetings.com	1 redirects
1	play.aniview.com	cdn.avantisvideo.com
1	ads.travelaudience.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	ajax.googleapis.com	s0.2mdn.net
1	consumer.krxd.net	cdn.krxd.net
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	s.tribalfusion.com	efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
1	rtb.openx.net	efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
1	d.agkn.com	1 redirects
1	a.rfihub.com	efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
1	p.rfihub.com	1 redirects
1	dclk-match.dotomi.com	efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
1	pixel.everesttech.net	1 redirects
1	um.simpli.fi	1 redirects
1	ads.yahoo.com	googleads.g.doubleclick.net
1	s3.amazonaws.com	c.123g.us
1	log.pinterest.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com	connect.facebook.net
1	x.123g.us	c.123g.us
1	www.googletagmanager.com	www.123greetings.com
1	i1.ytimg.com	www.123greetings.com
1	i.ytimg.com	www.123greetings.com
1	www.jpada.com	1 redirects
0	events1.avantisvideo.com Failed
477	87

This site contains links to these domains. Also see Links.

Domain
studio.123greetings.com
itunes.apple.com
play.google.com
nl.123greetings.com
www.addthis.com
info.123greetings.com
blog.123greetings.com
widgets.123greetings.com
help.123greetings.com

Subject Issuer	Validity	Valid
*.123greetings.com Go Daddy Secure Certificate Authority - G2	`2020-04-29` - `2022-04-29`	2 years	crt.sh
*.123g.us Go Daddy Secure Certificate Authority - G2	`2021-08-11` - `2022-09-12`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2021-01-19` - `2022-02-20`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.avantisvideo.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-07` - `2022-02-23`	2 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh

This page contains 63 frames:

Primary Page: https://www.123greetings.com/events/sukkot/sukkot10.html
Frame ID: 62FA59CEC3C269887B2ED3989878FB93
Requests: 94 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html
Frame ID: 63958DDD0616F1BA299B28C438B05CEA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1643625692&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070032345&bpp=3&bdt=1511&idt=125&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1111014703122&frm=20&pv=2&ga_vid=2085351050.1644070032&ga_sid=1644070032&ga_hid=991818160&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=3716343000056883&pem=908&tmod=2042259377&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=140
Frame ID: 21ECAEB468CD6238E5FDD1308D7126C7
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/v5.0/plugins/like.php?action=like&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df69e0cf6f590e8%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ffde58d4138d90c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&layout=button_count&locale=en_US&ref=fb_lk_cd_1&sdk=joey&share=true&show_faces=false
Frame ID: 201CF2A49F8FDE5E51FC8A8AFC5587D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1
Frame ID: C80C117D99888BFF60A4879333ED4DFD
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4E8AC96DBD834F14D111489B7E34A414
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BCCD0BD91580ABEC19B6AC9179A991E2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 83C3037019B1640FFD5BC10345D67A55
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D5845F64902D05F03A1601A4A38D710F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
Frame ID: E3B1B6237314774F262FE19C62F2A77C
Requests: 1 HTTP requests in this frame

Frame: https://web.facebook.com/v5.0/plugins/comments.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10aa016fefac38%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ffde58d4138d90c%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&locale=en_US&order_by=reverse_time&sdk=joey&version=v5.0&width=600
Frame ID: 88A3535D270BB4695EF8853382BB88B8
Requests: 1 HTTP requests in this frame

Frame: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 464F344DDC26CDBC35A8D1855D4A655C
Requests: 1 HTTP requests in this frame

Frame: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EAE34ECAD4B61AD3B5BA2594210DA2FA
Requests: 23 HTTP requests in this frame

Frame: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 92D6EC3C37F8425FDB99CFB63D906F3E
Requests: 20 HTTP requests in this frame

Frame: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5CF108428693F30C32EFEFFD95BF2B0E
Requests: 24 HTTP requests in this frame

Frame: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3F3D6289F810A554FBA758E9C4CFD384
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgeAfZmx-LMP0Xu6zd1hOq9guy-MFaBAELSc5kRNg5hb5lIn_7U4_jVbzlCpSihPd62xA-GIejq9dsBTgaadhyRalgH1LCKC-4DMKHodp3uaGivcUNugPgKpr5zwizosLdt7NO3NVPrdGFQiWA7xeZFGxwZEhdj8xATuL02j4Vv_sDk--ncWfMoXbm2fU0Xrjr78TCvoYjLAUirtqilmLquESYcMjfMX76-ozVEbq42xP_Co2F3HLtAHLT9C4DJg84j_JWnDgINX0G-Z_q5kfRjdY72BrZgcxqZ_2E2HVWG5kkUk0MsLo_gZQANaQ37gQqTHx4HKm9Q2POgL5iPFRSEg&sig=Cg0ArKJSzGISBm235qsiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 40BD219CCFD661D6F9F14953265B1A63
Requests: 11 HTTP requests in this frame

Frame: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4DF60DB1F8A7515A6499ED09CDCA328E
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: B6302F6A572A3D265B437DDD02911E95
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkWs1WFKa-zIKffC-tk_2luXGoh4B1S8-NJQXRoA6FqikTcg_GI5SSL-Nc2B_B-UJ-9uMjxkRVYCc88E9MKYaFLEseCeF2r4rwBRi95ySQLet_fU55lfDI7dfrrdxr-DatS0ohiQnpeam3xAfPsoyd7YmABAVjD9faFhng5cSwCDNl948wQ8KWb4TBduxzZyrCXgFjpRdyjtZQ1pfQ64SwGQg4pVd5SsUHk_vmbFAPlagtE4hb6QQYadMumLAUWX36SLr7lVOUhZsGv232BU-TnTM-rfO9BCj-9KmKCov3nE05re1gTEl4tGgXJrN8y5eryVdNnCpzn-CjgFSz&sig=Cg0ArKJSzHvWxYYrX7AuEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 13BBC198A81A6561AE8EFD8F79635546
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZLN7-OcXBG8-O16pxTMDEFhun8jnK4-1lpRUVAHV3s1hNEgMSMnrOClhrUZarWZ1h57Rxzlu_7A_2JPjXwr8gAswoj1_v278met-QboByKlSBARpjgBWdW220JTTO08DLg89OG9a-zTHbkD2t9SqZ2s3ZmLp_qF3cQDSiPOeKu26POw0BgRPf0WKaTm0-e9HJH3LNhz3RaJvB_EZRT524_hekBxzHZgwgrKrzdrTg_c5B_ISJa5vA5oJS9O5xObt8uLK-kBtKJYwYI1-sXFkOfW8_Dqe9hmH04NSgZZLR2IaDFekAdJXtqBls5arl6myq9o3XrxMOa7rDZCV-&sig=Cg0ArKJSzLCqj9R0MRhcEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 05E2CEDF88F77B21FAB1F3B47A1BE01D
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTQWlPUuD35-mzQdatvNXINbzMt9NV4qEcqYnTjyweZVAb5hC4LLfOZ5Cg9ftV208c4d7VTnN1ISPCtU-HgeRQPb70xQ7RtJARZK9HlSG4kSkQw91SK0AhrQxg95FU2wm42bCqQv1ah3UnG5BqcJMQw_s0SH-X5SAwwAGg5xUFqAXAG7xQbV_WXMkbirgX_GgHKpFRe8Q1m9gYLoF_ulnCaH9tFL-0F371XNzAkvDc4CcP2MN13TCO9D9TuzLXwTOUyHvVLAoQEVLxgQ0uM9IXK4iFsotjqXNIv4qpnwJaF9do1XdO4eQ1Ff3EIFXg4I4lbLz7UDjrJBdJYe7G&sig=Cg0ArKJSzMnEULzbpIP5EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 25BD36E8598923A169103845A79D354E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEUYT0INwMjqn94V69ehQPoADOlow7N-Y_wGq3n55y0pcUMj3KZFf9eObtGVt90wg3Zcyl0likaYjfu-zw_aKnwPkF48hwDkufAVrp9789ChE79C407r3C2FxMGOVfbu6zgpM137egJmcIKgaxVtxFjkR7MIGlP5garyCFOZpwtqmjlaO9abEzcsR5XgtNVqVA2msUzhw3y_QKBxjhF0uVs9dzI0eleN4U70PdIpilW5IM9YWnleVjiUtzOLnTXQ65iWprbX54c-Y5NwGkIECg_CknHi7DFcdyTZdOjYdKHsaxKNbncfsXnzAU5No5H4QpjVTrhNVKEiGOBZN8O8s6KiRoH1o6&sig=Cg0ArKJSzAdIwRGUIec8EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B366FFFC65DC583A33E978A4890C3058
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGPinrb0BMAE&v=APEucNV_b0UlF0pNJVTuzAx-_2FKDOtnfBdD-yHX9_oxPwKM12LMBrjKdI8QsCm-lMs5i066Lf4M0kH6KX7t1s6z6EUP8frP_VJBqht_dVsc0O8SG_X4AZJdgOTVwE_msAgZR0X9z15GQdmx5rMF0GDZkalkUxlUF4JiPNI_O6Cvm35XknfCew8
Frame ID: 9033A2CD2F60C70E5C20F51A1611EA12
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNXahbM-0CSjHs2oEb1Tz6ld-cfX-N5MMvv5m8mcwZK0SzaXVGpkYusQb5FOr_bwlTnaGcwJ3JTakINDV9wEhby1W9TKvQDCzLWMD8taTh3ikym0su0TVIWzG6d-OHc5pjYaHaFUpAqcz8RvvONCAP4QEJ682PoCXmzySANDpe97LNz5RSg
Frame ID: 40EEBE48B6EE7B5FE22C5AB9BE696C1B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_NTjwAEwAQ&v=APEucNUBRTZK_zPkfmrg7zDgI63cM2vkbZtrkBzfSO6fMuI63RViJnohnS3UuA5ygb_KKVIRJfkAOj0_VruLKqLHsPSqNLUzU1NuO9jBu4_5H8Hn1YrWK3zkSIPFWxHQ76hEaBVFskCZWdi4EQPzukkYTwDhjfK4PuyBl3tNGY9c5RSk2nulbaw
Frame ID: DA11B1DFF8F70BAFCC5557D364EA766C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNX0Rzq0JAYnPRPkZBupQXNbLZo-RqRvCUYID6Y5cX3mwZr5whp2a0eGHh3ICqWE-_7nn9Q2-8oY5lq00DS-wQ6h6XpOfVEOZaXt2aTpCXKrdS2LglWUqAJ4J-O4JwN7C4jRxQerG0JD1MuuVZ2q2EkFnZz0qEvR7GukaZBVVvwkAkRWpbs
Frame ID: 4B959A5E23484218493D7A764C1BB18F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahi0-pq8ATAB&v=APEucNVEQmfLh6CUl95L9HdNiW7gWq5nWdIRgooZ4ocXxvNRl4KjfE-r_cTaT8Jv6rpr-NBFQRYcf9dHDWUwVIdBDx4c4rJf4RLq_SYGb3T105d2GeRCw-Lo5YbbCn2vp_J7Ib7MyhUz9fnpuAlbbNhQ1wfq0so94ABjRMyuT6uhKYffZ7LLmw0
Frame ID: 24CADF8026CCED05821C11805AD08351
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5968639485&adk=2761460659&adf=272530240&pi=t.ma~as.5968639485&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035293&bpp=11&bdt=132&idt=221&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=2&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=1571542740&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2048&biw=1600&bih=1200&isw=300&ish=250&ifk=2321873798&scr_x=0&scr_y=0&eid=42531398%2C31064036%2C31063221%2C21065725&oid=2&pvsid=4306747683082109&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t5koc7w0c16m&btvi=1&fsb=1&dtd=240
Frame ID: D26EEDCADEEDD2C639B9444EDCADCCEA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_LMrec2_16526K&adk=2587679829&adf=272530255&pi=t.ma~as.Google_LMrec2_16526K&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035305&bpp=5&bdt=129&idt=248&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=741711046&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=1330430865&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=2398180986554050&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.33jngu59ejlu&btvi=1&fsb=1&dtd=269
Frame ID: E8EA845368FC30C967D276DC6B2883AD
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=7691821754&adk=2833670827&adf=776186316&pi=t.ma~as.7691821754&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035391&bpp=4&bdt=212&idt=193&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=623277121&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=3097249311&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=4436955030176171&pem=908&tmod=1056153063&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.rhvm6zc4novi&btvi=1&fsb=1&dtd=203
Frame ID: 6E085D5D473BF3E378CCD7E11EC18A4E
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15360649606527256241/index.html
Frame ID: 80F1C96ED271A6E2ACD9A9EBF15DE016
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63D0D64A475460AF759423B08554E61F
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2
Frame ID: 56E930D79FE85CB494730BEF43318902
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1179665840288294935/index.html
Frame ID: 361B25E2392B2B380F457759CFA20C04
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 72D181BAFC9722F5B29F24118D628E01
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 47F78F92060734BAC8538F0B89749B55
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 90B1944682D06AA7772A6DDB3CED9B7C
Requests: 9 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: F04290B85C01422C0FCF2DDB6DFE8603
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 049BBA0925DBA1305DBDBD77F4E3F47E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E50CCDD51D46D115FEC411EC5CC58303
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C6A5240D099EDACCDE4F8D6CEAFC7C8C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15360649606527256241/index.html
Frame ID: 45AE8FF63324B2DB6C498489E86CF62F
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 249A8696F7522CC8FD495D9F22EFE3B4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 679DE2FF6AEA00E4E492B32D5C8086A7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C8935D46802D6B85DAACF60ADB3A6FED
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D125370E5607F59668F84B498BE1F9BC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3CEDA463CA4EFD220B11857E36233EC0
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4A572BA0FB99AC105E1D293F5F5A4DDE
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: AFD1A9A5B1E08DE544F96CC115ADFC6C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: D05D75A8BAB307FD2B4D6C59AB8D3737
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
Frame ID: 789E7A34CA736B3752A253DF6B20BBAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
Frame ID: CD285C4B87C46B1F1AC87698E3DD4D76
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 6CD926AB35B5FFCD47DD4BDC4E15C8F9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
Frame ID: EA752C0AD0B33262B12305D9E3681593
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
Frame ID: 8E4665474128EBA066301816185A2E02
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BC53BA4FD9E7D3E89E3E811D9431B362
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AB00257DC1ACFEC8C7E53F012E7B9C3A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FD28359CAD50A1FC705E876D81FF99BD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E073512C65A5C58C501B3A42533E64E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D18D9F37CA0D04593C584F0389CD9809
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3A757909F788071941B837912A5C6E5
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 47E0AF1AF30BCC3126F7D202CC45D088
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blessings On Sukkot... Free Sukkot eCards, Greeting Cards | 123 Greetings

Page URL History Show full URLs

http://www.jpada.com/cgi-bin/click.pl?cid=nl010245202206&lid=217801&uid=202812725?utm_source=img1... HTTP 302
https://www.123greetings.com/events/sukkot/sukkot10.html Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

477
Requests

87 %
HTTPS

44 %
IPv6

57
Domains

87
Subdomains

60
IPs

10
Countries

5916 kB
Transfer

14265 kB
Size

72
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://studio.123greetings.com/
Title: Studio

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/in/app/123greetings/id718873921?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.g123

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/blog/
Title: Editor Bob's Blog

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/company/pressroom/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://blog.123greetings.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://widgets.123greetings.com/
Title: Widgets

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/tell-a-friend
Title: Recommend Us

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/contact_us.html
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.jpada.com/cgi-bin/click.pl?cid=nl010245202206&lid=217801&uid=202812725?utm_source=img1&utm_medium=newsletter&utm_campaign=Feb22_nl_wk1 HTTP 302
https://www.123greetings.com/events/sukkot/sukkot10.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.123greetings.com/usr-bin/view_sent.pl?type=VW&cardid=121029 HTTP 302
https://c.123g.us/images/zero.gif

Request Chain 70

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6878490120.5118065&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible HTTP 302
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6878490120.5118065&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible&ip=138.199.38.132&cuidchk=1

Request Chain 92

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yf6Ek.-U.aWhgilL8nUnyQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1

Request Chain 196

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D

Request Chain 197

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1

Request Chain 198

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yf6Ek.-U.aWhgilL8nUnyQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1

Request Chain 200

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1

Request Chain 213

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yf6Ek.-U.aWhgilL8nUnyQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2

Request Chain 214

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1

Request Chain 215

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM9wDJEOQy04e13z0NvKQVg&google_cver=1

Request Chain 234

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFugUEI--q6z_oIQFcDgEGU&google_cver=1

Request Chain 243

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIH5XednhNITAIb3w7qlGSA&google_cver=1

Request Chain 244

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=ec32e014-868c-11ec-9962-152b84bd0306 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZWMzMmRmYTItODY4Yy0xMWVjLTk5NjItMTUyYjg0YmQwMzA2

Request Chain 312

https://um.simpli.fi/gp_match?google_gid=CAESEI4Pia8JsM6AA1lLn7EkQ3U&google_cver=1&google_push=AYg5qPLcmkPwMrV4uEelzAC9kpi_VrtzXim7pp5YJqjVyUEINLtSOBl4S6KJpzjlhOs6yqYd0VxcsgjxCGqWdKIPDMpOLBcrgG2IKg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C57789A137445FA8F2B6B05E6152F12&google_push=AYg5qPLcmkPwMrV4uEelzAC9kpi_VrtzXim7pp5YJqjVyUEINLtSOBl4S6KJpzjlhOs6yqYd0VxcsgjxCGqWdKIPDMpOLBcrgG2IKg

Request Chain 313

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEESxC-H8mbEYDZ4cRdPgRoQ&google_cver=1&google_push=AYg5qPIldTilO9TB6lHsF29UtMpqHVJ_yZ354zAmxQXp39YzeA20XRMU2jqRKoD6ycl8_r6wKpU47brKJNOZWjxMRIE3Pbn6uVyQNw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTIyNzAzNjk1NjU1NTQwOQ%3D%3D&google_push=AYg5qPIldTilO9TB6lHsF29UtMpqHVJ_yZ354zAmxQXp39YzeA20XRMU2jqRKoD6ycl8_r6wKpU47brKJNOZWjxMRIE3Pbn6uVyQNw

Request Chain 314

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1&google_push=AYg5qPLDaPzqQDSHrgnAYBBiYSoezQ1GWok_XgR58j0YqW0RsB7UPUN2MwHBGqCGWtP8tiVinpbwSJcm6hVXSrfeNlSmRmeqZX5yEA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1&google_push=AYg5qPLDaPzqQDSHrgnAYBBiYSoezQ1GWok_XgR58j0YqW0RsB7UPUN2MwHBGqCGWtP8tiVinpbwSJcm6hVXSrfeNlSmRmeqZX5yEA HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=28e44849-c3fa-40a0-9c11-df848c5be2b4&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJlLC8b3-s-s3nVh5_j5yhV1bQHBrEC2XFn54gf5uxh9O3WBIEU-biWN-4vXBHAzeU_i5pfuSF2hk5GlffCaZG7sPKja2jy&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==

Request Chain 315

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBd29pctppWfTEFXtN7XSXQ&google_cver=1&google_push=AYg5qPLZ-H5YimnVJ3S1O6WX9FZdi-BHFfpV-gYMWURjYdfbTHqdfFrTpXH81QCjOX-uITNIhQvogRpxbvQw-VOzeBwmjL5EkQdk7g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLZ-H5YimnVJ3S1O6WX9FZdi-BHFfpV-gYMWURjYdfbTHqdfFrTpXH81QCjOX-uITNIhQvogRpxbvQw-VOzeBwmjL5EkQdk7g&google_hm=MjM4OTc0OTg4NjQzNDA2MzQ2

Request Chain 316

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAedlqWHs5Hwgs9NXOtiR9Q&google_cver=1&google_push=AYg5qPILKHTgfmr2AbYNtfGe5k7yLiXARr_aL7bZ58rLt8ebgdbWQ6zaZX9akRrJKgkfa_Qx_y25frPcNpGbKcRDPJ98hLKNdxj5 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAedlqWHs5Hwgs9NXOtiR9Q&google_cver=1&google_push=AYg5qPILKHTgfmr2AbYNtfGe5k7yLiXARr_aL7bZ58rLt8ebgdbWQ6zaZX9akRrJKgkfa_Qx_y25frPcNpGbKcRDPJ98hLKNdxj5&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5rfA0A-PRTyCL6n9Ob60lw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPILKHTgfmr2AbYNtfGe5k7yLiXARr_aL7bZ58rLt8ebgdbWQ6zaZX9akRrJKgkfa_Qx_y25frPcNpGbKcRDPJ98hLKNdxj5

Request Chain 318

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPjxtU0KP_JJ8jZhOZVaCLQ&google_cver=1&google_push=AYg5qPJWmvUAqiPmGiBQjzDd-tJYihVg4Cx1TzeouKtolDg91j2jcXUGcNtTy0mZCHl2H08J0WRqdRcYubT1FIEMUaSklFgUVFQAuYM HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPjxtU0KP_JJ8jZhOZVaCLQ&google_cver=1&google_push=AYg5qPJWmvUAqiPmGiBQjzDd-tJYihVg4Cx1TzeouKtolDg91j2jcXUGcNtTy0mZCHl2H08J0WRqdRcYubT1FIEMUaSklFgUVFQAuYM&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPjxtU0KP_JJ8jZhOZVaCLQ&google_cver=1&google_push=AYg5qPJWmvUAqiPmGiBQjzDd-tJYihVg4Cx1TzeouKtolDg91j2jcXUGcNtTy0mZCHl2H08J0WRqdRcYubT1FIEMUaSklFgUVFQAuYM&apid=UPec735f52-868c-11ec-b9b5-0213114c0708 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlYzczNWY1Mi04NjhjLTExZWMtYjliNS0wMjEzMTE0YzA3MDg%3D&google_push=AYg5qPJWmvUAqiPmGiBQjzDd-tJYihVg4Cx1TzeouKtolDg91j2jcXUGcNtTy0mZCHl2H08J0WRqdRcYubT1FIEMUaSklFgUVFQAuYM

Request Chain 321

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKu_kHayW95CbQux9Z2S0GoEsKujUJnM8FM8dHRqEn_53SUoZMchQC2U8RBgbQsv4LYJUVbac_GRf3MZVHOok_ZY6FMOlPG&google_gid=CAESEL5qOSkDIYpRZ0viR0NMH8M&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWY2RWxBQUFCRzRFNEYxUw&google_push=AYg5qPKu_kHayW95CbQux9Z2S0GoEsKujUJnM8FM8dHRqEn_53SUoZMchQC2U8RBgbQsv4LYJUVbac_GRf3MZVHOok_ZY6FMOlPG

Request Chain 323

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEHDK2WNhaTfErzNl6pDPaEI&google_cver=1&google_push=AYg5qPJgbZEhr0j8iuI9qI1ULVZSKuubyKjK7X3CYT0Jl-PtLfr2OfcmZBnkpOMkP-3RICgtzCMumjFMBmMMKYwjYkgjZvg6COfN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJgbZEhr0j8iuI9qI1ULVZSKuubyKjK7X3CYT0Jl-PtLfr2OfcmZBnkpOMkP-3RICgtzCMumjFMBmMMKYwjYkgjZvg6COfN&google_hm=MjQzMTgxOTk3NTU0NjkwMDk1NA== HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 324

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELF5UNlavPJpJPNCmhCf7Ko&google_cver=1&google_push=AYg5qPJZCoj7kjaD_Js809PGq7ag5ZuYVsCRB8Sv8Q5pRsC8F48iLMYbwHnv6aY0Dd5QFtqY49YdEuqmcp_Mntik3cD-qMi4enOO HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELF5UNlavPJpJPNCmhCf7Ko&google_cver=1&google_push=AYg5qPJZCoj7kjaD_Js809PGq7ag5ZuYVsCRB8Sv8Q5pRsC8F48iLMYbwHnv6aY0Dd5QFtqY49YdEuqmcp_Mntik3cD-qMi4enOO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPJZCoj7kjaD_Js809PGq7ag5ZuYVsCRB8Sv8Q5pRsC8F48iLMYbwHnv6aY0Dd5QFtqY49YdEuqmcp_Mntik3cD-qMi4enOO

Request Chain 325

https://match.360yield.com/match/ebda?google_gid=CAESEL6gR7p_KH7K_kll82miE5A&google_cver=1&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEL6gR7p_KH7K_kll82miE5A&google_cver=1&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ

Request Chain 330

https://d.agkn.com/pixel/2175/?google_gid=CAESEFixinbaOhB63pb0OjuJmOg&google_cver=1&google_push=AYg5qPJb_5AIk6bgfQT3w80bwQ0aWYeYJJlczt1l5f452b8KwUsZfhcCXJWGygOvWDQm8NjzRXSTio0UsXEHCDmnuCAgFuJjtHmZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJb_5AIk6bgfQT3w80bwQ0aWYeYJJlczt1l5f452b8KwUsZfhcCXJWGygOvWDQm8NjzRXSTio0UsXEHCDmnuCAgFuJjtHmZ&google_hm=Q0FFU0VGaXhpbmJhT2hCNjNwYjBPanVKbU9n

Request Chain 331

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ5VCLzJEBdME49-t3X3ZN0W0-PDTM44ud_9LNBkvAZWUIQOjwIMvduBGftzJMDCr9KFF2EAqoFVDOpYWF-ozMR3UBOzOM&google_gid=CAESEKzpEKsH6msUeTPzBacccF8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ5VCLzJEBdME49-t3X3ZN0W0-PDTM44ud_9LNBkvAZWUIQOjwIMvduBGftzJMDCr9KFF2EAqoFVDOpYWF-ozMR3UBOzOM&google_gid=CAESEKzpEKsH6msUeTPzBacccF8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMDUxNDA3MTYwMDAzMTA2MTc2MjQ4Ng%3D%3D&google_push=AYg5qPJ5VCLzJEBdME49-t3X3ZN0W0-PDTM44ud_9LNBkvAZWUIQOjwIMvduBGftzJMDCr9KFF2EAqoFVDOpYWF-ozMR3UBOzOM

Request Chain 333

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAedlqWHs5Hwgs9NXOtiR9Q&google_cver=1&google_push=AYg5qPJNJEMAazGuiRBUHWcCXjb3kNdjuwH3dNNHuG7_3GlVjEYBeNEQgcAOG7UqUF-fYVSnET3L8t5FMpZa22FE2NXF4zqBpBk HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAedlqWHs5Hwgs9NXOtiR9Q&google_cver=1&google_push=AYg5qPJNJEMAazGuiRBUHWcCXjb3kNdjuwH3dNNHuG7_3GlVjEYBeNEQgcAOG7UqUF-fYVSnET3L8t5FMpZa22FE2NXF4zqBpBk&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nQC8pV2iQjaxdlNmFQi-zA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJNJEMAazGuiRBUHWcCXjb3kNdjuwH3dNNHuG7_3GlVjEYBeNEQgcAOG7UqUF-fYVSnET3L8t5FMpZa22FE2NXF4zqBpBk

Request Chain 334

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOoNP7aOHd8CZG9NElqVauk&google_cver=1&google_push=AYg5qPJS9HcCYl4tfl6EzfKrJf7G_RGDSDUxiuHOJBBu_aad4HwFZd112YY3S7GVZHn3PFqmMF8rKnK3EkdkhDHUMSHu2jGW1teg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o5V1VNU1ItMjUtQTZCWQ==&google_push=AYg5qPJS9HcCYl4tfl6EzfKrJf7G_RGDSDUxiuHOJBBu_aad4HwFZd112YY3S7GVZHn3PFqmMF8rKnK3EkdkhDHUMSHu2jGW1teg

Request Chain 335

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_cver=1&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E

Request Chain 338

https://a.tribalfusion.com/i.match?p=b6&u=CAESENtRj8Tnb4DZkE9onCIAoA4&google_cver=1&google_push=AYg5qPI9WCLAM_mDYZPIBOi5rMPKqj18TcfeG6MBnijFhceFS3dkmHUESXoTenG-Y38ceHms9Gq1Ma9WqvpS2by3dUr1jvUUomcCFg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI9WCLAM_mDYZPIBOi5rMPKqj18TcfeG6MBnijFhceFS3dkmHUESXoTenG-Y38ceHms9Gq1Ma9WqvpS2by3dUr1jvUUomcCFg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENtRj8Tnb4DZkE9onCIAoA4&google_cver=1&google_push=AYg5qPI9WCLAM_mDYZPIBOi5rMPKqj18TcfeG6MBnijFhceFS3dkmHUESXoTenG-Y38ceHms9Gq1Ma9WqvpS2by3dUr1jvUUomcCFg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI9WCLAM_mDYZPIBOi5rMPKqj18TcfeG6MBnijFhceFS3dkmHUESXoTenG-Y38ceHms9Gq1Ma9WqvpS2by3dUr1jvUUomcCFg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 339

https://d5p.de17a.com/cookies/google?google_gid=CAESED7QMVoc33cW4Nz_FL_mFM4&google_cver=1&google_push=AYg5qPJRc0hVCzXDQh9O_W94T0AvSHInE79FpLfvVHh9ZNWhTs3JMbRGNQ7uKKNHAZksqSajNs1kS4sIQwseCjbsBbX7kjpO4qug HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED7QMVoc33cW4Nz_FL_mFM4&google_cver=1&google_push=AYg5qPJRc0hVCzXDQh9O_W94T0AvSHInE79FpLfvVHh9ZNWhTs3JMbRGNQ7uKKNHAZksqSajNs1kS4sIQwseCjbsBbX7kjpO4qug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJRc0hVCzXDQh9O_W94T0AvSHInE79FpLfvVHh9ZNWhTs3JMbRGNQ7uKKNHAZksqSajNs1kS4sIQwseCjbsBbX7kjpO4qug

Request Chain 340

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIzTkL10HjlLcluS8-gWaKQ&google_cver=1&google_push=AYg5qPKq6nhDI5gDjS6oxJtaYG1DPMjYK692oCH7rgygfs8ZGF4xFob0MDtgtgm4W2dBhJUwqJtnD7CO4kiH0zCtf0iWkmcOZO_8Tg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKq6nhDI5gDjS6oxJtaYG1DPMjYK692oCH7rgygfs8ZGF4xFob0MDtgtgm4W2dBhJUwqJtnD7CO4kiH0zCtf0iWkmcOZO_8Tg

Request Chain 341

https://onetag-sys.com/sync/i,19/?google_gid=CAESEM46Vs6x7UPSw44D_8cNINE&google_cver=1&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l

Request Chain 342

https://match.360yield.com/match/ebda?google_gid=CAESEL6gR7p_KH7K_kll82miE5A&google_cver=1&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEL6gR7p_KH7K_kll82miE5A&google_cver=1&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA

Request Chain 343

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKkoohhERT_8QPaKM8WN1gY&google_cver=1&google_push=AYg5qPLEMJYBVuB4Vz_VPNhNPCpgUM9kLRgnJWDw73Ya9-LxKQDGfULCHdOSryLL8WertlRT8jYTY50LWky60LlGXgE2LmV_KdbBNA HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPLEMJYBVuB4Vz_VPNhNPCpgUM9kLRgnJWDw73Ya9-LxKQDGfULCHdOSryLL8WertlRT8jYTY50LWky60LlGXgE2LmV_KdbBNA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1644070036253 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-6d35dc82-76cd-4ea1-8aff-7ed8c5bf1156-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLEMJYBVuB4Vz_VPNhNPCpgUM9kLRgnJWDw73Ya9-LxKQDGfULCHdOSryLL8WertlRT8jYTY50LWky60LlGXgE2LmV_KdbBNA%26google_hm%3DA2013IJ2zU6hiv9-2MW_EVY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLEMJYBVuB4Vz_VPNhNPCpgUM9kLRgnJWDw73Ya9-LxKQDGfULCHdOSryLL8WertlRT8jYTY50LWky60LlGXgE2LmV_KdbBNA&google_hm=A2013IJ2zU6hiv9-2MW_EVY

Request Chain 344

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMnDtTzbzgva5HI5rrAmNYw&google_cver=1&google_push=AYg5qPLpl5O3TT3I-Pbiz4c7P9eJzxshdXoloG0ybhjkwFCg3DfPBb49PgCmidGlm6q3QD6iY7RfNDfDl2N_Vj5HUQfHcNh8OKCI2A HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMnDtTzbzgva5HI5rrAmNYw&google_cver=1&google_push=AYg5qPLpl5O3TT3I-Pbiz4c7P9eJzxshdXoloG0ybhjkwFCg3DfPBb49PgCmidGlm6q3QD6iY7RfNDfDl2N_Vj5HUQfHcNh8OKCI2A&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IZFhXY3A1RTJ1RWJuQTRjVUU1dTZhdTVnQWU5WHA2X35B&google_push=AYg5qPLpl5O3TT3I-Pbiz4c7P9eJzxshdXoloG0ybhjkwFCg3DfPBb49PgCmidGlm6q3QD6iY7RfNDfDl2N_Vj5HUQfHcNh8OKCI2A

Request Chain 369

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPK8Y6LsizndQPWLO3ULzHdaupkr9pLQb-4HdmuHdm5f3GxFC4spgBUgofnrH-CtSIeVicbD0nAN7lidp3eZzBhsvS3Vhg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPK8Y6LsizndQPWLO3ULzHdaupkr9pLQb-4HdmuHdm5f3GxFC4spgBUgofnrH-CtSIeVicbD0nAN7lidp3eZzBhsvS3Vhg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OWRzWVU5bnAxTmdsSUU1&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPK8Y6LsizndQPWLO3ULzHdaupkr9pLQb-4HdmuHdm5f3GxFC4spgBUgofnrH-CtSIeVicbD0nAN7lidp3eZzBhsvS3Vhg

Request Chain 370

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIqdIz6eaQ5YDCU8f1i-5nE&google_cver=1&google_push=AYg5qPK55YIBSLRF4vCYUoFAQ0-UEpLicw_trjGxEP4ezLQR8uOk8UpfPqAcrOTHPXdLqIhdtPYI9HlpplF5AdanTuBTcy9TKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIqdIz6eaQ5YDCU8f1i-5nE&google_push=AYg5qPK55YIBSLRF4vCYUoFAQ0-UEpLicw_trjGxEP4ezLQR8uOk8UpfPqAcrOTHPXdLqIhdtPYI9HlpplF5AdanTuBTcy9TKQ

Request Chain 371

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIBVZylfuuSRz2XCaLu76Eg&google_cver=1&google_push=AYg5qPLIiDYCAnL0gRFwRVyIsmGxO3AI3f9-HOzILBW7lGSL5dpeOZss6oIdIL3uQ2bNdXLu9_wxhUNCOvt3onxhdzSoT12CF9A HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEIBVZylfuuSRz2XCaLu76Eg&google_cver=1&google_push=AYg5qPLIiDYCAnL0gRFwRVyIsmGxO3AI3f9-HOzILBW7lGSL5dpeOZss6oIdIL3uQ2bNdXLu9_wxhUNCOvt3onxhdzSoT12CF9A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=UdhR1EXlTrOB20YXcOXnyGH-hJQ

Request Chain 372

https://ads.travelaudience.com/google_pixel?google_gid=CAESELL7-Jt609qFGOD6RjACuSA&google_cver=1&google_push=AYg5qPJjsGsx1Qe0vjBhi7nzpIYKBoWb_2hDqQ4QCJITXAbWb6O7fbgBwMwovG0W4keRWzWzA9rtw7inkxnD41uAdZqvB6lM3ek HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rwd8T3JET-S5VxtexBV55g2&google_push=AYg5qPJjsGsx1Qe0vjBhi7nzpIYKBoWb_2hDqQ4QCJITXAbWb6O7fbgBwMwovG0W4keRWzWzA9rtw7inkxnD41uAdZqvB6lM3ek

Request Chain 373

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1&google_push=AYg5qPIExZ2jTCeDHrWHEUtDsBTwSByNrVbKnDGuuUXp6_Mf6sl0xWaBNoipNHrnNv2dv_NajJSN10JT9MIvvsrdB93n2hEJN0A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIExZ2jTCeDHrWHEUtDsBTwSByNrVbKnDGuuUXp6_Mf6sl0xWaBNoipNHrnNv2dv_NajJSN10JT9MIvvsrdB93n2hEJN0A&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==

Request Chain 374

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOoNP7aOHd8CZG9NElqVauk&google_cver=1&google_push=AYg5qPIhRtLpFpfe7luNBU1eevR1BuPGGjJAVWEnbHx689SrdRkLGU_1ITisbbF2M4MQpFbS7GIzSWnz1LZ-6SvTwQvx5_E7ArA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o5V1VNWTAtMUItNjgxVQ==&google_push=AYg5qPIhRtLpFpfe7luNBU1eevR1BuPGGjJAVWEnbHx689SrdRkLGU_1ITisbbF2M4MQpFbS7GIzSWnz1LZ-6SvTwQvx5_E7ArA

Request Chain 399

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEESxC-H8mbEYDZ4cRdPgRoQ&google_cver=1&google_push=AYg5qPKNDzLMaq-jKIaPqg0IqRalpUi2WZ0F-ahE_VCiC1GV33sir7YclNTQiyIZ7vMnumnOCuWFfMpmV3rrlvRZi5TXAIATSM4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTIyNzAzNjk1NjU1NTQwOQ%3D%3D&google_push=AYg5qPKNDzLMaq-jKIaPqg0IqRalpUi2WZ0F-ahE_VCiC1GV33sir7YclNTQiyIZ7vMnumnOCuWFfMpmV3rrlvRZi5TXAIATSM4

Request Chain 400

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1&google_push=AYg5qPIU8UOnh5kI0FdzggLaC_RLB3XpfiFQskJCQ2Vi9qC-Htu40hFlCk5Z6znxPYrNd2TaRq19iui4l_eoii_0ax1qF9VQQreJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIU8UOnh5kI0FdzggLaC_RLB3XpfiFQskJCQ2Vi9qC-Htu40hFlCk5Z6znxPYrNd2TaRq19iui4l_eoii_0ax1qF9VQQreJ&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==

Request Chain 401

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBd29pctppWfTEFXtN7XSXQ&google_cver=1&google_push=AYg5qPIXbwuTvL-dKHicM7YAcliJpdj-YcjPWGZkSNafb3XHOaRZrbg_-0SvFBF0u--3q3oOtevh2GcxcTJji4_YUmqHuEPJ90UD HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIXbwuTvL-dKHicM7YAcliJpdj-YcjPWGZkSNafb3XHOaRZrbg_-0SvFBF0u--3q3oOtevh2GcxcTJji4_YUmqHuEPJ90UD&google_hm=MjM4OTc0OTg4NjQzNDA2MzQ2

Request Chain 402

https://d5p.de17a.com/cookies/google?google_gid=CAESED7QMVoc33cW4Nz_FL_mFM4&google_cver=1&google_push=AYg5qPLBV5UAhx1kQaV0n3I14Nm3HT-Pi6MIQKzn3C-RipUTPnLKPZLgoC6jDWOwT8r55L8uKo2no8hzcicdZXIszqTQNb8fhIcZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLBV5UAhx1kQaV0n3I14Nm3HT-Pi6MIQKzn3C-RipUTPnLKPZLgoC6jDWOwT8r55L8uKo2no8hzcicdZXIszqTQNb8fhIcZ

Request Chain 403

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELF5UNlavPJpJPNCmhCf7Ko&google_cver=1&google_push=AYg5qPK4QkBQnxmfLNQ8bESwGb8B7uPSv0kIACWdevhM0KHrYnaPaLKZ4yVhN5ZY3MyyFxPQU2jy79sTPDuN_-wxffB9QHS2LY4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPK4QkBQnxmfLNQ8bESwGb8B7uPSv0kIACWdevhM0KHrYnaPaLKZ4yVhN5ZY3MyyFxPQU2jy79sTPDuN_-wxffB9QHS2LY4

Request Chain 407

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIof9Jxw7bsIFryC3auOrrA&google_cver=1&google_push=AYg5qPI1qAlNw9K6lGHsb4Kvzr4FnAe0-6TzwFf8KddOdGAaED8EhydGiYd3gq9SuEwWhVYUfT7zPx02wGoofU1XXWShiIT3ZXtf HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI1qAlNw9K6lGHsb4Kvzr4FnAe0-6TzwFf8KddOdGAaED8EhydGiYd3gq9SuEwWhVYUfT7zPx02wGoofU1XXWShiIT3ZXtf&google_hm=8ZMHzfUgh2pIJgksTtM4CQ

Request Chain 408

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPLVjFNm0KiA-qm0RUeETq7FMiwJGHZVo3wDLbM5cBg0403pNsUC17_TUW4sewTi3rgJpq8rs1Ogd8mwESUAwXHEqgICOozL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OWRzWVU5bnAxTmdsSUU1&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPLVjFNm0KiA-qm0RUeETq7FMiwJGHZVo3wDLbM5cBg0403pNsUC17_TUW4sewTi3rgJpq8rs1Ogd8mwESUAwXHEqgICOozL

Request Chain 411

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIBVZylfuuSRz2XCaLu76Eg&google_cver=1&google_push=AYg5qPKFPXoeltxHk-3jOmXVa_u4VfFZ5NKZvmuGLmmvVpOHnhkge-GugDe49Esh7gThG_TIrSt2WOt7qWzlGJFLxYmC_UNOYQWO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=UdhR1EXlTrOB20YXcOXnyGH-hJQ

Request Chain 412

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1&google_push=AYg5qPJlLC8b3-s-s3nVh5_j5yhV1bQHBrEC2XFn54gf5uxh9O3WBIEU-biWN-4vXBHAzeU_i5pfuSF2hk5GlffCaZG7sPKja2jy HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1ac4bd40-597e-4529-ae5c-9327496200b9 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1ac4bd40-597e-4529-ae5c-9327496200b9 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=675569e2-1056-4aec-8abd-6b38ef96d529&user_group=1&ssp=google&bsw_param=1ac4bd40-597e-4529-ae5c-9327496200b9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=GsS9QFl-RSmuXJMnSWIAuQ== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1

Request Chain 413

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELF5UNlavPJpJPNCmhCf7Ko&google_cver=1&google_push=AYg5qPK-3EwoVKZIwxrYKLqbsfCLN7vgjV6DHZgarQSr3oFSo0Pd96fxNu4V3GQwqDFrMZMib3dRi9XuESOVvExJaKNX0LmjBTdj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPK-3EwoVKZIwxrYKLqbsfCLN7vgjV6DHZgarQSr3oFSo0Pd96fxNu4V3GQwqDFrMZMib3dRi9XuESOVvExJaKNX0LmjBTdj

Request Chain 419

https://fw.adsafeprotected.com/rfw/st/892768/59097903/skeleton.js?adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fefcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fefcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c47841b0-5e10-47ad-e265-ba96863bc416,c:3m5Hsr,sl:outOfView,em:true,fr:false,thd:1,mn:app05or,rg:or,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:222,fm:sWzIkaJ+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a41%7C1b*.892768-59097903%7C1b1%7C1b2%7C1b3%7C1b4%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:238,oid:ec4793ae-868c-11ec-b13b-0aece8dd74aa,v:19.8.284,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 421

https://fw.adsafeprotected.com/rfw/st/892768/59097903/skeleton.js?adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fefcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fefcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:726c7e69-142d-cd55-4eb9-8f3ffa1483eb,c:3m5Ht7,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-588658f876-6khw8,rg:or,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:270,fm:sWzIkaM+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C194%7C1a*.892768-59097903%7C1a1%7C1a2%7C1a3%7C1a41%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:278,oid:ec476ccf-868c-11ec-aa0f-92856a2523cc,v:19.8.284,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 437

https://fw.adsafeprotected.com/rfw/st/892768/59097737/skeleton.js?adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fefcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fefcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:45e5a049-6378-0552-c15c-820d7189a3c2,c:3m5HvA,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-588658f876-xzdrh,rg:or,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:335,fm:sWzIkca+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.892768-59097737%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1941%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:345,oid:ec479402-868c-11ec-a0f1-a67b55630e74,v:19.8.284,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

477 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request sukkot10.html Show response
www.123greetings.com/events/sukkot/
Redirect Chain

http://www.jpada.com/cgi-bin/click.pl?cid=nl010245202206&lid=217801&uid=202812725?utm_source=img1&utm_medium=newsletter&utm_campaign=Feb22_nl_wk1
https://www.123greetings.com/events/sukkot/sukkot10.html

36 KB
10 KB

545ms
97ms

Document
text/html

184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

d5067f3ef4bc6ee0d309eaad5c419fa3eb307e145302a33792d66ee98284d3f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 05 Feb 2022 14:01:40 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9326
Connection: close
Cache-Control: max-age=900
Content-Encoding: gzip
ETag: "91f8-5d6de6d83ef00"
Last-Modified: Mon, 31 Jan 2022 10:41:32 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Expires: Sat, 05 Feb 2022 14:16:41 GMT
Age: 330
Accept-Ranges: bytes

Redirect headers

Content-Type: text/html; charset=iso-8859-1
Date: Sat, 05 Feb 2022 14:07:09 GMT
Location: https://www.123greetings.com/events/sukkot/sukkot10.html
Server: Apache/2.2.15 (CentOS)
Content-Length: 319
Connection: keep-alive

GET
H/1.1 200
OK card_page_R1.css
c.123g.us/css/ 27 KB
7 KB 311ms
9ms Stylesheet
text/css 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/card_page_R1.css
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 35276e401d27d1f4ceb5f451cd11b25ff453808d2152e338e07b4b25978f25a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 10:30:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Aug 2020 13:04:16 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1568216
ETag: "6db9-5adb3571fb400"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6257
jake_test: Test_Pass
Expires: Sun, 23 Jan 2022 01:09:52 GMT

GET
H2 200 PinExt.png
assets.pinterest.com/images/ 936 B
1022 B 131ms
25ms Image
image/png 2a04:4e42:54::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.pinterest.com/images/PinExt.png
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:10 GMT
x-cdn: fastly
etag: "61ed0472dfcbfaf25e7585f119adf76a"
vary: Origin
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-CDN
cache-control: max-age=86400
access-control-max-age: 86400
content-length: 936

GET
H/1.1 200
OK 348114_ic.jpg
i.123g.us/c/eoct_sukkot/ic/ 2 KB
2 KB 165ms
11ms Image
image/jpeg 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/348114_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82dd4a981d9bdc00497c77c380ad77c848a6e5d0303ed1bb521a209a38c2380c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 09:55:13 GMT
Last-Modified: Wed, 22 Sep 2021 12:46:03 GMT
Server: Apache/2.2.15 (CentOS)
Age: 274318
ETag: "666-5cc94e59c38c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1638
jake_test: Test_Pass
Expires: Thu, 03 Feb 2022 20:48:22 GMT

GET
H/1.1 200
OK 340562_ic.jpg
i.123g.us/c/eoct_sukkot/ic/ 2 KB
2 KB 141ms
17ms Image
image/jpeg 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/340562_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 172d39a0e72098c0900788ddc9dd241e7aad7babd36728b468a2d9e834ad1d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 09:55:14 GMT
Last-Modified: Wed, 09 Oct 2019 11:22:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 274317
ETag: "873-594787f7650c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2163
jake_test: Test_Pass
Expires: Sat, 05 Feb 2022 02:45:41 GMT

GET
H/1.1 200
OK 314587_ic.jpg
i.123g.us/c/eoct_sukkot/ic/ 2 KB
2 KB 99ms
12ms Image
image/jpeg 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/314587_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9a84239c1204d9f210f089f6c450809de4995f4f29e2dbe8280455ec1f315ac9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 20:33:22 GMT
Last-Modified: Tue, 30 Sep 2014 12:59:25 GMT
Server: Apache/2.2.15 (CentOS)
Age: 149629
ETag: "87e-50447f3eae540"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2174
jake_test: Test_Pass
Expires: Thu, 03 Feb 2022 20:48:22 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/_EMn_4vY3K8/ 3 KB
4 KB 44ms
20ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/_EMn_4vY3K8/default.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e6fb84e11c6ef0e2eb33f845c6fbb8e7076f76b9baf0be4f64195b8c93ea955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:11 GMT
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3474
x-xss-protection: 0
server: sffe
etag: "1602368066"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 05 Feb 2022 16:07:11 GMT

GET
H/1.1 200
OK 124432_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 4 KB
4 KB 64ms
35ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/124432_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1c75dc0181018edcb5f31db29b6b65bfd996043907ca84cd0d3604e42f3149c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 09:55:14 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 274317
ETag: "fbd-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4029
jake_test: Test_Pass
Expires: Thu, 03 Feb 2022 20:48:22 GMT

GET
H/1.1 200
OK 121016_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
4 KB 12ms
12ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121016_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8961bac40e3103c815ae9020416429332bb9a56b14f12fe5721fd54184400118

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 10:13:31 GMT
Last-Modified: Wed, 05 Aug 2015 15:29:32 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1655620
ETag: "d5e-51c9211bdaf00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3422
jake_test: Test_Pass
Expires: Tue, 18 Jan 2022 10:29:47 GMT

GET
H2 200 3.jpg
i1.ytimg.com/vi/EC4IVe61p-0/ 4 KB
5 KB 137ms
96ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/EC4IVe61p-0/3.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55abb13cc57f93a933ea0f3e5a5e1918c905685ee3a627498746fcfb05fc67db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:11 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4137
x-xss-protection: 0
server: sffe
etag: "1526713034"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 05 Feb 2022 16:07:11 GMT

GET
H/1.1 200
OK 121017_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 26ms
25ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121017_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: dc3bc858b071f656a2650f9399c3646b99b9ece4afa223bcaae86f762c512fdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 20:59:43 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 234448
ETag: "c2b-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3115
jake_test: Test_Pass
Expires: Wed, 02 Feb 2022 21:14:43 GMT

GET
H/1.1 200
OK 121012_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 13ms
13ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121012_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b0dcfcdf9265f2b5fd584eaceb0b061430cb48808562bae32275176e2358e15b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 20:33:40 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 149611
ETag: "a85-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2693
jake_test: Test_Pass
Expires: Thu, 03 Feb 2022 20:48:40 GMT

GET
H/1.1 200
OK 121029_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 15ms
15ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121029_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0c0bf8c97c0f2f0ba103d6d71694807b37ffa37de08e21ff56586e939b4ef3da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 20:33:40 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 149611
ETag: "b99-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2969
jake_test: Test_Pass
Expires: Thu, 03 Feb 2022 20:48:40 GMT

GET
H/1.1 200
OK 120988_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 11ms
11ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/120988_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3ec8a31e13fcb12fc39c3ab5c20e1ce6198a681a113c0c02b0c23dad7ae382da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 15:18:48 GMT
Last-Modified: Fri, 19 Sep 2014 15:15:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 946103
ETag: "a2d-5036c93687100"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2605
jake_test: Test_Pass
Expires: Tue, 25 Jan 2022 19:33:15 GMT

GET
H/1.1 200
OK 121015_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 13ms
13ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121015_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 73963f651883c39e1b16ff1f486dc3b7fd362c5f427df2adda0903fe1419674e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 02:30:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 41790
ETag: "a9e-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2718
Expires: Sat, 05 Feb 2022 02:45:41 GMT

GET
H/1.1 200
OK 120987_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 13ms
13ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/120987_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bcd23839e51a3a9454c3b44775b2a70b545790777e1b85e09bdde3f9f992de58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 03:00:45 GMT
Last-Modified: Wed, 05 Aug 2015 15:29:14 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1854386
ETag: "a13-51c9210ab0680"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2579
jake_test: Test_Pass
Expires: Thu, 03 Feb 2022 20:48:41 GMT

GET
H/1.1 200
OK 120989_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 2 KB
2 KB 12ms
12ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/120989_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cead727c7f108bb8a4644fa6eae433352dfb0ffeb1fe194840b6ca82c0b6e701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 08 Jan 2022 02:25:21 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2461310
ETag: "84e-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2126
jake_test: Test_Pass
Expires: Sat, 08 Jan 2022 02:40:21 GMT

GET
H/1.1 200
OK 335568_ic.jpg
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 24ms
24ms Image
image/jpeg 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/335568_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12fb8c8ed06c31e003e41850935bca35d10e58f2aa0bb936d97f504417afd1a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 09:59:23 GMT
Last-Modified: Sat, 22 Sep 2018 05:54:58 GMT
Server: Apache/2.2.15 (CentOS)
Age: 878868
ETag: "bba-5766f65633080"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3002
jake_test: Test_Pass
Expires: Thu, 03 Feb 2022 20:01:50 GMT

GET
H/1.1 200
OK 121013_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
4 KB 30ms
30ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121013_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 738db4924b849a16c3b0979e1562cda906374a9bc374cdb8a5b4df28734d76dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 20:59:43 GMT
Last-Modified: Wed, 05 Aug 2015 15:29:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 234448
ETag: "d0d-51c9211439d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3341
jake_test: Test_Pass
Expires: Thu, 03 Feb 2022 20:26:07 GMT

GET
H/1.1 200
OK 124440_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 4 KB
4 KB 13ms
13ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/124440_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5769bdfa40b03530aa926e7c9797008cbe2d22391f3767caab9e97a95c019cdd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 09:55:14 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 274317
ETag: "f80-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3968
Expires: Sat, 05 Feb 2022 02:45:41 GMT

GET
H/1.1 200
OK 335552_ic.jpg
i.123g.us/c/eoct_sukkot/ic/ 2 KB
3 KB 14ms
14ms Image
image/jpeg 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/335552_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bcc649e653b4fd96ff759065c7db898969e306c9c4c7ae3cbff8bc3091825f64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 09:55:14 GMT
Last-Modified: Wed, 19 Sep 2018 13:16:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 274317
ETag: "943-57639368d5a00"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2371
jake_test: Test_Pass
Expires: Wed, 02 Feb 2022 21:14:44 GMT

GET
H/1.1 200
OK 121014_ic.gif
i.123g.us/c/eoct_sukkot/ic/ 3 KB
3 KB 11ms
11ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/ic/121014_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c5cfe6329a28119a02115058261d9103d3d94bb068133ff1fc574cca1b6f0656

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 02:30:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 41790
ETag: "c5a-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3162
Expires: Sat, 05 Feb 2022 02:45:42 GMT

GET
H/1.1

200
OK

zero.gif
c.123g.us/images/
Redirect Chain

https://www.123greetings.com/usr-bin/view_sent.pl?type=VW&cardid=121029
https://c.123g.us/images/zero.gif

49 B
404 B

27ms
9ms

Image
image/gif

8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/zero.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 22 Jan 2022 10:15:51 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:07 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1223481
ETag: "31-54da7c7971dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49
jake_test: Test_Pass
Expires: Wed, 26 Jan 2022 19:44:12 GMT

Redirect headers

Location: https://c.123g.us/images/zero.gif
Date: Sat, 05 Feb 2022 14:07:11 GMT
Server: Apache/2.2.15 (CentOS)
Connection: Close
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length: 303
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK jquery.js Show response
c.123g.us/js2/ 92 KB
33 KB 308ms
9ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 11:51:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1908956
ETag: "16f3a-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33449
jake_test: Test_Pass
Expires: Sat, 15 Jan 2022 17:19:31 GMT

GET
H/1.1 200
OK tab.js Show response
c.123g.us/js2/ 5 KB
3 KB 307ms
8ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/tab.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d0fbf06f675663f1ec793289e8eaa4dcc4eb791f90e6311ed809b506e88f3a3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 11:53:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1044822
ETag: "1586-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2897
jake_test: Test_Pass
Expires: Mon, 24 Jan 2022 12:08:29 GMT

GET
H/1.1 200
OK swfobject.js Show response
c.123g.us/js2/ 10 KB
4 KB 307ms
8ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/swfobject.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 08:49:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 278277
ETag: "261f-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3868
jake_test: Test_Pass
Expires: Wed, 02 Feb 2022 09:04:14 GMT

GET
H/1.1 200
OK 123g_utils_v1.js Show response
c.123g.us/js2/ 123 KB
30 KB 342ms
42ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_utils_v1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 16:04:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Jun 2021 12:51:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2066533
ETag: "2c3d8-1ed3a-5c3f026148680"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30667
jake_test: Test_Pass

GET
H/1.1 200
OK utilsopt.js Show response
c.123g.us/js2/ 22 KB
7 KB 331ms
29ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/utilsopt.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 01 Feb 2022 14:35:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 10:41:25 GMT
Server: Footprint Distributor V6.1.1162
Age: 343901
ETag: "57b2-5b3459efc3f40"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6801
jake_test: Test_Pass
Expires: Tue, 01 Feb 2022 14:50:30 GMT

GET
H/1.1 200
OK 123g_cardpage.js Show response
c.123g.us/js2/ 42 KB
10 KB 424ms
423ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_cardpage.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 664837d2bb88ac17d1bc3d9c3e65cb23adf2ba6051d2c48dfe9c3dac555eb66e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 25 Jan 2022 15:29:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Apr 2021 06:11:32 GMT
Server: Apache/2.2.15 (CentOS)
Age: 945481
ETag: "a777-5c0898cfd0d00"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10322
jake_test: Test_Pass
Expires: Tue, 25 Jan 2022 15:44:10 GMT

GET
H/1.1 200
OK rakpanel.js Show response
c.123g.us/js2/ 3 KB
2 KB 423ms
423ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/rakpanel.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 09 Jan 2022 07:04:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Aug 2018 13:50:01 GMT
Server: Footprint Distributor V6.1.1162
Age: 2358187
ETag: "d4c-57300e747f440"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1626
jake_test: Test_Pass
Expires: Sun, 09 Jan 2022 07:19:06 GMT

GET
H/1.1 200
OK date.js Show response
c.123g.us/js2/calendar/ 3 KB
1 KB 8ms
7ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/calendar/date.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 07 Jan 2022 10:20:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:21 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2519177
ETag: "2c3fe-afa-54a227da71a40"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 974
jake_test: Test_Pass

GET
H/1.1 200
OK jquery.datePicker.js Show response
c.123g.us/js2/calendar/ 15 KB
5 KB 9ms
8ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/calendar/jquery.datePicker.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 11 Jan 2022 22:27:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:21 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2129963
ETag: "2c3fd-3d65-54a227da71a40"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4593
jake_test: Test_Pass

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 30ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b5db7625a4caef335e90d7df9c1755641894fc6868393d168506af5a3c7848b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: oHx4+tXyplMpYNLC/aBfsQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 72SNp+ZbDQbveYl/VlWtcv0M2roeNfxQOrCg6PhhkML0+pnK7sCDMiUboAjOjdF0s7vmStkOwKt5YmHHbPuuTw==
x-fb-trip-id: 917726464
x-fb-content-md5: b380262064418e83c294ea66f1754d86
x-frame-options: DENY
date: Sat, 05 Feb 2022 14:07:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "599e71c22cab89693cf6cbb394f785ee"
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:15:16 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 65ms
39ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d58874df689aa5f7fa093241def6a379ea8e40104f612f435f12d02447c5ed2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nJ4QrGhd+QUq3siv663Sng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
cross-origin-opener-policy: same-origin
etag: "c287f014806a9e4c693e7509987366ea"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-nJ4QrGhd+QUq3siv663Sng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:07:10 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
431 B 126ms
24ms Script
application/javascript 2a04:4e42:54::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:10 GMT
content-encoding: br
x-cdn: fastly
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=300
content-length: 203
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK jquery.ajax_autocomplete.js Show response
c.123g.us/js2/ 20 KB
7 KB 8ms
7ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 03 Feb 2022 08:26:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 12:46:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 193246
ETag: "4ec6-5cbdfda4a4800"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6384
jake_test: Test_Pass
Expires: Thu, 03 Feb 2022 08:41:25 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 59ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bedf401578c2fcba260181d638c0e30c4510c4992643d0d7fc22a9d09f7fcbe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53637
x-xss-protection: 0
server: cafe
etag: 7685278558016912236
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:07:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 46ms
22ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b56038a77bd58ff58874b00dd3779c33afd29a3580131c9a2786d4f4dad4b79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36044
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 05 Feb 2022 14:07:11 GMT

GET
H/1.1 200
OK styleopt_R1.css
c.123g.us/css/ 80 KB
16 KB 1083ms
1075ms Stylesheet
text/css 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/styleopt_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 13:13:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 11:38:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1990396
ETag: "13f87-5c3625216f1c0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16152
jake_test: Test_Pass
Expires: Thu, 13 Jan 2022 13:28:55 GMT

GET
H/1.1 200
OK modal_window_R1.css
c.123g.us/css/ 33 KB
7 KB 464ms
448ms Stylesheet
text/css 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/modal_window_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 22 Jan 2022 21:02:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 09:39:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1184676
ETag: "8220-5a7b79d367980"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6727
jake_test: Test_Pass
Expires: Sat, 29 Jan 2022 15:00:50 GMT

GET
H/1.1 200
OK 123g_master_bg.png
c.123g.us/images/ 145 B
438 B 106ms
106ms Image
image/png 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_bg.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 30 Jan 2022 08:02:06 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:45 GMT
Server: Apache/2.2.15 (CentOS)
Age: 540306
ETag: "9d001-91-54a227b81c940"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
jake_test: Test_Pass

GET
H/1.1 200
OK master_img_menu.png
c.123g.us/images/ 6 KB
6 KB 9ms
8ms Image
image/png 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_img_menu.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 18 Jan 2022 12:08:46 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1562306
ETag: "1861-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6241
jake_test: Test_Pass
Expires: Tue, 18 Jan 2022 12:23:47 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
140 KB 76ms
75ms Image
image/png 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 09 Jan 2022 11:18:32 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2342920
ETag: "9d05a-230cb-5979e1b2b4200"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass

GET
H/1.1 200
OK big_img_sprite.png
c.123g.us/images/ 134 KB
134 KB 74ms
74ms Image
image/png 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/big_img_sprite.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 13:59:24 GMT
Last-Modified: Wed, 11 Sep 2019 08:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1469268
ETag: "21653-59242fbe2e0c0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136787
jake_test: Test_Pass
Expires: Wed, 19 Jan 2022 14:14:25 GMT

GET
H/1.1 200
OK master_icon_set_2.png
c.123g.us/images/ 110 KB
110 KB 90ms
90ms Image
image/png 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7272d4ee4691fbb05f8844d60af444ec17e03d6e009fddaebd2bc97c2ab66b67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 12:28:50 GMT
Last-Modified: Wed, 02 Feb 2022 12:27:42 GMT
Server: Apache/2.2.15 (CentOS)
Age: 265102
ETag: "1b74c-5d70824e12b80"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 112460
jake_test: Test_Pass
Expires: Wed, 02 Feb 2022 12:43:53 GMT

GET
H/1.1 200
OK master_icon_set.png
c.123g.us/images/ 93 KB
93 KB 88ms
87ms Image
image/png 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 08:22:59 GMT
Last-Modified: Wed, 03 Jan 2018 10:30:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1489453
ETag: "17326-561dcb51f9ac0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95014
jake_test: Test_Pass
Expires: Thu, 27 Jan 2022 08:30:03 GMT

GET
H/1.1 200
OK ajax-loader_sm.gif
c.123g.us/images/ 2 KB
2 KB 9ms
9ms Image
image/gif 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/ajax-loader_sm.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ed1c2c6b7b77b966dd42dbec5cda78e14595383a75aa465912cbd75c0e2dc569

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 16:06:01 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2066471
ETag: "739-54da7c7a66000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1849
jake_test: Test_Pass
Expires: Wed, 12 Jan 2022 16:21:02 GMT

GET
H/1.1 200
OK 121029_bg.gif
i.123g.us/c/eoct_sukkot/bg/ 49 B
404 B 23ms
23ms Image
image/gif 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/bg/121029_bg.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fc633dffe1f314ee8d65257c7943c576e389f08cfaa4b1acdce3bef337e881bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 12:50:32 GMT
Last-Modified: Mon, 24 Feb 2014 09:50:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1300600
ETag: "31-4f323e8623dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49
jake_test: Test_Pass
Expires: Wed, 02 Feb 2022 21:14:33 GMT

GET
H/1.1 200
OK 123g_master_icon_set_2.png
c.123g.us/images/ 67 KB
67 KB 8ms
8ms Image
image/png 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d149cef7c8029e29de2ab35f086b502c0f3baa6b72f43aa4a63128ce8b62e6fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 12:28:53 GMT
Last-Modified: Wed, 02 Feb 2022 12:27:16 GMT
Server: Apache/2.2.15 (CentOS)
Age: 265099
ETag: "9cf33-10c9a-5d70823547100"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68762
jake_test: Test_Pass

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8250b07e02fffdae391e0e8fe3df2701

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99bd167da3ca87663712b3fe46510856e2366a90e14e1e02fd7f407244fa365d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.123greetings.com/
Origin: https://www.123greetings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: OfZHkB6075rnte5ZRymEGA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83500
x-fb-rlafr: 0
x-fb-debug: U+pYzsCjkbLy2tos4ASapwTm0+vnfqbscXlgHKb+ZncPUgpDgWocQQcVNAebDnKJT8wyPl8ta6eiGarYSvBbfg==
x-fb-content-md5: 01133f2424a6a48c24a7626c72e7561b
x-frame-options: DENY
date: Sat, 05 Feb 2022 14:07:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "92d3831f087b250380c72472cdb8c359"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 05 Feb 2023 13:47:20 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/ 150 KB
52 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.G0yl221Lv3A.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOeO42Ypl4xUcKP-57wrSkEIrYebg/cb=gapi.loaded_0?le=oz

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24eba652967915088a60ca2e5d1827abe08c344883a55e580834470411a4e65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 09:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52422
x-xss-protection: 0
last-modified: Tue, 11 Jan 2022 03:49:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding, Origin
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 09:36:55 GMT

GET
H/1.1 200
OK request.js Show response
trkn.us/info/ 2 KB
1 KB 381ms
94ms Script
application/javascript 54.224.71.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6878490120.5118065

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.224.71.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-224-71-103.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3ea3b1e9041e39b8cbe48c1955d273b5051e8adae04c04cda9781050164abeee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 733
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H/1.1 200
OK addressbook.js Show response
c.123g.us/js2/ 401 KB
76 KB 30ms
29ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/addressbook.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82bd02cee2c77b75a28a94f51c1163035315c09ef8eafe6fa5f79f35b97424e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Thu, 13 Jan 2022 22:24:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Aug 2021 08:44:30 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1957354
ETag: "6427b-5cad6f5405780"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77386
jake_test: Test_Pass
Expires: Fri, 14 Jan 2022 12:06:16 GMT

GET
H/1.1 200
OK 121029_details.js Show response
x.123g.us/json/ 1 KB
1 KB 740ms
579ms Script
text/javascript 67.27.235.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/121029_details.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1624c39255bcec121ecc563695148c354432e070801a013c22235c87346621c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 14:07:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Jan 2022 10:40:14 GMT
Server: Apache/2.2.15 (CentOS)
Age: 4
ETag: "519-5d6de68ddbf80"
Vary: Accept-Encoding
Content-Type: text/javascript
access-control-allow-origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 629
jake_test: Test_Pass
Expires: Sat, 05 Feb 2022 14:22:13 GMT

GET
H/1.1 200
OK 121029_pc.jpg
i.123g.us/c/eoct_sukkot/pc/ 57 KB
58 KB 13ms
13ms Image
image/jpeg 8.241.121.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eoct_sukkot/pc/121029_pc.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.121.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9eb084612d63c1939ce99b714f5c030e5ecfce81c05b8adc4d2b2e4ffa1c76e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 20:59:48 GMT
Last-Modified: Tue, 27 Jun 2017 22:05:05 GMT
Server: Apache/2.2.15 (CentOS)
Age: 234444
ETag: "e4c9-552f842860640"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58569
jake_test: Test_Pass
Expires: Wed, 02 Feb 2022 21:14:48 GMT

GET
H/1.1 200
OK play-button.png
c.123g.us/images/ 3 KB
3 KB 28ms
10ms Image
image/png 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/play-button.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 28 Jan 2022 12:29:04 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 697088
ETag: "afd-54da7c7a66000"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2813
jake_test: Test_Pass
Expires: Fri, 28 Jan 2022 12:44:06 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 286 KB
103 KB 50ms
34ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

936a96afcde77875ce1b932be875ad57396d7b54dafdc05a190c994d14112630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105569
x-xss-protection: 0
server: cafe
etag: 737233414951617841
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:07:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/ Frame 6395 10 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Fri, 04 Feb 2022 16:23:29 GMT
expires: Fri, 18 Feb 2022 16:23:29 GMT
cache-control: public, max-age=1209600
age: 78223
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 206
Partial Content 121029.mp4
v.123g.us/vod/eoct_sukkot/ 80 KB
0 422ms
329ms Media
video/mp4 67.27.159.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/eoct_sukkot/121029.mp4
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer: https://www.123greetings.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 05 Feb 2022 14:07:12 GMT
Last-Modified: Tue, 17 Sep 2013 08:53:18 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 0
ETag: "17d2f2-4e69073b89b80"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 0-1561329/1561330
Connection: keep-alive
Content-Length: 1561330

GET
H/1.1 206
Partial Content 121029.mp4
v.123g.us/vod/eoct_sukkot/ 48 KB
0 445ms
354ms Media
video/mp4 67.27.159.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/eoct_sukkot/121029.mp4
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer: https://www.123greetings.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 05 Feb 2022 14:07:12 GMT
Last-Modified: Tue, 17 Sep 2013 08:53:18 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 0
ETag: "17d2f2-4e69073b89b80"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 0-1561329/1561330
Connection: keep-alive
Content-Length: 1561330

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 24ms
24ms Script
application/javascript 2a04:4e42:54::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.5915746123183139
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:12 GMT
content-encoding: br
x-cdn: fastly
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=300
content-length: 18679
access-control-expose-headers: X-CDN

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1938
date: Sat, 05 Feb 2022 13:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 05 Feb 2022 15:34:54 GMT

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 201 B
529 B 157ms
157ms Script
text/javascript 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 24 Jan 2022 07:16:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1061452
ETag: "c9-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
jake_test: Test_Pass
Expires: Mon, 24 Jan 2022 07:31:20 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 47ms
30ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=6268317308&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8250b07e02fffdae391e0e8fe3df2701

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: DXh3dMGZq4QKpMIq4FIdqEoge6Zlg8p/qH2WLr61xYT4rt9qysksR6wAWVRoUg58tKrEDZmNdPucBqCBuFaXWA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Sat, 05 Feb 2022 14:07:12 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
647 B 37ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

33a8b1f8961879fea380ff9ee900dc288e5331a77dd7d654e9f4a3643a28b94f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 51ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21EC 150 KB
42 KB 654ms
639ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1643625692&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070032345&bpp=3&bdt=1511&idt=125&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1111014703122&frm=20&pv=2&ga_vid=2085351050.1644070032&ga_sid=1644070032&ga_hid=991818160&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=3716343000056883&pem=908&tmod=2042259377&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=140

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98c8caaf195484d910310bb3014af13cc6c81e3dd927d5808905ec16e5f5a093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Feb 2022 14:07:13 GMT
server: cafe
content-length: 43096
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Feb 2022 14:07:13 GMT
cache-control: private

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=991818160&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ul=en-us&de=UTF-8&dt=Blessings%20On%20Sukkot...%20Free%20Sukkot%20eCards%2C%20Greeting%20Cards%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=855865959&gjid=1373612477&cid=2085351050.1644070032&tid=UA-5085183-1&_gid=811394175.1644070032&_r=1&gtm=2ou220&z=878489967

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 85ms
17ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5085183-1&cid=2085351050.1644070032&jid=855865959&gjid=1373612477&_gid=811394175.1644070032&_u=YAhAAUAAAAAAAC~&z=1875849753

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 05 Feb 2022 14:07:12 GMT
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
trkn.us/info/
Redirect Chain

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6878490120.5118065&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6878490120.5118065&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible&ip=138.199.38.132&cuidchk=1

42 B
780 B

102ms
101ms

Image
image/gif

54.224.71.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6878490120.5118065&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible&ip=138.199.38.132&cuidchk=1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

HTTP/1.1

Server

54.224.71.103 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-224-71-103.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Sat, 05 Feb 2022 14:07:12 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6878490120.5118065&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&dvis=visible&ip=138.199.38.132&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H/1.1 206
Partial Content 121029.mp4
v.123g.us/vod/eoct_sukkot/ 21 KB
21 KB 285ms
13ms Media
video/mp4 67.27.159.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/eoct_sukkot/121029.mp4
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash: fa86037fc6bd9fa7a3c9b118bc6ffb7a63c0d70b163bb81531db1766a152621e

Request headers

Referer: https://www.123greetings.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=1540096-

Response headers

Date: Sat, 05 Feb 2022 14:07:12 GMT
Last-Modified: Tue, 17 Sep 2013 08:53:18 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 1
ETag: "17d2f2-4e69073b89b80"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 1540096-1561329/1561330
Connection: keep-alive
Content-Length: 21234

GET
H/1.1 206
Partial Content 121029.mp4
v.123g.us/vod/eoct_sukkot/ 80 KB
0 12ms
11ms Media
video/mp4 67.27.159.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/eoct_sukkot/121029.mp4
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.159.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer: https://www.123greetings.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=32768-

Response headers

Date: Sat, 05 Feb 2022 14:07:12 GMT
Last-Modified: Tue, 17 Sep 2013 08:53:18 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 1
ETag: "17d2f2-4e69073b89b80"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 32768-1561329/1561330
Connection: keep-alive
Content-Length: 1528562

GET
H2 200 like.php Show response
web.facebook.com/v5.0/plugins/ Frame 201C 0
3 KB 82ms
25ms Document
text/html 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v5.0/plugins/like.php?action=like&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df69e0cf6f590e8%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ffde58d4138d90c%26relation%3Dparent.parent&container_width=0&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&layout=button_count&locale=en_US&ref=fb_lk_cd_1&sdk=joey&share=true&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8250b07e02fffdae391e0e8fe3df2701

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: YyFscWrIe4kFu2kbpgASGqUKjxmVw2tAihiitYugAhLfaw2iENo72NebGj+dNkbVQFmLyXsTW+HNBd3QgiFBvw==
content-length: 0
date: Sat, 05 Feb 2022 14:07:13 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 37ms
22ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e76d7ae7716a1ea1ca7666151f623c974b954f4d90e889832c910eee1451708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9822
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ 150 KB
53 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a3726a929770b473d7b345b56260855d7f5bed7cfb505d2f9204baed1d96072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54420
x-xss-protection: 0
server: cafe
etag: 1823973342962200821
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:07:13 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 152ms
112ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:13 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
17ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/ Frame C80C 10 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Fri, 04 Feb 2022 16:38:08 GMT
expires: Fri, 18 Feb 2022 16:38:08 GMT
cache-control: public, max-age=1209600
age: 77345
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame C80C 4 KB
1 KB 43ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 13:23:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Feb 2022 14:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Feb 2022 14:07:13 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C80C 205 B
742 B 34ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:58:23 GMT
x-content-type-options: nosniff
age: 530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 05 Feb 2023 13:58:23 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C80C 604 B
695 B 34ms
9ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 15:55:26 GMT
x-content-type-options: nosniff
age: 79907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 04 Feb 2023 15:55:26 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/ Frame C80C 19 KB
8 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097fe57903bfaee075f670a6eb95c1afbc03e27bb8ba702daf3a9cc95cbfd0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:48:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8077
x-xss-protection: 0
server: cafe
etag: 15073115138517226628
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 13:48:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4E8A 8 KB
888 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 13:26:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Feb 2022 14:07:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Feb 2022 14:07:13 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 4E8A 1 KB
875 B 24ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 13:54:22 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 4E8A 19 KB
8 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 583
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 13:57:30 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 4E8A 2 KB
1 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E8A 123 KB
38 KB 117ms
72ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 4E8A 14 KB
6 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:57 GMT

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 4E8A 27 KB
11 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 23:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 22:35:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 03 May 2022 23:19:44 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCCD 143 B
163 B 10ms
10ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sat, 05 Feb 2022 14:03:04 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCCD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

60ms
60ms

Document
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220201/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 05 Feb 2022 14:07:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 05 Feb 2022 14:07:13 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 05 Feb 2022 14:07:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 83C3 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 12:47:06 GMT
expires: Sun, 05 Feb 2023 12:47:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D584 783 B
1 KB 31ms
17ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a41658a853e37bfcc6115a75d77abfa4cbd5836be5e76e0edc143b3ea4720aff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kr1kTMDm31hRT7H85wSA0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 05 Feb 2022 14:07:13 GMT
date: Sat, 05 Feb 2022 14:07:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Kr1kTMDm31hRT7H85wSA0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 83C3 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D584 0
0 57ms
56ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220201&jk=3716343000056883&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 /
log.pinterest.com/ 0
333 B 131ms
97ms Image
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=ZkGcSZaFgshG&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&viaSrc=canonical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:13 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 1
x-cache-hits: 0
content-length: 0
x-served-by: cache-hhn4054-HHN
pragma: no-cache
server: envoy
x-timer: S1644070034.517232,VS0,VE90
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 7110957098755863
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame E3B1 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 83C3 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Y0lEyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK 121029.js Show response
s3.amazonaws.com/123g_fb_comments/ 27 B
413 B 537ms
160ms Script
text/javascript 52.216.110.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/123g_fb_comments/121029.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.110.53 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 66b930c528fcf1201ec716daf6685d909bc2497d9acfb2cf2182563de1c0a169

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 14:07:15 GMT
Last-Modified: Wed, 18 Sep 2013 05:48:34 GMT
Server: AmazonS3
x-amz-request-id: CT2V8PYEFPJJKVK6
ETag: "4605924ffef2bb0cdbd64bdbde1e2760"
x-amz-meta-colour: pink
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 27
x-amz-id-2: cPxZ0RUgwhfZjw70rYIvZJyncLd6tdfaCoKHXhsUSai8MIRWOezy5AGFprn1L5KGcdThbfgPcxc=

GET
H/1.1 200
OK master_icon_set.png
c.123g.us/images/ 93 KB
93 KB 8ms
7ms Image
image/png 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 19 Jan 2022 08:22:59 GMT
Last-Modified: Wed, 03 Jan 2018 10:30:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1489454
ETag: "17326-561dcb51f9ac0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95014
jake_test: Test_Pass
Expires: Thu, 27 Jan 2022 08:30:03 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
140 KB 8ms
8ms Image
image/png 8.248.143.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/card_page_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.248.143.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.123g.us/css/card_page_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 09 Jan 2022 11:18:32 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2342921
ETag: "9d05a-230cb-5979e1b2b4200"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220201&jk=3716343000056883&bg=!cHOlczfNAAYZkRhwGZE7ACkAdvg8WqjZHMNoSsmA9olMZU_pS3xiLoqkgzxxjsIoELxDXvUPT3RyPwIAAADAUgAAAAJoAQeZAs7AfXPEx4udywiOKaygbT_NHzpyelAzNL63wLwtP-NaBu9PplrvYtcAPngb4qPywy572b6FtPt8fnjsHQyCg3xAqDH2SBIy-WY-12CJg8NyQDPuXqQOT0NtB13vt1PCyJ-mnYiZueEJdt6aYbWPMy3kLHKkozf823clZHyQDier8qKSG3OBIHjQtLgg56sxfdaU8EGhh0pc9uwDc2CGYE2n63HDSY1Yx1NUinC0848rOvwtNHUpWbdBkD_y1pJYcB7yCSG-7SHZ-bRvu-mDWgIWYkAiCrtFzaaKhTT5MXLnKAwo9vfP4jbLiAOu7HL_6ddMUhuEhE4Ld8coQFg2mvP-hxPNxpdqRgopZt7J4BlCBE9Ex-4yKShliHbFMojQbLXAtaoiq-TKWm50-JD7HT6y4VJF8eiH9bFnQNDxSh8zyjDcMpmHAU5sGuj00SQlJ03IJZD05zMrCmaoDb6cZiQzVejZfosO1tDKrt3CVuPrw4u8fJVUOoa2n_LaLIEObFpzTQQvtKkH3oP6XNXBzeredWfnYDDBVhFKphtTs66QUT0k0ckg5EaN_h926QEsmvEs93pcb8_-PMHenm6znU1w0PMOt4g3R0TucwbvPILxhPjuRw6j4aqDbhgrz7iRdGP2eYSCsOBh7mSB0cSKV9xczsB3st5Uf8IyluHUFBkesZ_atpfdlVOi6KxtW8YQDLxFkcZQ8Fcz0-rpgow2WY4LEEOowTw06hSga-RD34rvDt-rPImNNJeevNcx4Csu3AzNHERuZF3IkPMbOwI-Avwi7wKyl3sslDwSlMidTwOzc0lX46h7ZTJp9rvBimZSCNO4kDWnowh12MZZhms_A0j3AT8C6T2GsoVI53-5f2_OmK4aJBuB8XsiICPlI6JvGNB1MWfbACjOvy_GJWA7rcJf3xtRIxSMCixfy3AF5ceuViLmnFwAkUswW_o7HZcN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 comments.php
web.facebook.com/v5.0/plugins/ Frame 88A3 0
0 36ms
27ms Document
text/html 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://web.facebook.com/v5.0/plugins/comments.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df10aa016fefac38%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ffde58d4138d90c%26relation%3Dparent.parent&container_width=0&height=100&href=http%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&locale=en_US&order_by=reverse_time&sdk=joey&version=v5.0&width=600

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8250b07e02fffdae391e0e8fe3df2701

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://web.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: pGi/Yon8qGKIIrMo/6+HRwn7ttT9bFZ9pXuliKGtM242QW0H5aG50PaowuidvsgE37WtiPxhk56xflpMs5VHpw==
content-length: 0
date: Sat, 05 Feb 2022 14:07:14 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 60ms
45ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b7e39fdbac406615f91557fb69b63192b596f5a601c2a18c36bd4aa0459647c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27226
x-xss-protection: 0
server: sffe
etag: "1122 / 935 of 1000 / last-modified: 1644015869"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Feb 2022 14:07:14 GMT

GET
H2 200 pubads_impl_2022020101.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
120 KB 33ms
8ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121756
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 09:38:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 Feb 2023 09:02:27 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 497 B
843 B 41ms
18ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

f9ac73fec0556f6c60345e710b209cc345b05da0d436a6a0d36b7018d0c66fa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207
x-xss-protection: 0
expires: Sat, 05 Feb 2022 14:07:14 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 273 KB
70 KB 766ms
751ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3716343000056883&correlator=4418194221768352&output=ldjh&impl=fifs&eid=31064658%2C31061165&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220205&iu_parts=46400095%2CDesktopWeb_Showcard_LB%2CDesktopWeb_Showcard_EcardStrip%2CDesktopWeb_Showcard_Mrec%2CDesktopWeb_Showcard_LowerMrec%2CDesktopWeb_Showcard_BottomLrec%2CDesktopWeb_Showcard_EcardStrip2%2CDesktopWeb_Showcard_LMrec1%2CDesktopWeb_Showcard_LMrec2%2CDesktopWeb_Showcard_LMrec3%2CDesktopWeb_Showcard_Video%2CDesktopWeb_Showcard_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11&prev_iu_szs=728x90%2C468x60%2C300x250%2C300x250%2C300x250%2C468x60%2C300x250%2C300x250%2C300x250%2C1x1%2C1x1&cust_params=site%3D123greetings.com%26section%3Deoct_sukkot%26page%3Dshowcard&cookie=ID%3D390fc1d269c4a297-22d5877233cd00e1%3AT%3D1644070032%3ART%3D1644070032%3AS%3DALNI_MaCvbqFGWoaI1A8sel_IK1hhC9YCQ&bc=31&abxe=1&dt=1644070034337&lmt=1643625692&dlt=1644070030834&idt=3466&frm=20&biw=1600&bih=1200&oid=2&adxs=560%2C401%2C970%2C970%2C970%2C402%2C332%2C650%2C968%2C310%2C321&adys=47%2C239%2C236%2C993%2C2048%2C929%2C2343%2C2343%2C2343%2C2799%2C1021&adks=2931586391%2C97135718%2C2334180326%2C912788858%2C619234847%2C3674860380%2C36811275%2C2261275357%2C4099441217%2C1380049161%2C265943010&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&vis=1&scr_x=0&scr_y=0&psz=980x90%7C612x60%7C320x262%7C320x262%7C320x262%7C591x60%7C980x301%7C980x301%7C980x301%7C983x2790%7C628x0&msz=728x90%7C468x-1%7C300x250%7C300x250%7C300x250%7C468x-1%7C314x264%7C314x264%7C314x264%7C980x0%7C628x0&ga_vid=2085351050.1644070032&ga_sid=1644070032&ga_hid=991818160&ga_fc=true&fws=4%2C0%2C4%2C4%2C4%2C0%2C0%2C0%2C0%2C0%2C0&ohw=728%2C0%2C300%2C300%2C300%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C1%7C0%7C2%7C3%7C4%7C5%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

a3b64d86346a3bd2ef243790b37012de4a7120441531ad66fdb2214d92554c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71885
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,4684787180,-1,-1,5054615482,5305849375,5501288042,5461263814
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,138234273911,-1,-1,138269508478,138304012243,138326033967,138321279906
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 464F 6 KB
4 KB 111ms
41ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 05 Feb 2022 14:07:14 GMT
expires: Sun, 05 Feb 2023 14:07:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EAE3 6 KB
3 KB 26ms
10ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 14:07:14 GMT
expires: Sun, 05 Feb 2023 14:07:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 92D6 6 KB
3 KB 24ms
11ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 14:07:14 GMT
expires: Sun, 05 Feb 2023 14:07:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5CF1 6 KB
3 KB 20ms
11ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 14:07:14 GMT
expires: Sun, 05 Feb 2023 14:07:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3F3D 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 14:07:14 GMT
expires: Sun, 05 Feb 2023 14:07:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 40BD 0
0 43ms
43ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgeAfZmx-LMP0Xu6zd1hOq9guy-MFaBAELSc5kRNg5hb5lIn_7U4_jVbzlCpSihPd62xA-GIejq9dsBTgaadhyRalgH1LCKC-4DMKHodp3uaGivcUNugPgKpr5zwizosLdt7NO3NVPrdGFQiWA7xeZFGxwZEhdj8xATuL02j4Vv_sDk--ncWfMoXbm2fU0Xrjr78TCvoYjLAUirtqilmLquESYcMjfMX76-ozVEbq42xP_Co2F3HLtAHLT9C4DJg84j_JWnDgINX0G-Z_q5kfRjdY72BrZgcxqZ_2E2HVWG5kkUk0MsLo_gZQANaQ37gQqTHx4HKm9Q2POgL5iPFRSEg&sig=Cg0ArKJSzGISBm235qsiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 40BD 112 KB
39 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aec332be30ea374bceccd48b585c4920f299ff9cae598459d63ab8dea867cc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39798
x-xss-protection: 0
server: cafe
etag: 7092808562021563429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40BD 123 KB
37 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 container.html Show response
efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4DF6 6 KB
3 KB 11ms
10ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 14:07:14 GMT
expires: Sun, 05 Feb 2023 14:07:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012201141909000/ Frame B630 220 KB
61 KB 296ms
15ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 158157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61542
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "00d9ef7efeb287da"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame B630 16 KB
6 KB 310ms
31ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 158157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5698
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "919adc590e0ff503"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame B630 96 KB
29 KB 306ms
27ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 158157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29570
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c52208c2e07002d5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame B630 5 KB
2 KB 311ms
31ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 158157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76a8c96b6aaec2c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012201141909000/v0/ Frame B630 42 KB
13 KB 309ms
30ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 158157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13611
x-xss-protection: 0
server: sffe
date: Thu, 03 Feb 2022 18:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7aefe3fe93cc7383"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 03 Feb 2023 18:11:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B630 6 KB
670 B 52ms
52ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 13:21:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Feb 2022 14:07:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 13BB 0
0 63ms
63ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkWs1WFKa-zIKffC-tk_2luXGoh4B1S8-NJQXRoA6FqikTcg_GI5SSL-Nc2B_B-UJ-9uMjxkRVYCc88E9MKYaFLEseCeF2r4rwBRi95ySQLet_fU55lfDI7dfrrdxr-DatS0ohiQnpeam3xAfPsoyd7YmABAVjD9faFhng5cSwCDNl948wQ8KWb4TBduxzZyrCXgFjpRdyjtZQ1pfQ64SwGQg4pVd5SsUHk_vmbFAPlagtE4hb6QQYadMumLAUWX36SLr7lVOUhZsGv232BU-TnTM-rfO9BCj-9KmKCov3nE05re1gTEl4tGgXJrN8y5eryVdNnCpzn-CjgFSz&sig=Cg0ArKJSzHvWxYYrX7AuEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 13BB 112 KB
39 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aec332be30ea374bceccd48b585c4920f299ff9cae598459d63ab8dea867cc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39798
x-xss-protection: 0
server: cafe
etag: 7092808562021563429
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 13BB 123 KB
37 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 05E2 0
0 60ms
60ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZLN7-OcXBG8-O16pxTMDEFhun8jnK4-1lpRUVAHV3s1hNEgMSMnrOClhrUZarWZ1h57Rxzlu_7A_2JPjXwr8gAswoj1_v278met-QboByKlSBARpjgBWdW220JTTO08DLg89OG9a-zTHbkD2t9SqZ2s3ZmLp_qF3cQDSiPOeKu26POw0BgRPf0WKaTm0-e9HJH3LNhz3RaJvB_EZRT524_hekBxzHZgwgrKrzdrTg_c5B_ISJa5vA5oJS9O5xObt8uLK-kBtKJYwYI1-sXFkOfW8_Dqe9hmH04NSgZZLR2IaDFekAdJXtqBls5arl6myq9o3XrxMOa7rDZCV-&sig=Cg0ArKJSzLCqj9R0MRhcEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 05E2 152 KB
52 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75fe12928afa987c16ee3affc39402bf355671f7441849ee474a15be03d629ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53638
x-xss-protection: 0
server: cafe
etag: 13430899005943430871
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 05E2 123 KB
37 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25BD 0
0 57ms
56ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTQWlPUuD35-mzQdatvNXINbzMt9NV4qEcqYnTjyweZVAb5hC4LLfOZ5Cg9ftV208c4d7VTnN1ISPCtU-HgeRQPb70xQ7RtJARZK9HlSG4kSkQw91SK0AhrQxg95FU2wm42bCqQv1ah3UnG5BqcJMQw_s0SH-X5SAwwAGg5xUFqAXAG7xQbV_WXMkbirgX_GgHKpFRe8Q1m9gYLoF_ulnCaH9tFL-0F371XNzAkvDc4CcP2MN13TCO9D9TuzLXwTOUyHvVLAoQEVLxgQ0uM9IXK4iFsotjqXNIv4qpnwJaF9do1XdO4eQ1Ff3EIFXg4I4lbLz7UDjrJBdJYe7G&sig=Cg0ArKJSzMnEULzbpIP5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ Frame 25BD 31 KB
31 KB 278ms
8ms Script
application/javascript 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 51229
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 04 Feb 2022 23:53:26 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 31281
x-amz-cf-id: raYpIa9U5ICQ2o3uL1Dct5UDLmz3SJhbd-hWsk1DbuXScwMkLiaVMA==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 25BD 123 KB
37 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B366 0
0 54ms
54ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEUYT0INwMjqn94V69ehQPoADOlow7N-Y_wGq3n55y0pcUMj3KZFf9eObtGVt90wg3Zcyl0likaYjfu-zw_aKnwPkF48hwDkufAVrp9789ChE79C407r3C2FxMGOVfbu6zgpM137egJmcIKgaxVtxFjkR7MIGlP5garyCFOZpwtqmjlaO9abEzcsR5XgtNVqVA2msUzhw3y_QKBxjhF0uVs9dzI0eleN4U70PdIpilW5IM9YWnleVjiUtzOLnTXQ65iWprbX54c-Y5NwGkIECg_CknHi7DFcdyTZdOjYdKHsaxKNbncfsXnzAU5No5H4QpjVTrhNVKEiGOBZN8O8s6KiRoH1o6&sig=Cg0ArKJSzAdIwRGUIec8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ Frame B366 31 KB
31 KB 281ms
14ms Script
application/javascript 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 51229
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 04 Feb 2022 23:53:26 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 31281
x-amz-cf-id: kwMS2C6onvhxq_Z_lG6f4Z1LrD4HQ_WwSagixoNOYATiJy3hMLDBVQ==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B366 123 KB
37 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B630 2 KB
2 KB 11ms
11ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 68847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 05 Feb 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B630 295 B
319 B 10ms
10ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 30221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 06 Feb 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B630 0
0 121ms
35ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqSVRdRzXRcnHSOM_blssd9LJmGpiSKEbofGkk9z81406sJwrJArc-vY2TYMfQOIS-CMypaJmAsj9nye53-Ftn2zj9cw
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B630 0
0 104ms
104ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-BeVkoT-YbSeGpCArASCwaGgCcX235JomJib5d4NyZyW_o0YEAEg7_aQIWCVgoCAoAegAe-Q2_kCyAEJqQKF7wPBzjWzPuACAKgDAcgDCqoEgAJP0KAk33GQhUwXDD-JUhhtdz_Yq2LlQL51KoOt9JWZqzpfCWs6C0exsMa94b56cqM8IJO-C4aEk7scY6gv2SHLJBYwPB_HSzlOrklPpjgWNXHPNrKBFcIae-po7Ygi6s5-eHEFbSBwA-8h3RypHYyBDuL0hBZ4eZN41xFp9VnbawSaIpKb-FkG2aKXXcyEaWfwqjP7jz03Pp6LIvRY4z2yj4g9YTCVOo_CHuhgF-INE6wOXEBdNUOYBOV0OuUdk-3PkB6P_9NwK9ASET9-Hf4mlopkwSXwXmcgjgL-ZtVZl6QBEG1lqmsBHA03U8FZ4LLkEhrYfBLbTCYHkvR07APrwATn85SfsgLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-e6khgGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC74wPSCAkIgOGAEBABGB2ACgPICwHYEwyIFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDYyNzUxNzY4MDI0OTY3MBj_1xc&sigh=XQsf_15ZzLo&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/10457689725214383873/ Frame B630 23 KB
23 KB 52ms
52ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10457689725214383873/2076313506083323656

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

665239ed8810651d06378b553487c8de2810edde76adb989c81bee8b92fadf53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 12:51:03 GMT
x-content-type-options: nosniff
age: 263772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23921
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 10:33:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Feb 2023 12:51:03 GMT

GET
DATA 200
OK truncated
/ Frame B630 217 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2724c563f011ecd36539a73f36c2ebb99d2a35e31d70a85425a5bc354510939

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B630 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88a3aadc803c8814d12566edfc7441007bb45fba85885a790e103fd9e05c72dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B630 15 KB
16 KB 282ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.123greetings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 245456
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:56:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B630 15 KB
15 KB 284ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.123greetings.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 245323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:58:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9033 624 B
297 B 32ms
30ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGPinrb0BMAE&v=APEucNV_b0UlF0pNJVTuzAx-_2FKDOtnfBdD-yHX9_oxPwKM12LMBrjKdI8QsCm-lMs5i066Lf4M0kH6KX7t1s6z6EUP8frP_VJBqht_dVsc0O8SG_X4AZJdgOTVwE_msAgZR0X9z15GQdmx5rMF0GDZkalkUxlUF4JiPNI_O6Cvm35XknfCew8

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 05 Feb 2022 14:07:15 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame EAE3 85 KB
33 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4e3foIWsfH1Nnsw11yhscthHILHKJlBO7_bE8SxSt7AD7SHoi1YHZ7temejsPIeveb4ziIQco7s76uYLahlhCEqcjrLGKDZ1kuXvkB9zLHGfHIbj2rYe8CvIEQRH5J1j9Q42ftLCWdW0eqDzUDPh4Wz92Gg&dbm_d=AKAmf-AM26R3o5WPLbXsMd-DiwuN0CtEdeOLzq6o2ZqkIEqoBar1uoV-eob_bfqszx1hS0mhrtEwarAGXxRS8dnQmQngntZ7xhDa9HdWMr9WPBWnLEs6QOzEYeVveTCi0Y2PNA88swzZGJXkb2lTKdE2Mtv_raJ4gNLEusgucaFqFuGPi1i0nLajOYEZoaZX9ZVWon39qwjlGMAMNKj3FjPw-Ukdgf4Un-56MerlunD22mQ6wMlC45bULXkq_j4_vAfI5zFlTc0bswBlO8CJbO2Lf_NqM6_QbQO531vizVlPoyEkdX43wWQkz5pZnLfJV2lZkIkOzVSWCjSDIFv-FuwxtFyazo722R476K91Ko_U1qPcTHTN_6ePNSP0J9fwFi_5BlD8DFzS_iALNP52PkSk4apXJHd0d1yWWaC-Vsaxp02o6Ldt9fflBwE3w53ZWrd6bPHV_ylVPnAyHbw4yeWeOg8W2Pkj7vbdKMLZMF7uHNJunHdAbJc5P-lDXSbhyfjPu_XM0s9U3A15R3G0g9eY8ai_UX5LmOa7ikNlIeMWlLX20KdxMXCBq2s7QfBSKiD5Pc2WVQUetRAGZsRs3ugXuHtPmuabHAL7QKHZeVQ60PQq18T3PcX-M7Bmkz5YgkyGjFh-EGttG-xMx_JJFSbNfqKnrVFq4bEixCsMTijyoap2A812s6NYmRxVyhD7BSArFesLDnwbv75Tc6Wc4FXvQSB7U6_0qA1o8QTVwuwxbd2utdwjlZ1mGOmaJ3EWCk6SwDBw7dlDwUZMKduAj7JH1c7sGpJSnSD0dS3h7qSlzkevTqXqlWJBVwxQwulGKgTSZLE0o7ErrXwC36lRyMsdivvrMW50JwCFl0-DNqfGY_ry5V0MIcIYvx7OqcIDtSnGMCwA-ogVevuP3OOS8HrA-UvQyBpw9vOwfcGIAB-MyWw6OdupqJx0Cy82HPTc6rcL2Q2fwhE3xNotLreE8xHHZAkDoGiSi2XFIRU4P7zpibYOOt6orWZ0QJ-28m2JevuDAS6FSNzHgXOpXHQ2e2mNeyEQNBFq2sPTXRAfgXmclULMn0JgLCuofnNgMrWrnGNHEb-n-ymTvHmrZHr-NxXX5maa8hbDYH3EZhwGX3r6GtKkEzEq9Ekryd5n4BNNmU_6ChDWD5bWIbB7PAvAsAnfAXD9Ocsu82-ahAJDOeCmU8DJCMLYX1NlRxl71kLPPeG444ag_a75jJoWjgbDUJXqUJjN9kqnjkv0vbWlMcKNhPMz5WIUrBfQIdXbVKBWzey5QJBU7zLsK71iL3KbpPM70Vaea-CXrWAwV-jyIifjLhHPEr3B-EXIUa3_QvaQJGd_BR8brfGQ0sspQG2WkgHQyjJRU3uAdtM9EgE-HDD0zNDtxMGqdKfADnSNMchUgG_G3YjNR9F4IyLCk46r_Ek_3V0VJRZcxh_oL7vyug3DrXE_2s15L91iE9uK0nJlKAAxRDLjrvl4gmwH1mmT8SfB6ijfpT7L2tMyq--6GOTDOQOziP4ahAuDnwFYkXIIJpVQ-s4kmcNXDbttc5pIyrTGgfCpQJk14xBmsx2vFW3CPKwT8cFSBwdSNjWlQr5oNJSMVIVXr9PU83dsPTqL1jmuSmByU87qrGCKFlFp0oA8TR9khw6-YR9rW9aa6erMh9hD9BCdVC2mwT7MeGDowIk_hkXsNArlUVptLeELi_ok6BF-13dGkowh3gUq8PuPgvEzJC35lbiHD-q4z05ktr16UYyYPsSmMAUjseIa12nBoJav7ziVaQA3VRLcVu_KJd_NoWjQbDRbE8Jp8SLkIZFXdj6mjDk2j-PfdyZ5v8kCrhMVYUITGV2sDzMHhIxZloRXWVAFf44tCimKKoIUxIyxNiYUNv6_ezGR9HCt9pldPKtJU1uM5l_nVnbhsVrIr3Oa3I4LkooGIP_-mgVLeXJG6FCcDAtaAWKpVB4TFSbPKK7yLwFN6kxDcSAf4qHlw1MwKF3LELiectLRvPtN-PAOL51yfNT0ryAWtHUP7WeK_MdytTzjcxjfYVYDCG3l3qDfrsMNB34tPlx40kJVTPIjPgHBdQgBR0b1nBsPPgc21K4Pwwm7XrXs03OpKolgmBdeIJrEP3HbV8YXg0xKmmcI9zz5j_56XNtEGLkBttLEQkNzyqK11JJFlWPuuvaq9cHdkDfuudva8OJDgfLOIabkz7SpQiJqUfR1HdG8joFgbMdxjrzs_2a-kCItop-1Swh2LW8GjjG6wM84OgcSsmqvcHiXzp-CyyfEqRpb-yk90w3A7pHcDje6vBY03dy9d5Ci_uE8IUvDPoSOf35nCi2yPcg3p5gz9stQqCbAoz4R3WJPZH03h-sj1VRnzgxjE884AFjjGUxcf1OGVn6O_lPjsk-zurOz0aXz7ixfFP5WdOHPWoKGIsV06bJEvuKVejlALDtEqmQ7y700TohEuesNjciKHgEj-i2MjSzCLLkpzOK6d5FqAWx0iCJzIQGnPOz5vL9kbNY1HIJCC3uVQhrdq6TsDB_pcD3MU4S8Vi8cu2jKv3duQpQNY3AnftfBKEny0cIwpqmXJ4ls5VwdynXGswHhfJgC2CNk63PiyPBPw_n2FY4ZM7C3rQSNTM0a-dtWHrasJcZY3JccBcJeajCeWAkkTmxfq33EfVLQGlXSWtYUT9gv3VRjwOQd_p08aTHt3vqSd5leitAyVJy6Ob8z4mIqz-mnLz1SNYGOBGNQ-AbaZEeLS4T60Y421GSsGjI0oI9JhcpsDUHXQlS9FchejkUVuCifSqTRYXmihy9vQCwQeTReRK9oxB4GR15wPfox5_P3WgHK0hb3_cu0ooZEzo0KNrCbh8yZRmP9V96iM0ijllMNxAowqz3kZQWpAO3AdjuF_vTrGm5RwKWWxYhp89pz_VQH4irGF3Y4q8loZSfdDkTJe2ZTJpq75F11lej-QIhQLqCneh--KqI99hVw58Lx-XsKRBfKlDwC40RrZIXR4PSoIKI&cid=CAASEuRoBhB2cTCP0e3HsM7D-2MTlw&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6c5cc018d723c9f2389abe37e105bb44b581d9d8cd982ad70a69e53dceac8ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33899
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame EAE3 42 B
63 B 51ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BinaceZM7a8tKRbZa5i-KiKljVp7Ztc5zZKKDRbsF-1sIk0GipDyqZ6z4M5nTrhLuXS-QlP8o1IPSwYiJIQaxck-157XKkYs3-HhZGJbsBwT1Xvsk

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame EAE3 2 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EAE3 123 KB
37 KB 116ms
115ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame EAE3 14 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EAE3 0
0 30ms
30ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqiZDSkfvv9gIzTe70bz9x0NmUJtAeABvsLpYh159IqpsKsoIXTy2HKHRLLXZbpbzaKxDukM79l9UPUp-sjdhWBWEHbQ
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 40EE 624 B
297 B 28ms
28ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNXahbM-0CSjHs2oEb1Tz6ld-cfX-N5MMvv5m8mcwZK0SzaXVGpkYusQb5FOr_bwlTnaGcwJ3JTakINDV9wEhby1W9TKvQDCzLWMD8taTh3ikym0su0TVIWzG6d-OHc5pjYaHaFUpAqcz8RvvONCAP4QEJ682PoCXmzySANDpe97LNz5RSg

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 05 Feb 2022 14:07:15 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5CF1 85 KB
33 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmjoowlHt3LuExm1kNyIqd9nFuUHtYRsWUW1kvDRFzj9NY96UVNxDumziqMn2o7MRls4_2WnN_kG1ZxrvWq8tNBRhb1W1cRQw0-CDyl3feXLtRGoZfK2tosoW16-LdQEuP3G5TiS7kK-E66VgbtlzY-vXtwQ&dbm_d=AKAmf-AhpdqKDTB2reYS0Zt3LPGHdGNrRfW-u6IzfUjrkU_T3rlu4SSYwh9ZkynJBgokJn64JzeOcWZdB_LD6lERZ4miJpLFOpCiYlz10Zzrjxani8SH575ARYw_yGBXAoIiaBBGNi8cSGcYPSffn_NW_akfi3TO2GxYyRq878UuYiFZEgsHrPG3Udj4JeP8Hd2MFaJAdZuVGEdmKmQ21UUn0whkNylAb-W75FB0dZrqYwpxdWx7_-nPoZG01oU3f2ntXfwvFzsZSeX7hQqFqpTkwssEz_WfOWohUdqS1kK7iazD2LAoGB_-V7ti8PqxuPe3f9bob8NQhUdzlA3nUvj-um2jtBNEDhxVDzsEv6TLJ1zrmn_hgHSGxeXya6MRgJhPetKgAMFGnBZyqLHdZfRRr8kgusncWQ_MWAe9NdPdk8du3ygR_vhYw3TRLxXp_ZS3r2pHNE9sGcBzro_0V0yIPic7WQsUnZoS6s0vm9FUBsRXJn3EXi84KCrVk07lST7EyN_OpURpdTHBzz_ZwhIR3Li6d9pg8rg_7ag5IoLZz7qhA06--P5pi27rcmt6m3pEMGOj4z98joLKRM-jMDMnvhBRtW0Aqxo1lWItOz6rMWk3O-l6g9nlDml3SX2CV7p9eoc2MFQ5xpgoswKFtMrb0M3TTFwwYyWzMtwsvgFlCjpoJKm4pWHOWW67YkSwVBmGu_CRkkOU4B_qW7y21K0bd5doOyaiSBiPPgaJ0e20HgJb54ScqeCW8ziIrkIrgkcgBH8qwhpx3Qoo9Qgm3jifGOww0mwlPPFRfXQfbXdx_GSwxsFiHiRCEIjOUiN-vjk8xg2ar5HQU_S8tCkYRVw_fcNOWv7W2ZPQDwiZG8RA1kShxQYQ3ZY6mBajyYGUge9c_34Aggzb1xW25p9I88iANhvNOkDQxF2bwEBGnRERPWOKvVYLi-dOaLY9nQSfJGI96fQ1_OqOTZd0QZQWJbloY44_QgZlUA6ebvwrfg7PoxHq6HieAJrcl-1D-zAWLkdMmSNyLs1Ulu2AdpdacbR9a3h_NVu9B3VNBHCqRMKUMi2YcrG8F9I1L3761cbPIwGHXLgfNiWkZF6s2aojB6TVWrQ0-l6UXshnMNiQLRP8J49jL4m3KKuN0K9wCAYo94U_eMf7NOcaXd9Nme_ZVZXG3Yv8n3QyPhhOsyRYwDoxvf0voQMeO8t7h39L9Hhua1zc915cVNUStspWXG9LJKLZOREWt5p7ljvq2GROnI-rYNd6lM8T01ovcwEDE10MkFL0iyDIxrzdZnT43ptlX8Z5-pq4VFRZMao1tT-_BAFVkLcOAmhS15hhQihtVEu__HfkPVIGwaOVlcILHJ_2OIlPADCsnp-SJGTLT3XPbWM4vFywMZy8725QLkIUl26y3CH5KX5DEiJehSQcwApPvWv91VWNgkzBbJtoGvgMnOf9bSHUi-j3XuT70c4LYL-2398jk34YBgo5YeByOEk6Xx6epgx6dK6JZhurU4lajhRFOZcZwMDge0oKH_szp0cJVcZSn7szdMrasm8wAOKNcG0xoL-tktAMMmFtBVG9moh5YripvwLnFFgIXOhdSg_XyELSIRy69X_FJjtEbm5az_xCOK5NQRpGbFZ3wnTqOV8JvPCtwE545AWDm_-N1bGRrHq0zrh6Cupt_h0ByfioZeurbF7U9ro_z3P2vztyzG06My3gYTVMVBvs8cqDai55cA906TslSvTYvIIC0yo15TBwdc3nvReGa4Fu__19m7cPBhfHcqtf2VNWGoBohsqSo8fAp9VT9y-VF_nIB5cwnrJDwGQszlYvwJBCQhb8-sdLEFqGKDFp_1IBWhARE15TaYADG1DhNHTe2wgJLbCEPPADvNh2kmyWl8KfmYfXwIRDbvktGGjaDAjPjTM_ASwR8u5ygx_6D275az2XH0spJaD9jFGL-zqG7C9s4I6tx06oyTJK-3_pwaG57CofTZvKUjjbcwunYNa22wrz7VThylY9GK-B4TltNJM2KO5RmAtz_hp2sqHQVKOLGLItZJ1GYI-9If-Zyr8jz_kuA1rZ57T33cgJpRo0EujPW9-eG2JHEfCcZ3JWjyRNNsk0ht0FlGfGnflNYeH7N0DDUNhmsDQeFwL-C9lgzL0-DuaDRlmYPyuAt3unlJgu0EJePbs2fKQUzroo0dPzy1PvAWZEo5hys2S5i5OcXit_zB6Hbhbl35FMe-UiWvv6yCvgLsQWhGIzRPG4xs5HsJ1JvgJO637PRoVoI8knrREj95epDzfdlLcmYfsegrN8CXGO_Ut0X3ofhfydvvGoNpDt86i8Er5xe7CPKG3DRWM1iJRyf4xweS57o9Nx8sD4R6JYBLRTLRmMXD-KdSUP8j0DF4vA7O8TWq1GNxm6xzUTWV9b351Gqh-yU2rRfz_hJGgosbRndb1XH0Lm85z7_dY5z4TkCd0YRAzJKJUyMgVhcbTB4xnUssl5N4Fpzam_di240FIehMCWCnriv-cIRzK4YnOkQfFyaA9npKqQ4xEEk2fMJlPoW4zoZ6NxF5muRW_NnJKQNBRj1uyJdyo216DAFGj8fRQU3fZd4F0WAOMCdmZAcyNgdm0pbzJYGvNgsKZcgz59k-ndQ6D6xdJNNkDoQ03qSkrS9lZmq_zkeOfy9XQQxMnuRB2pDgdOsc2jwtUd6Eqiw9qtHSARd7vWvbsbIE1_0YrhJa8wg4D4FKOCgQ7utLVG9TCjLuKD_RbqlzzPBqwXcy7AR4hlLQOfJrPZDrx_QYXUXcsicB1M0Irg-R1Q4Cx-8WL--xLOkMoL-X3W2HkfIH1yHqFxnz65qtptxHd10yzdghbehAAv6OmD6EQ9CD-W5ZwV2g6gWQoegsVL6p8cIaLl17A2Qh0lsYtmRuOGHqAqZYhlxfvS1aYo53KfhFq__rRh12I4f-G759erGWITzUkufancAwWdzgzXU7kz0TvhIQfrQVpD4Oc8L7EI-0oihb4bCxUwgT7SeiisFJQUTe2X2JQUmHAHLHA6Rou1JqKYriZoUnm8jA&cid=CAASEuRoFXLtAej77_S5B5PW_qPzJg&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35fbe12027c6736c2c30fc82336e5c58e1454e24c4d8c484789c310c0f94d31d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33970
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CF1 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AoYRHFZAI5UkqUgGEjogWvNvLw3yzTwxcjD97wJQ0hQ9zm4uo31F6P77R7lXzI54lGv50L-4UvDIK32dAJksp4XiP056mrjQCOZ9GKSEWpYBFWa4M

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 5CF1 2 KB
1 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CF1 123 KB
37 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 5CF1 14 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5CF1 0
0 28ms
28ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRegiFmNIisf9jHC6AVqzg_5px4e229QFhB3mAyiT1twd9dGXlHIW1RPXPyN0uoN055hmB35oZZ9RUk2zvAZozu7rRpVw
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DA11 624 B
297 B 23ms
23ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_NTjwAEwAQ&v=APEucNUBRTZK_zPkfmrg7zDgI63cM2vkbZtrkBzfSO6fMuI63RViJnohnS3UuA5ygb_KKVIRJfkAOj0_VruLKqLHsPSqNLUzU1NuO9jBu4_5H8Hn1YrWK3zkSIPFWxHQ76hEaBVFskCZWdi4EQPzukkYTwDhjfK4PuyBl3tNGY9c5RSk2nulbaw

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 05 Feb 2022 14:07:15 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 92D6 79 KB
32 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_M3SACWcGB3DZ-rMROzClqnRY8h7OJjT-SjjOVgmMhpUqGqdl0_rZgDsmc-1OsyHpNQzGQrwu9sxK4aS3RbneRYEYjz7XBdu0Ga8VDGgkBHjdIsUh4eWiE3Qu-6JF5kw-09cZy2dZaF18vrl-X27dXpkedQ&dbm_d=AKAmf-AgV-ryARaUBaH-elLSw-znt8gu1I9OFUpaDaKGqdNluHpOjMlksQowAAbHxHdEsaR8yUTMKJEs4uj359_mWKCLMsxjLQf8LIJ92SocdwMdiwOjnzf9D_I3SHioVmHpm99XtykUDLzySh213nQGZAm3XNFn9_tlhr41j7KvkZZsSj6ZiN338xMx8u8XbnT_BiFXqyJXatIkF4CKHw2fOUIttYeVIFyKAJDvlUo4B6CZN3NCGHX28424RdKd9qr5mUC30Tf3zlJ3Naqh0pxlAw9QMQEMoTi-wpBtbts-3U1dnxkwqZgYbvFjcJG-WmKOmabLMFh_nFLpwxRFsV71tvkQH4ytA14QudQt4IfQkmdGh9K_LJtW5UnLNFbQlPTmDn3rGWhT_7BDFVvd5vDq_NEvkewLIZKEqLb_Uqhb0yzpFaXxyUTHm4dMJxz0WG-xqrM26G8i6jJx6iMASV6Na48LJw6efG1LCf3b8aCgB1tYe1e8PkbuMz3D5ihBpFWEAeBHLKEbTJEbu7Ioy3zVdDyvBRB-9ndCeNVzCT1PblfITZZ77x8Ja-iC3cuFdLkcjBGGGcalfRoL4-_dgS2yuPbp6A-7_t7uCWPPmUf3wfmFzNi4835wTYZ1jqvmOP8ltqNC6NqVCu4zmlXl9finsobNABwALNa_F_3CD09UkX-JqS_Ebsa32yrHqMAdp_yAeqW2YWBLNVHdeiK0oLOLueSqGw76lW6-2q66LfDALiJ-4Hf_pV99_6wDJ9dxvXBIsoP-buoxvkxuh0Boi3v-Y-exVagAAnH6x2dDJ3VKYsp5lq6mfd3kgqOosRkQoZNCLAVsf7Aui4WEH8DVQCfgsC6HzWqaIR7qzQ61fdO8Lk42s7mMxds8Yc0dceZKBPZGOPjeQ03o1P58G2TTf3aglTiB-WRZraBQKwSMKxV4sXxUOBTz-hVGSDYEvhFZ3tApPsuOVW8G3Ak_zxF5oE8IVRcr1Aqt3svgU-PbbZoZXgI6IIkyNzeQl4lL2M84OXcsslY4BlZx_IsVoX5fCb8GGYUUym8sNkJiAznjJ1jWR5Da7Hl8OwMdf984pklDjEKZNkM26WnJcdiiigFJJcTqsh0Tqy9PCkiuwHE7OuYvLLee9gqOBfa5JlYCRJJkzRHtqlD76CxeZCapHkvQ4uo1biOsP844gDB72h6EKVYlL2dWa7CqnAKTOkfzrrESDjjW5Mh-WDWwGgltmH1ejkpeAdUFJkIxU9x3bIBtqM1qBggKIKVdQAXKk0eSqAEc4raASAq1ELOeBNIcTPIQYTfbFM_65dp2JAxlR-isBTv_Jpltbbbty3eccWRtoNeM5u2yhM6xgTP_Iex5XNVRXTDJjtAE3CBKGUm6gBMvYtZJkiIFXfA_Fw_yuPwYMYjBsyrDd9b-30S5KQEkuZvBDIkw0XTN5QbH2sWyA7HCPP6Mhv6TV5arXFhAN18IfNhRvnnLXu9-O2SCWynipmdekCL1QZemHazHQj5a8SNlemeA7MdQ0XBvcSJdssCPYo3IvBJHR1hUl7cqCMNUnYVeEkZ57OQBRU99cIlru9XSUwRI3vRowx3OXsNIU1gGDdc999_U66HYrl8qJtycpv06cFTbQdMAtVwlsci9DisEB---rNv5cZottwfYyTVyxQRGXWkNUagL041IpyZBjUtLrKRyML-tnTx61u-hMBFl1QTaUVh0HFb52qQZC_oIC7yLQf8fTgrUHdPI5MayGnCkIFprZtCpMAaGqAkThEtbm4tuyuemYmnud0zW0hPeMk5THsEHruF05EDOU3tvDftmKSDRsyh4oPVGYjaXi9hZT-nQBvVoywsI9BUcrGvlxrpPg8nuUnrW0RE7o2PfopeIMKVJipgxWmVw4DKf2d4vSv7FmIWvLJlgiHJ3-CAs2EFYPy6SQBOfo4xSuGG64rnReBLK09MpEIYJ5s_eylax7w0t4q38NOKEKwG4LD9Qdm1LwvjyAl0nQ6U8uaY0a2F-ytTKgRRJzVK7yXFrSAryy8M2GJ8oiwuE0c8YYWV8C-d6mJ_UQMIXB9vAz0uS9bDuG4oCQ5AubFwaBJkOVEKY10vYC6M9Sfu979yfq5lfb_kmhCHrFju5sX-d-h6alWVIKSmAMrO6LRA70lG6tQRnzRUIwQyzsFoxAo8F5tTfJsBp2C9G6MFweUqpP5LF2MnUTh6QF6Uy6NfPEFSsHR3z0IsaYYzAs0Z4Z8cUemzkVbiNJMLZJlhKIfdcy4lBOyzQ25sj8DFP2Gt2BdiU6lWKlVYGpX5OhQJ00bhNFuskkwakkxrZY4JRSjRV06Cy31x4c2Gz8lsRAzACNOWcYd6PYLyAeSLg3E2pznE7a80VEkL2EBqOBwB08WSeDp61Jqv5MrVfqduggbBZSXvWaYQLMlr72j67T4H9SOCLcMiitvn2xxUWA2IjoGZo2zW4bLOTnFIkxt8g7cgoEnjz2JS-n8KEFCMmUDkawdZebWs3X1BTUSeYW4LimgDmwu6iGQtyGCVnSTANsvCUxv18S1Utf1UfU9l5EWFgeg449Lm0FPJ4PPahHqjjCec7PgfJTLOGCh4O3UidlvY8NDenkCf92ySEjZEDfqeuMU0ca1oKCUPg8hlO3QNdZqhRwmH_7NgvvBRlRAWtQsEb5vQ9f5VSUmk4vMlQa7mor_xfiKHl0t9X419qRqkkkfwNL6ZNSStPFo4_dJdChiOYgW1_TMsMKEzQ330duh_QyS0Gwl9kZCBlVjE6grVGLtihEsxLhuFXOBXRf0jPiQuixqc0bf1fpEN1BM6XouRujezmXLLP5br0iyqWDKGXVq7t3rYDWnEtGH8cuIwkWKneAOnYMzFO0u9gDfg-dbDZ0HCfRYYqnAvSch0QVa1YuODgaJpwXze1YH7u8BERuFRN9nlboO191vMOxqAiBu6FTDBMq93F-idwDAKvz0XA9Jxk2QiMHDxODcpKBCBd8-y1idmO5IRyDjyqkhiVvSOZ5Q0dP6x7fR7ZNv6tlaoLIPdRoJwMyGqwL1lH97PajvDj49BO-CxYzD3ocrDhEdIlGn95WitEv0v7YsHljf0c9vj6CRgoussoPDVEVNwXJWsZUZHcDY7uHGjbpw_Zg00wvlCkwYBuZX2LX-WPolJl-8f_XW-SCLMTCUZOwhB8iUmDLdqFUjYsT2YJEjIxtUbd68s&cid=CAASEuRop7TjHE4moMDF9e4HHB3SNA&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49f7016d72b9f4a189ae03271059d0bb01aa0ab908fa06fd08a3adbea45b7ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32684
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 92D6 42 B
63 B 43ms
43ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DTsaqeXVm1Pm22MIslq7htEl_xsttOTv1Fx5p0U7fGV4xhoYO7P0zp4Z7Ug7yAHQ21_p4mkL8uJKLaLe9cm2dAJva1N5aCQQCdUn7-0A2PPtikdBU

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 92D6 2 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92D6 123 KB
37 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 92D6 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:57 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ Frame 40BD 286 KB
103 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

936a96afcde77875ce1b932be875ad57396d7b54dafdc05a190c994d14112630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105569
x-xss-protection: 0
server: cafe
etag: 737233414951617841
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ Frame 13BB 286 KB
103 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

936a96afcde77875ce1b932be875ad57396d7b54dafdc05a190c994d14112630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105569
x-xss-protection: 0
server: cafe
etag: 737233414951617841
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
DATA 200
OK truncated
/ Frame 13BB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5553667ede613433132355ecf71ca6198df1e2e8b94c213039f8c096fb694b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B366 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3236b3b82b99ae8d074fffa1b94385327d4a63bdb639602e7f3e33d4c6e8a8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 25BD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a9160be38896b965a6b99b9249b437dd0e4a5cf9fa2400e1b21aa5182ae0cd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 40BD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47caa86eab1e0d1d82c047b091ddc85ea4c96e46f8bb1001830d2296b8d760d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 05E2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6283edafe2a9232fed2eb5a06e75304befa95e05d65ba994b3bd819b8cb08f9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/ Frame 05E2 286 KB
103 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

936a96afcde77875ce1b932be875ad57396d7b54dafdc05a190c994d14112630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105569
x-xss-protection: 0
server: cafe
etag: 737233414951617841
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/892768/59097903/ Frame 5CF1 46 KB
12 KB 752ms
346ms Script
application/javascript 44.237.151.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/892768/59097903/skeleton.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.151.190 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-151-190.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 8a26d21843d898034492431179529f6bb758d862d2156a63f67947a5b2ae3839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-f1: 1
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 5CF1 106 KB
37 KB 117ms
18ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Origin: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 21:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 21:36:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/ Frame 5CF1 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmjoowlHt3LuExm1kNyIqd9nFuUHtYRsWUW1kvDRFzj9NY96UVNxDumziqMn2o7MRls4_2WnN_kG1ZxrvWq8tNBRhb1W1cRQw0-CDyl3feXLtRGoZfK2tosoW16-LdQEuP3G5TiS7kK-E66VgbtlzY-vXtwQ&dbm_d=AKAmf-AhpdqKDTB2reYS0Zt3LPGHdGNrRfW-u6IzfUjrkU_T3rlu4SSYwh9ZkynJBgokJn64JzeOcWZdB_LD6lERZ4miJpLFOpCiYlz10Zzrjxani8SH575ARYw_yGBXAoIiaBBGNi8cSGcYPSffn_NW_akfi3TO2GxYyRq878UuYiFZEgsHrPG3Udj4JeP8Hd2MFaJAdZuVGEdmKmQ21UUn0whkNylAb-W75FB0dZrqYwpxdWx7_-nPoZG01oU3f2ntXfwvFzsZSeX7hQqFqpTkwssEz_WfOWohUdqS1kK7iazD2LAoGB_-V7ti8PqxuPe3f9bob8NQhUdzlA3nUvj-um2jtBNEDhxVDzsEv6TLJ1zrmn_hgHSGxeXya6MRgJhPetKgAMFGnBZyqLHdZfRRr8kgusncWQ_MWAe9NdPdk8du3ygR_vhYw3TRLxXp_ZS3r2pHNE9sGcBzro_0V0yIPic7WQsUnZoS6s0vm9FUBsRXJn3EXi84KCrVk07lST7EyN_OpURpdTHBzz_ZwhIR3Li6d9pg8rg_7ag5IoLZz7qhA06--P5pi27rcmt6m3pEMGOj4z98joLKRM-jMDMnvhBRtW0Aqxo1lWItOz6rMWk3O-l6g9nlDml3SX2CV7p9eoc2MFQ5xpgoswKFtMrb0M3TTFwwYyWzMtwsvgFlCjpoJKm4pWHOWW67YkSwVBmGu_CRkkOU4B_qW7y21K0bd5doOyaiSBiPPgaJ0e20HgJb54ScqeCW8ziIrkIrgkcgBH8qwhpx3Qoo9Qgm3jifGOww0mwlPPFRfXQfbXdx_GSwxsFiHiRCEIjOUiN-vjk8xg2ar5HQU_S8tCkYRVw_fcNOWv7W2ZPQDwiZG8RA1kShxQYQ3ZY6mBajyYGUge9c_34Aggzb1xW25p9I88iANhvNOkDQxF2bwEBGnRERPWOKvVYLi-dOaLY9nQSfJGI96fQ1_OqOTZd0QZQWJbloY44_QgZlUA6ebvwrfg7PoxHq6HieAJrcl-1D-zAWLkdMmSNyLs1Ulu2AdpdacbR9a3h_NVu9B3VNBHCqRMKUMi2YcrG8F9I1L3761cbPIwGHXLgfNiWkZF6s2aojB6TVWrQ0-l6UXshnMNiQLRP8J49jL4m3KKuN0K9wCAYo94U_eMf7NOcaXd9Nme_ZVZXG3Yv8n3QyPhhOsyRYwDoxvf0voQMeO8t7h39L9Hhua1zc915cVNUStspWXG9LJKLZOREWt5p7ljvq2GROnI-rYNd6lM8T01ovcwEDE10MkFL0iyDIxrzdZnT43ptlX8Z5-pq4VFRZMao1tT-_BAFVkLcOAmhS15hhQihtVEu__HfkPVIGwaOVlcILHJ_2OIlPADCsnp-SJGTLT3XPbWM4vFywMZy8725QLkIUl26y3CH5KX5DEiJehSQcwApPvWv91VWNgkzBbJtoGvgMnOf9bSHUi-j3XuT70c4LYL-2398jk34YBgo5YeByOEk6Xx6epgx6dK6JZhurU4lajhRFOZcZwMDge0oKH_szp0cJVcZSn7szdMrasm8wAOKNcG0xoL-tktAMMmFtBVG9moh5YripvwLnFFgIXOhdSg_XyELSIRy69X_FJjtEbm5az_xCOK5NQRpGbFZ3wnTqOV8JvPCtwE545AWDm_-N1bGRrHq0zrh6Cupt_h0ByfioZeurbF7U9ro_z3P2vztyzG06My3gYTVMVBvs8cqDai55cA906TslSvTYvIIC0yo15TBwdc3nvReGa4Fu__19m7cPBhfHcqtf2VNWGoBohsqSo8fAp9VT9y-VF_nIB5cwnrJDwGQszlYvwJBCQhb8-sdLEFqGKDFp_1IBWhARE15TaYADG1DhNHTe2wgJLbCEPPADvNh2kmyWl8KfmYfXwIRDbvktGGjaDAjPjTM_ASwR8u5ygx_6D275az2XH0spJaD9jFGL-zqG7C9s4I6tx06oyTJK-3_pwaG57CofTZvKUjjbcwunYNa22wrz7VThylY9GK-B4TltNJM2KO5RmAtz_hp2sqHQVKOLGLItZJ1GYI-9If-Zyr8jz_kuA1rZ57T33cgJpRo0EujPW9-eG2JHEfCcZ3JWjyRNNsk0ht0FlGfGnflNYeH7N0DDUNhmsDQeFwL-C9lgzL0-DuaDRlmYPyuAt3unlJgu0EJePbs2fKQUzroo0dPzy1PvAWZEo5hys2S5i5OcXit_zB6Hbhbl35FMe-UiWvv6yCvgLsQWhGIzRPG4xs5HsJ1JvgJO637PRoVoI8knrREj95epDzfdlLcmYfsegrN8CXGO_Ut0X3ofhfydvvGoNpDt86i8Er5xe7CPKG3DRWM1iJRyf4xweS57o9Nx8sD4R6JYBLRTLRmMXD-KdSUP8j0DF4vA7O8TWq1GNxm6xzUTWV9b351Gqh-yU2rRfz_hJGgosbRndb1XH0Lm85z7_dY5z4TkCd0YRAzJKJUyMgVhcbTB4xnUssl5N4Fpzam_di240FIehMCWCnriv-cIRzK4YnOkQfFyaA9npKqQ4xEEk2fMJlPoW4zoZ6NxF5muRW_NnJKQNBRj1uyJdyo216DAFGj8fRQU3fZd4F0WAOMCdmZAcyNgdm0pbzJYGvNgsKZcgz59k-ndQ6D6xdJNNkDoQ03qSkrS9lZmq_zkeOfy9XQQxMnuRB2pDgdOsc2jwtUd6Eqiw9qtHSARd7vWvbsbIE1_0YrhJa8wg4D4FKOCgQ7utLVG9TCjLuKD_RbqlzzPBqwXcy7AR4hlLQOfJrPZDrx_QYXUXcsicB1M0Irg-R1Q4Cx-8WL--xLOkMoL-X3W2HkfIH1yHqFxnz65qtptxHd10yzdghbehAAv6OmD6EQ9CD-W5ZwV2g6gWQoegsVL6p8cIaLl17A2Qh0lsYtmRuOGHqAqZYhlxfvS1aYo53KfhFq__rRh12I4f-G759erGWITzUkufancAwWdzgzXU7kz0TvhIQfrQVpD4Oc8L7EI-0oihb4bCxUwgT7SeiisFJQUTe2X2JQUmHAHLHA6Rou1JqKYriZoUnm8jA&cid=CAASEuRoFXLtAej77_S5B5PW_qPzJg&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:02:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 5CF1 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df94b6cedc01499d102054bb635b49f063b916765bee0c6dc1799e0ef46c217e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 7436944165253170378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:06:01 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 92D6 169 KB
59 KB 96ms
8ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Origin: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 18:18:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 18:18:38 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/ Frame 92D6 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C_M3SACWcGB3DZ-rMROzClqnRY8h7OJjT-SjjOVgmMhpUqGqdl0_rZgDsmc-1OsyHpNQzGQrwu9sxK4aS3RbneRYEYjz7XBdu0Ga8VDGgkBHjdIsUh4eWiE3Qu-6JF5kw-09cZy2dZaF18vrl-X27dXpkedQ&dbm_d=AKAmf-AgV-ryARaUBaH-elLSw-znt8gu1I9OFUpaDaKGqdNluHpOjMlksQowAAbHxHdEsaR8yUTMKJEs4uj359_mWKCLMsxjLQf8LIJ92SocdwMdiwOjnzf9D_I3SHioVmHpm99XtykUDLzySh213nQGZAm3XNFn9_tlhr41j7KvkZZsSj6ZiN338xMx8u8XbnT_BiFXqyJXatIkF4CKHw2fOUIttYeVIFyKAJDvlUo4B6CZN3NCGHX28424RdKd9qr5mUC30Tf3zlJ3Naqh0pxlAw9QMQEMoTi-wpBtbts-3U1dnxkwqZgYbvFjcJG-WmKOmabLMFh_nFLpwxRFsV71tvkQH4ytA14QudQt4IfQkmdGh9K_LJtW5UnLNFbQlPTmDn3rGWhT_7BDFVvd5vDq_NEvkewLIZKEqLb_Uqhb0yzpFaXxyUTHm4dMJxz0WG-xqrM26G8i6jJx6iMASV6Na48LJw6efG1LCf3b8aCgB1tYe1e8PkbuMz3D5ihBpFWEAeBHLKEbTJEbu7Ioy3zVdDyvBRB-9ndCeNVzCT1PblfITZZ77x8Ja-iC3cuFdLkcjBGGGcalfRoL4-_dgS2yuPbp6A-7_t7uCWPPmUf3wfmFzNi4835wTYZ1jqvmOP8ltqNC6NqVCu4zmlXl9finsobNABwALNa_F_3CD09UkX-JqS_Ebsa32yrHqMAdp_yAeqW2YWBLNVHdeiK0oLOLueSqGw76lW6-2q66LfDALiJ-4Hf_pV99_6wDJ9dxvXBIsoP-buoxvkxuh0Boi3v-Y-exVagAAnH6x2dDJ3VKYsp5lq6mfd3kgqOosRkQoZNCLAVsf7Aui4WEH8DVQCfgsC6HzWqaIR7qzQ61fdO8Lk42s7mMxds8Yc0dceZKBPZGOPjeQ03o1P58G2TTf3aglTiB-WRZraBQKwSMKxV4sXxUOBTz-hVGSDYEvhFZ3tApPsuOVW8G3Ak_zxF5oE8IVRcr1Aqt3svgU-PbbZoZXgI6IIkyNzeQl4lL2M84OXcsslY4BlZx_IsVoX5fCb8GGYUUym8sNkJiAznjJ1jWR5Da7Hl8OwMdf984pklDjEKZNkM26WnJcdiiigFJJcTqsh0Tqy9PCkiuwHE7OuYvLLee9gqOBfa5JlYCRJJkzRHtqlD76CxeZCapHkvQ4uo1biOsP844gDB72h6EKVYlL2dWa7CqnAKTOkfzrrESDjjW5Mh-WDWwGgltmH1ejkpeAdUFJkIxU9x3bIBtqM1qBggKIKVdQAXKk0eSqAEc4raASAq1ELOeBNIcTPIQYTfbFM_65dp2JAxlR-isBTv_Jpltbbbty3eccWRtoNeM5u2yhM6xgTP_Iex5XNVRXTDJjtAE3CBKGUm6gBMvYtZJkiIFXfA_Fw_yuPwYMYjBsyrDd9b-30S5KQEkuZvBDIkw0XTN5QbH2sWyA7HCPP6Mhv6TV5arXFhAN18IfNhRvnnLXu9-O2SCWynipmdekCL1QZemHazHQj5a8SNlemeA7MdQ0XBvcSJdssCPYo3IvBJHR1hUl7cqCMNUnYVeEkZ57OQBRU99cIlru9XSUwRI3vRowx3OXsNIU1gGDdc999_U66HYrl8qJtycpv06cFTbQdMAtVwlsci9DisEB---rNv5cZottwfYyTVyxQRGXWkNUagL041IpyZBjUtLrKRyML-tnTx61u-hMBFl1QTaUVh0HFb52qQZC_oIC7yLQf8fTgrUHdPI5MayGnCkIFprZtCpMAaGqAkThEtbm4tuyuemYmnud0zW0hPeMk5THsEHruF05EDOU3tvDftmKSDRsyh4oPVGYjaXi9hZT-nQBvVoywsI9BUcrGvlxrpPg8nuUnrW0RE7o2PfopeIMKVJipgxWmVw4DKf2d4vSv7FmIWvLJlgiHJ3-CAs2EFYPy6SQBOfo4xSuGG64rnReBLK09MpEIYJ5s_eylax7w0t4q38NOKEKwG4LD9Qdm1LwvjyAl0nQ6U8uaY0a2F-ytTKgRRJzVK7yXFrSAryy8M2GJ8oiwuE0c8YYWV8C-d6mJ_UQMIXB9vAz0uS9bDuG4oCQ5AubFwaBJkOVEKY10vYC6M9Sfu979yfq5lfb_kmhCHrFju5sX-d-h6alWVIKSmAMrO6LRA70lG6tQRnzRUIwQyzsFoxAo8F5tTfJsBp2C9G6MFweUqpP5LF2MnUTh6QF6Uy6NfPEFSsHR3z0IsaYYzAs0Z4Z8cUemzkVbiNJMLZJlhKIfdcy4lBOyzQ25sj8DFP2Gt2BdiU6lWKlVYGpX5OhQJ00bhNFuskkwakkxrZY4JRSjRV06Cy31x4c2Gz8lsRAzACNOWcYd6PYLyAeSLg3E2pznE7a80VEkL2EBqOBwB08WSeDp61Jqv5MrVfqduggbBZSXvWaYQLMlr72j67T4H9SOCLcMiitvn2xxUWA2IjoGZo2zW4bLOTnFIkxt8g7cgoEnjz2JS-n8KEFCMmUDkawdZebWs3X1BTUSeYW4LimgDmwu6iGQtyGCVnSTANsvCUxv18S1Utf1UfU9l5EWFgeg449Lm0FPJ4PPahHqjjCec7PgfJTLOGCh4O3UidlvY8NDenkCf92ySEjZEDfqeuMU0ca1oKCUPg8hlO3QNdZqhRwmH_7NgvvBRlRAWtQsEb5vQ9f5VSUmk4vMlQa7mor_xfiKHl0t9X419qRqkkkfwNL6ZNSStPFo4_dJdChiOYgW1_TMsMKEzQ330duh_QyS0Gwl9kZCBlVjE6grVGLtihEsxLhuFXOBXRf0jPiQuixqc0bf1fpEN1BM6XouRujezmXLLP5br0iyqWDKGXVq7t3rYDWnEtGH8cuIwkWKneAOnYMzFO0u9gDfg-dbDZ0HCfRYYqnAvSch0QVa1YuODgaJpwXze1YH7u8BERuFRN9nlboO191vMOxqAiBu6FTDBMq93F-idwDAKvz0XA9Jxk2QiMHDxODcpKBCBd8-y1idmO5IRyDjyqkhiVvSOZ5Q0dP6x7fR7ZNv6tlaoLIPdRoJwMyGqwL1lH97PajvDj49BO-CxYzD3ocrDhEdIlGn95WitEv0v7YsHljf0c9vj6CRgoussoPDVEVNwXJWsZUZHcDY7uHGjbpw_Zg00wvlCkwYBuZX2LX-WPolJl-8f_XW-SCLMTCUZOwhB8iUmDLdqFUjYsT2YJEjIxtUbd68s&cid=CAASEuRop7TjHE4moMDF9e4HHB3SNA&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:02:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 92D6 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df94b6cedc01499d102054bb635b49f063b916765bee0c6dc1799e0ef46c217e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 7436944165253170378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:06:01 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4B95 640 B
316 B 20ms
18ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNX0Rzq0JAYnPRPkZBupQXNbLZo-RqRvCUYID6Y5cX3mwZr5whp2a0eGHh3ICqWE-_7nn9Q2-8oY5lq00DS-wQ6h6XpOfVEOZaXt2aTpCXKrdS2LglWUqAJ4J-O4JwN7C4jRxQerG0JD1MuuVZ2q2EkFnZz0qEvR7GukaZBVVvwkAkRWpbs

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 05 Feb 2022 14:07:15 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3F3D 85 KB
33 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8nCn07roMMyIRs1r94b8U_nW43DI9whIwYw7Gjltb4-30t5WIGmqwMJq65lJr8ESid8IxBqGA9PC4AHrAEuqG2t4I9U4mD0CzGNBvxKhBwOrbw2Hf3DgUcBfajYXV-jUVCMohT1XwzHTpaXCSPCRtzRJgwQ&dbm_d=AKAmf-AQ9VL3s5Hpi9TNqIiFCGSwTnfvb-LSdXXDVcB-eEoR8rpEKnsmoGR9v6Z_ndli0U-td8lPIUzfLj_Ou_7Pp3PLhrIWLegb-z0xwSKqP78PcFqVE7ucyTBTRVZugah6pvFYveTG4l-ICb40O1ndQfgOF1XKVMNun30R-aYyE_2sRdJGQ-L_0a9fH_xrJqcYSo0lIH61SS9tQbzljaRWGYrnAO0XNUVl6FPeskd9jwvrSONFnFQhrPTqQCM4msU_N9pGgGL28DhoCBGeGbNgLtj693iMHtE5qzz1_Qje4aX-K2fCWCyQNsmID9cgCjSFStn68D9KHlh9FAyZ2hd53U_4D7X0S4TSYsZFOVo9gYMsLDvidz8PxTEDCU5rwD20KLosjUmc0xQp3_6xPBW81WZm8TtsxK6jU6HlJ-xVKhuezJxzaiK3ceCNj_5dfRk3mQqYReVmvf3rpL2B-qjJYx9sJTTuwUYU4htZqp_3_gRPravNV7EDQkQnMSo0ZgvqPR1o_valrFZBbgYgQ4wVG7vzo_3uVOi4x_tLIPjsRGAHwZNTzy7lRcUfNntFfl9y6NtGXvVAkGrmEtCC5y1L3UybKf5dMnjMX6n8lR6Fjv939_1MFzImrjOitb7icll3-muBJBxRvbqI0VmZyAyqUjm7pXatdksXweX9bMFXJTlRK8BK9VKpavfOGAgNE1x430sEvu_o6n0m9fShpvvMPdyTAlW-iu0tKSXUBeWyhuwWsYu93mzxdjzITPqMRS2RipxZ8tUfL4p_Y8-u21R8kUxja41q-_L86c3kLzBz2d4kSVFuA4U7nqURujEPLTiSdonlKhI5q0v24wWeJXcm6LbRI8taaprySMfp9uorU9ODkXKpYb9XowIHQYT8Y9QurwE9TJL5Qj8F8F9p_ZfbH6j0cbenRP49Q6zslSRnvh4FeMU9bk7D9n3Xb6_x4LBfSrsMfzLFl93PNLatFsmIZkF6yVSwgPFHdA2ePBieD0TDbqSqR31nDc3HvHezlYNpo4ztvhOHPL97UP7NIgpTxj75nARSbVwnQnPcgc6AooDQStKFwJr8HGkK4iEV5_XmgvpoxNjLdxbI05ZbqhGwWCyWGe4eivb2oyB_3Hsd30PGkS-Lqj3mbBnZsWtL8AvbB9_vqrEndUw4EiapiQ_ZOFIpkuoi5IaNAO1y7EQMULGb_b7TRLqqxAjUK6WsJKDt6U8GFvCFqfYqmPr6tdJaZs-wo6Cb6OZUBjHYxAlb7m95WXVvm56s7Jjwe4MnVMHuKGkXYh3Y2J8NpA-HeMleyTl1eKrcSoviN3Tzs5_Ch6kUxJiuw6ElOfMbiCN-xmqhYpC4pSn9WPxXe3E2cIH2Rudqoe7vXOHILuoL7JSA0FLHbmNr9X5x3ft1pxXLGogqBiJjFl54Je7TGdeFssRgZWOg9E4evdWXpK-1MU38AT_CLgxsx54_vrx6-ncnvJL7HNhv-Z0k1y18g-wOE3WyMehIHLyvM6iGKaUm6p0qxGsH_4fuXdxpeeE9XvOuvJHy9vyPjhyYmGoCCuHnc6_B2ElKMwL3WrOHa0S8o57K1bAStXrBfBsCZY53vlaRANZGZCG61u5dnu2d_R1qnArS6H62PXCSd6JK3Dn9_nAYI6BSTntPcwVkwXoLCirKODh7mtnnkRbz9Mw55VT5-NWWhcq9oz8U4imEfnxgwV-B8WDI16kTbXbof5efkhTl4Yngu9sJwJu7g0KWrb_U-gnQBCVuc5_TtfYmCZGLnK5UG12Oj662nmjxX7LF91FZZGxfTkYc3Z2Ir0jdgRMeNvtMmmQpCEJhV9nh9B2-XUGJxN3Rt8lOY8ilz60cZRBoRUI9MW9S0hCZsSvulRxEH4BBkHrajJ05c-7Byw3140VFQBr10ZPV1fOudWGW0iVcb_YQ7PRbTmGNU4rtFEn-ntFHmXR3QU4yMi8puk3B1UK3nV7UvslGWuW1QKiBWVX9aF2FDEidb03tOpvZstk9I25FqBHapMlPndVVCp3srET-1MdOdgnubPKLoAjjTp5B__Gu9hhoegnb8zxAAWHUj4IqFHjdz5wnUH2zGk-ptX1CCx9QrTksYcKi5FB6DZHb0LrovahuQvyFYlJOWdo5ydTW6ZF9ob7CwzRwBCzhp2aoX-CrG3T4nMp5Gn3mRrv6mrJYVGW7iMCeAePf9n9duCv_H4lprEF4ZovVRlvJokBTDAS2QKIgQKW93O9yrylAPjPu_a49sx05OC0HwapIe1LKbl3WZk4RqF8tm7J89SUaExZLIQ10w-nrnHkX1sJuyPItZPQMY7h_wgn5jpawghu2bmlsoeJuzJnWFYWJdXUx3aTC_mqZh4kMCiveBsheTG9UwlZzCtnV7U5ZKkHM37IiDGSZHZxOtnWS_ucGI-dzq25-pxoR0a9V6pQN8TBxCLhCygN5nkJg8WZ_yYAYCGWhuCdrn5aIsXu3Ut_o9CG3OxvkJd-rnt3tDl4VS8O_oup0GlS1vo-BVzEgTTUk9rvb3tqQ4AlJbAtNu8vn6k9TJXRbEq17fOiFvEP8Tsay6ltG_UajW_bYB27ie00QIpWu38W_Fgga2vGYyy2Cffg62X_LkYZZL7EDQQeX1LmtAtKXTwreObSrZsfZaHTbjHtphE0Q4XtCbuzDHho6Q6CiFTWSs9hcd6-qky3GN5APBatBPbSSwnsQL10aQ7DnxRQgH9TziC8HJanNOFqF4MZXl2H3efNfXunYSDUzjOvYE41dHx0vrOUtYFi0XcFtyNHM3jdQovM24CbJwhn0ywwhK-GiijyEVNopQ7KUK87tMulkbvRLV4a-0gzoFUNSC2tb9y3z7QCCjiAi46UUnDqTa0sye1y-FHetAAAu4nxEJy17uTUfxljSofOT5w9Q9rSp34hpWXsX3UDzowWB1Ljt2_RDgKUQdxM-5I5aKvOeS5faJ-a3HYEKTR7i_Bdj8FC2XILtPA4oaJptBLp-asKylQ_lh0f9y7HWVqVIwOzLbDdN71Wu5Sz-1fl_xw1dbS_wjMdB1R5DTg&cid=CAASEuRoOr0sYTC-NeA4doKBlHtOIg&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9e17cf3ea4e3a1c2d16021a4fbcae417def61f60fa5eececd48719b1cab35fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33911
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F3D 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9-d1PZKj0hbYcw5rekVf1uhcRCLRg4KwToG73EjeVfRomGTkKJ24Io81XRFzLbGPVIl2MyfDjvDH0NItvhZyCmYTaybPdaXNi_wmo5Ynq-WRS9H8

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 3F3D 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F3D 123 KB
37 KB 120ms
118ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 3F3D 14 KB
6 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3F3D 0
0 17ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlg0NLBt_zjJSLMaAl7BWF-JRnxza4gmn-leabBnKYBcIg7tmgA0vPrwA1iid4d8c2wytMlF0lXofS9i6KKnIqFKuUmA
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/892768/59097737/ Frame EAE3 46 KB
12 KB 731ms
348ms Script
application/javascript 44.237.151.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/892768/59097737/skeleton.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.151.190 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-151-190.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a86510b2cc06f107f79bf153683fff148c4d46da3ab1c23904c8851d23d3918c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-f1: 1
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame EAE3 106 KB
37 KB 96ms
20ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Origin: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 21:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 21:36:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/ Frame EAE3 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4e3foIWsfH1Nnsw11yhscthHILHKJlBO7_bE8SxSt7AD7SHoi1YHZ7temejsPIeveb4ziIQco7s76uYLahlhCEqcjrLGKDZ1kuXvkB9zLHGfHIbj2rYe8CvIEQRH5J1j9Q42ftLCWdW0eqDzUDPh4Wz92Gg&dbm_d=AKAmf-AM26R3o5WPLbXsMd-DiwuN0CtEdeOLzq6o2ZqkIEqoBar1uoV-eob_bfqszx1hS0mhrtEwarAGXxRS8dnQmQngntZ7xhDa9HdWMr9WPBWnLEs6QOzEYeVveTCi0Y2PNA88swzZGJXkb2lTKdE2Mtv_raJ4gNLEusgucaFqFuGPi1i0nLajOYEZoaZX9ZVWon39qwjlGMAMNKj3FjPw-Ukdgf4Un-56MerlunD22mQ6wMlC45bULXkq_j4_vAfI5zFlTc0bswBlO8CJbO2Lf_NqM6_QbQO531vizVlPoyEkdX43wWQkz5pZnLfJV2lZkIkOzVSWCjSDIFv-FuwxtFyazo722R476K91Ko_U1qPcTHTN_6ePNSP0J9fwFi_5BlD8DFzS_iALNP52PkSk4apXJHd0d1yWWaC-Vsaxp02o6Ldt9fflBwE3w53ZWrd6bPHV_ylVPnAyHbw4yeWeOg8W2Pkj7vbdKMLZMF7uHNJunHdAbJc5P-lDXSbhyfjPu_XM0s9U3A15R3G0g9eY8ai_UX5LmOa7ikNlIeMWlLX20KdxMXCBq2s7QfBSKiD5Pc2WVQUetRAGZsRs3ugXuHtPmuabHAL7QKHZeVQ60PQq18T3PcX-M7Bmkz5YgkyGjFh-EGttG-xMx_JJFSbNfqKnrVFq4bEixCsMTijyoap2A812s6NYmRxVyhD7BSArFesLDnwbv75Tc6Wc4FXvQSB7U6_0qA1o8QTVwuwxbd2utdwjlZ1mGOmaJ3EWCk6SwDBw7dlDwUZMKduAj7JH1c7sGpJSnSD0dS3h7qSlzkevTqXqlWJBVwxQwulGKgTSZLE0o7ErrXwC36lRyMsdivvrMW50JwCFl0-DNqfGY_ry5V0MIcIYvx7OqcIDtSnGMCwA-ogVevuP3OOS8HrA-UvQyBpw9vOwfcGIAB-MyWw6OdupqJx0Cy82HPTc6rcL2Q2fwhE3xNotLreE8xHHZAkDoGiSi2XFIRU4P7zpibYOOt6orWZ0QJ-28m2JevuDAS6FSNzHgXOpXHQ2e2mNeyEQNBFq2sPTXRAfgXmclULMn0JgLCuofnNgMrWrnGNHEb-n-ymTvHmrZHr-NxXX5maa8hbDYH3EZhwGX3r6GtKkEzEq9Ekryd5n4BNNmU_6ChDWD5bWIbB7PAvAsAnfAXD9Ocsu82-ahAJDOeCmU8DJCMLYX1NlRxl71kLPPeG444ag_a75jJoWjgbDUJXqUJjN9kqnjkv0vbWlMcKNhPMz5WIUrBfQIdXbVKBWzey5QJBU7zLsK71iL3KbpPM70Vaea-CXrWAwV-jyIifjLhHPEr3B-EXIUa3_QvaQJGd_BR8brfGQ0sspQG2WkgHQyjJRU3uAdtM9EgE-HDD0zNDtxMGqdKfADnSNMchUgG_G3YjNR9F4IyLCk46r_Ek_3V0VJRZcxh_oL7vyug3DrXE_2s15L91iE9uK0nJlKAAxRDLjrvl4gmwH1mmT8SfB6ijfpT7L2tMyq--6GOTDOQOziP4ahAuDnwFYkXIIJpVQ-s4kmcNXDbttc5pIyrTGgfCpQJk14xBmsx2vFW3CPKwT8cFSBwdSNjWlQr5oNJSMVIVXr9PU83dsPTqL1jmuSmByU87qrGCKFlFp0oA8TR9khw6-YR9rW9aa6erMh9hD9BCdVC2mwT7MeGDowIk_hkXsNArlUVptLeELi_ok6BF-13dGkowh3gUq8PuPgvEzJC35lbiHD-q4z05ktr16UYyYPsSmMAUjseIa12nBoJav7ziVaQA3VRLcVu_KJd_NoWjQbDRbE8Jp8SLkIZFXdj6mjDk2j-PfdyZ5v8kCrhMVYUITGV2sDzMHhIxZloRXWVAFf44tCimKKoIUxIyxNiYUNv6_ezGR9HCt9pldPKtJU1uM5l_nVnbhsVrIr3Oa3I4LkooGIP_-mgVLeXJG6FCcDAtaAWKpVB4TFSbPKK7yLwFN6kxDcSAf4qHlw1MwKF3LELiectLRvPtN-PAOL51yfNT0ryAWtHUP7WeK_MdytTzjcxjfYVYDCG3l3qDfrsMNB34tPlx40kJVTPIjPgHBdQgBR0b1nBsPPgc21K4Pwwm7XrXs03OpKolgmBdeIJrEP3HbV8YXg0xKmmcI9zz5j_56XNtEGLkBttLEQkNzyqK11JJFlWPuuvaq9cHdkDfuudva8OJDgfLOIabkz7SpQiJqUfR1HdG8joFgbMdxjrzs_2a-kCItop-1Swh2LW8GjjG6wM84OgcSsmqvcHiXzp-CyyfEqRpb-yk90w3A7pHcDje6vBY03dy9d5Ci_uE8IUvDPoSOf35nCi2yPcg3p5gz9stQqCbAoz4R3WJPZH03h-sj1VRnzgxjE884AFjjGUxcf1OGVn6O_lPjsk-zurOz0aXz7ixfFP5WdOHPWoKGIsV06bJEvuKVejlALDtEqmQ7y700TohEuesNjciKHgEj-i2MjSzCLLkpzOK6d5FqAWx0iCJzIQGnPOz5vL9kbNY1HIJCC3uVQhrdq6TsDB_pcD3MU4S8Vi8cu2jKv3duQpQNY3AnftfBKEny0cIwpqmXJ4ls5VwdynXGswHhfJgC2CNk63PiyPBPw_n2FY4ZM7C3rQSNTM0a-dtWHrasJcZY3JccBcJeajCeWAkkTmxfq33EfVLQGlXSWtYUT9gv3VRjwOQd_p08aTHt3vqSd5leitAyVJy6Ob8z4mIqz-mnLz1SNYGOBGNQ-AbaZEeLS4T60Y421GSsGjI0oI9JhcpsDUHXQlS9FchejkUVuCifSqTRYXmihy9vQCwQeTReRK9oxB4GR15wPfox5_P3WgHK0hb3_cu0ooZEzo0KNrCbh8yZRmP9V96iM0ijllMNxAowqz3kZQWpAO3AdjuF_vTrGm5RwKWWxYhp89pz_VQH4irGF3Y4q8loZSfdDkTJe2ZTJpq75F11lej-QIhQLqCneh--KqI99hVw58Lx-XsKRBfKlDwC40RrZIXR4PSoIKI&cid=CAASEuRoBhB2cTCP0e3HsM7D-2MTlw&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:02:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame EAE3 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df94b6cedc01499d102054bb635b49f063b916765bee0c6dc1799e0ef46c217e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 7436944165253170378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:06:01 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DA11
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1

43 B
1014 B

21ms
19ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_NTjwAEwAQ&v=APEucNUBRTZK_zPkfmrg7zDgI63cM2vkbZtrkBzfSO6fMuI63RViJnohnS3UuA5ygb_KKVIRJfkAOj0_VruLKqLHsPSqNLUzU1NuO9jBu4_5H8Hn1YrWK3zkSIPFWxHQ76hEaBVFskCZWdi4EQPzukkYTwDhjfK4PuyBl3tNGY9c5RSk2nulbaw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 05 Feb 2022 14:07:15 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DA11
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yf6Ek.-U.aWhgilL8nUnyQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_NTjwAEwAQ&v=APEucNUBRTZK_zPkfmrg7zDgI63cM2vkbZtrkBzfSO6fMuI63RViJnohnS3UuA5ygb_KKVIRJfkAOj0_VruLKqLHsPSqNLUzU1NuO9jBu4_5H8Hn1YrWK3zkSIPFWxHQ76hEaBVFskCZWdi4EQPzukkYTwDhjfK4PuyBl3tNGY9c5RSk2nulbaw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 05 Feb 2022 14:07:15 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame DA11
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1

43 B
1006 B

21ms
18ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY_NTjwAEwAQ&v=APEucNUBRTZK_zPkfmrg7zDgI63cM2vkbZtrkBzfSO6fMuI63RViJnohnS3UuA5ygb_KKVIRJfkAOj0_VruLKqLHsPSqNLUzU1NuO9jBu4_5H8Hn1YrWK3zkSIPFWxHQ76hEaBVFskCZWdi4EQPzukkYTwDhjfK4PuyBl3tNGY9c5RSk2nulbaw

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 432f0fe8-a921-438e-96e6-11a61c29f116
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DA11
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b3c08a93-f490-48e4-a337-86657461ecf5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9033
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1

43 B
1014 B

20ms
18ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGPinrb0BMAE&v=APEucNV_b0UlF0pNJVTuzAx-_2FKDOtnfBdD-yHX9_oxPwKM12LMBrjKdI8QsCm-lMs5i066Lf4M0kH6KX7t1s6z6EUP8frP_VJBqht_dVsc0O8SG_X4AZJdgOTVwE_msAgZR0X9z15GQdmx5rMF0GDZkalkUxlUF4JiPNI_O6Cvm35XknfCew8
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 05 Feb 2022 14:07:15 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9033
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yf6Ek.-U.aWhgilL8nUnyQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2

43 B
894 B

15ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGPinrb0BMAE&v=APEucNV_b0UlF0pNJVTuzAx-_2FKDOtnfBdD-yHX9_oxPwKM12LMBrjKdI8QsCm-lMs5i066Lf4M0kH6KX7t1s6z6EUP8frP_VJBqht_dVsc0O8SG_X4AZJdgOTVwE_msAgZR0X9z15GQdmx5rMF0GDZkalkUxlUF4JiPNI_O6Cvm35XknfCew8
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 05 Feb 2022 14:07:15 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9033
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1

43 B
1006 B

15ms
9ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGPinrb0BMAE&v=APEucNV_b0UlF0pNJVTuzAx-_2FKDOtnfBdD-yHX9_oxPwKM12LMBrjKdI8QsCm-lMs5i066Lf4M0kH6KX7t1s6z6EUP8frP_VJBqht_dVsc0O8SG_X4AZJdgOTVwE_msAgZR0X9z15GQdmx5rMF0GDZkalkUxlUF4JiPNI_O6Cvm35XknfCew8

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 692d6f13-c924-4e47-8b48-cb6806290975
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9033
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 81fc8e4a-90e9-4eac-9b54-ac1b78e2081a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 24CA 499 B
334 B 20ms
18ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahi0-pq8ATAB&v=APEucNVEQmfLh6CUl95L9HdNiW7gWq5nWdIRgooZ4ocXxvNRl4KjfE-r_cTaT8Jv6rpr-NBFQRYcf9dHDWUwVIdBDx4c4rJf4RLq_SYGb3T105d2GeRCw-Lo5YbbCn2vp_J7Ib7MyhUz9fnpuAlbbNhQ1wfq0so94ABjRMyuT6uhKYffZ7LLmw0

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 05 Feb 2022 14:07:15 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 4DF6 19 KB
8 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:24 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/ Frame 4DF6 6 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 13:38:13 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4DF6 0
571 B 142ms
84ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoLv0SKVHpQu1_dVhkvTz7utXdanE4Jdpeth8vEq3M-ffk52cPqG6hbKrYT7DLq9lL3o_OA_pnh3l5rjnCJo__uvOHBiJdGpjRU9LcrPRowHmuLijTN6KRRpLwWlHPBQcIhw09KlYJCJRfguFbeWz1jwQYNSWmf55y_ZyaCRxz2hx1-DUt6uuRLYhq189Cia8XxkVrckJcmW5WJTLqR8WYpdpJeP6VwSUJRr50LwPjIJWFdYcOzVoFDf7l5lOydLGr4anyuiaUsbK3b4SccIHyDRG8Lid5mlNs-1EUd4-RkvOU66Y-KIPW_oqQB_33qWJcpEna-ZC4LlheBMK-BJnYGxVkrPBeLpvAKQEImf1Y13oxQrh4al4KuCYri2Vt69K6Mck9ZM8VQOgMEXNXpOnqBO0xjwEv7ooc2IauzN7jkkv6-YyZnLN1yJIaFilMXHI9Pq5EAvQ5VTvtAQhYkgdry0z1rnFgGQu0RgZd5z8COoinFppbsv3i8_UGO4eA02nW9ku2JGLuy1fPW4pqtdrZaXRbktndIZpt8kU6SPzj08wTn2IQUeL__KjGmvqMVJF5ZDW7Pn2AXxHY04C8Ucfbcalne-qHVCb5ommeTumkYv9fdvU92iH2Fklf4C27gNgys2ksPELCz4LzfaYzU8ZeqvGdtMURDDNSEo2oLRluY7DuH8W-sD2ZDqYh6p6vnHH2gwpDHrMJXZn9uQ4AOsccYm2-KPB5-LTa7PBrnAMLAen_M2GDJxek_iza9iLaOOLI0UdYHRs9sHPd3D0oKp7SpSuFIkaiN2ACx9ySIktQDM8WddnddIo62jI8hlNgU92EpwhW8pGWPppScBrgKwGeQ6kdSfJIC4x3CbFQYOy64Ajl2S5LN6jJ-4u0zme_H1yA2h4M5Sn3ntSbS39OGBNGqG3__AOUBFAk3D_CCTQ2xtRY8TtoqbYyTsmbOMfszyEE67PZSNwNjtTR-X14WVxMEioYZ19zC8W5cUR1XoOjtCiOO6q1tSDTFhYzW2nLWhsiZsJPWxysaUMZ5hU6BbHgbp28VDFEYTt18TveBBb70lTFJLdDRdFN9_tIDbOGETzsZdGjO8zYbq4O8Jdw154A_NrnuM1PJ-9YJwGK8-ucZ4Ncgu-tkjEL3r88XX__g3zaxuRA3lpyeSy8oikO-pGr4R155lFxLm7FCjeEk9JsJpbJmlV7-o9_RweMhUnyWcXNBuxakz8FeilT6byFPBFDaufF70KwoVVxm07UXjMePHD4sOgy7kTLmDj_vg&sai=AMfl-YS0rLGhFGYsSFB_aJPOX_UzNymmbPHbk11biT8kvrrNABYiOIUzg_0UEtC75-JjIxn8DmTuWh86uWor5ayJiiLH5Tzlxtf5avx-j6uEGo9sNVk_9ny4NgjOx1LpA1rCwzathc_ylFovBBeeZhMfa6NiSC-yqph3bKD_ttCDoszaKIb_ouKhOq8xgIhesyLLAuR9b5jsr4iJPRmiGiNTkH-xcFit-13JBJd2GdEQsSkBkY2znpX-V0JSQtOF-ZvY5676S6KQhS9lwRCASt9-FHoNChPEnh9gn_VtvCM_Kfvl2ZIR0r55GgaycUTMtl8&sig=Cg0ArKJSzCaRqTD_eu64EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220201.26924&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 05 Feb 2022 14:07:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4DF6 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Feb 2023 16:37:12 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4DF6 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmChrEhu20le01ns9XYjrnoNpWnP4-ZcJ0iqJfDvN6jaf7xGk1iLUTwc12j-rgRrISXgy9IygR3WSWdIgEO_G2LeUNiMDDnsu70P4hsi_vsV-lpl4

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 4DF6 2 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4DF6 123 KB
37 KB 132ms
128ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 4DF6 14 KB
6 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 138
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4DF6 0
0 19ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAbOYa4ZmhVW3ZeVCKvNuZWhZbwx9-3iYwYnqdrYXc0-xjZ4d2wgSMBZsmSLXDI-bV_ZCF1aQFg8KLtKgUNbkLcDn7Ew
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 15717162577474464928
s0.2mdn.net/simgad/ Frame 4DF6 7 KB
8 KB 57ms
7ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15717162577474464928

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

464a10045129466e9a3f4c3a7bf79144eabc96d53dca239b01f0464e1cc98852

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:30:34 GMT
x-content-type-options: nosniff
age: 427001
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7148
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 15:39:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 31 Jan 2023 15:30:34 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 40EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1

43 B
1014 B

20ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNXahbM-0CSjHs2oEb1Tz6ld-cfX-N5MMvv5m8mcwZK0SzaXVGpkYusQb5FOr_bwlTnaGcwJ3JTakINDV9wEhby1W9TKvQDCzLWMD8taTh3ikym0su0TVIWzG6d-OHc5pjYaHaFUpAqcz8RvvONCAP4QEJ682PoCXmzySANDpe97LNz5RSg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 05 Feb 2022 14:07:15 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 40EE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yf6Ek.-U.aWhgilL8nUnyQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNXahbM-0CSjHs2oEb1Tz6ld-cfX-N5MMvv5m8mcwZK0SzaXVGpkYusQb5FOr_bwlTnaGcwJ3JTakINDV9wEhby1W9TKvQDCzLWMD8taTh3ikym0su0TVIWzG6d-OHc5pjYaHaFUpAqcz8RvvONCAP4QEJ682PoCXmzySANDpe97LNz5RSg
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 05 Feb 2022 14:07:15 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHJiSvDXC9hGdkBldReQy44&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 40EE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1

43 B
1006 B

12ms
7ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNXahbM-0CSjHs2oEb1Tz6ld-cfX-N5MMvv5m8mcwZK0SzaXVGpkYusQb5FOr_bwlTnaGcwJ3JTakINDV9wEhby1W9TKvQDCzLWMD8taTh3ikym0su0TVIWzG6d-OHc5pjYaHaFUpAqcz8RvvONCAP4QEJ682PoCXmzySANDpe97LNz5RSg

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cdafb448-22db-4827-b798-f4d220380565
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAgsqw_2-COtMN55nDucyUk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 40EE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e2b63d08-f142-4004-9010-afd79885cef7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM0MjcyMDE0MzA4NjIwMDQ3Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 40BD 220 B
228 B 21ms
20ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4456cf81924cba5700b182f3b9c8551a3e5a6dd554b3d057e0b0937418992b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 40BD 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 40BD 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D26E 68 KB
26 KB 342ms
341ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5968639485&adk=2761460659&adf=272530240&pi=t.ma~as.5968639485&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035293&bpp=11&bdt=132&idt=221&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=2&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=1571542740&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2048&biw=1600&bih=1200&isw=300&ish=250&ifk=2321873798&scr_x=0&scr_y=0&eid=42531398%2C31064036%2C31063221%2C21065725&oid=2&pvsid=4306747683082109&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t5koc7w0c16m&btvi=1&fsb=1&dtd=240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98dbce2fa38f8a1dd879d6af2eefb8f98d274ebdc2474343da7080d4db8a776b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Feb 2022 14:07:15 GMT
server: cafe
content-length: 26500
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 13BB 220 B
226 B 19ms
19ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

433a68d66a17c3497cccd2146100d29d923d7a1c81e561f2070c43863eb71f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 13BB 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 13BB 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E8EA 69 KB
26 KB 332ms
332ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_LMrec2_16526K&adk=2587679829&adf=272530255&pi=t.ma~as.Google_LMrec2_16526K&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035305&bpp=5&bdt=129&idt=248&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=741711046&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=1330430865&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=2398180986554050&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.33jngu59ejlu&btvi=1&fsb=1&dtd=269

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62ea985a30a4c55c41af4d0f2c968e7152e1e04bb8a96e4b5d56bbd2cd75d200

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Feb 2022 14:07:15 GMT
server: cafe
content-length: 27043
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 05E2 220 B
232 B 15ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

523daccd0e313416b532fac77822023608bf94f7972513da35c57e32a8f69bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 210
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 05E2 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 05E2 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6E08 81 KB
30 KB 593ms
593ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=7691821754&adk=2833670827&adf=776186316&pi=t.ma~as.7691821754&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035391&bpp=4&bdt=212&idt=193&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=623277121&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=3097249311&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=4436955030176171&pem=908&tmod=1056153063&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.rhvm6zc4novi&btvi=1&fsb=1&dtd=203

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30fe3eecfb1de0e53530c1f78c1ea065bdacc6255bd7b15ea8fbc90c05f0f692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 05 Feb 2022 14:07:16 GMT
server: cafe
content-length: 30681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame 25BD 6 KB
3 KB 110ms
42ms XHR
text/plain 2600:9000:225f:fa00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:fa00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb7f7b25c6ba935d88dbeed578b73dc092c7ad44931a47aea45ef70360cbc65c

Request headers

Referer: https://www.123greetings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 11:45:51 GMT
server: AmazonS3
age: 8449
etag: W/"bf85981d81e89613e013e0c591b883aa"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: X5jR-PZg0GaOd0hEqbLttEiTuA4HzZnoIYfNMiKZDzL9zsrjEZF7XQ==
via: 1.1 56d45ca72c110eb4c3736727b5f5040a.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame 25BD 6 KB
3 KB 109ms
42ms XHR
text/plain 2600:9000:225f:fa00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:fa00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb7f7b25c6ba935d88dbeed578b73dc092c7ad44931a47aea45ef70360cbc65c

Request headers

Referer: https://www.123greetings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 11:45:51 GMT
server: AmazonS3
age: 8449
etag: W/"bf85981d81e89613e013e0c591b883aa"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: 8cNfW7YjaX4GIAvmylViBiwweV4dBFWN61N-SsbGAfzro_wc4eE15Q==
via: 1.1 56d45ca72c110eb4c3736727b5f5040a.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame B366 6 KB
3 KB 108ms
43ms XHR
text/plain 2600:9000:225f:fa00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:fa00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb7f7b25c6ba935d88dbeed578b73dc092c7ad44931a47aea45ef70360cbc65c

Request headers

Referer: https://www.123greetings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 11:45:51 GMT
server: AmazonS3
age: 8449
etag: W/"bf85981d81e89613e013e0c591b883aa"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: 5fj1TjhoOjfT6bo1ymzMoTaBxlMheCcVlNvi_KxnAMX4WqfwbeTRJw==
via: 1.1 56d45ca72c110eb4c3736727b5f5040a.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame B366 6 KB
3 KB 108ms
44ms XHR
text/plain 2600:9000:225f:fa00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:fa00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb7f7b25c6ba935d88dbeed578b73dc092c7ad44931a47aea45ef70360cbc65c

Request headers

Referer: https://www.123greetings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 11:45:51 GMT
server: AmazonS3
age: 8449
etag: W/"bf85981d81e89613e013e0c591b883aa"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: sWZJFbOvPWDe4fPFvtROwkWLuLwNdFV-lzUSy_b98k0kNXPUuxSGMA==
via: 1.1 56d45ca72c110eb4c3736727b5f5040a.cloudfront.net (CloudFront)

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4B95
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM9wDJEOQy04e13z0NvKQVg&google_cver=1

43 B
61 B

26ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM9wDJEOQy04e13z0NvKQVg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNX0Rzq0JAYnPRPkZBupQXNbLZo-RqRvCUYID6Y5cX3mwZr5whp2a0eGHh3ICqWE-_7nn9Q2-8oY5lq00DS-wQ6h6XpOfVEOZaXt2aTpCXKrdS2LglWUqAJ4J-O4JwN7C4jRxQerG0JD1MuuVZ2q2EkFnZz0qEvR7GukaZBVVvwkAkRWpbs
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
via: 1.1 google
server: OXGW/17.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM9wDJEOQy04e13z0NvKQVg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 4B95 43 B
305 B 48ms
17ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNX0Rzq0JAYnPRPkZBupQXNbLZo-RqRvCUYID6Y5cX3mwZr5whp2a0eGHh3ICqWE-_7nn9Q2-8oY5lq00DS-wQ6h6XpOfVEOZaXt2aTpCXKrdS2LglWUqAJ4J-O4JwN7C4jRxQerG0JD1MuuVZ2q2EkFnZz0qEvR7GukaZBVVvwkAkRWpbs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
server: OXGW/17.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 4B95
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFugUEI--q6z_oIQFcDgEGU&google_cver=1

23 B
172 B

35ms
34ms

Image
image/gif

104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFugUEI--q6z_oIQFcDgEGU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNX0Rzq0JAYnPRPkZBupQXNbLZo-RqRvCUYID6Y5cX3mwZr5whp2a0eGHh3ICqWE-_7nn9Q2-8oY5lq00DS-wQ6h6XpOfVEOZaXt2aTpCXKrdS2LglWUqAJ4J-O4JwN7C4jRxQerG0JD1MuuVZ2q2EkFnZz0qEvR7GukaZBVVvwkAkRWpbs
Protocol: H2
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 05 Feb 2022 14:07:15 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEFugUEI--q6z_oIQFcDgEGU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 4B95 23 B
172 B 88ms
33ms Image
image/gif 104.90.104.248
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnV_uICENO9weQCGIaorb0BMAE&v=APEucNX0Rzq0JAYnPRPkZBupQXNbLZo-RqRvCUYID6Y5cX3mwZr5whp2a0eGHh3ICqWE-_7nn9Q2-8oY5lq00DS-wQ6h6XpOfVEOZaXt2aTpCXKrdS2LglWUqAJ4J-O4JwN7C4jRxQerG0JD1MuuVZ2q2EkFnZz0qEvR7GukaZBVVvwkAkRWpbs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.90.104.248 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-90-104-248.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 05 Feb 2022 14:07:15 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/892768/59097903/ Frame 3F3D 46 KB
13 KB 528ms
345ms Script
application/javascript 44.237.151.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/892768/59097903/skeleton.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.151.190 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-151-190.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 295b316a729d0cf7ebf52fcd24099f6684a0280d4b20dbc67fc59c757726f071

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
content-encoding: gzip
x-server-name: app05.or.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 3F3D 106 KB
37 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Origin: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 21:36:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 21:36:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/ Frame 3F3D 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B8nCn07roMMyIRs1r94b8U_nW43DI9whIwYw7Gjltb4-30t5WIGmqwMJq65lJr8ESid8IxBqGA9PC4AHrAEuqG2t4I9U4mD0CzGNBvxKhBwOrbw2Hf3DgUcBfajYXV-jUVCMohT1XwzHTpaXCSPCRtzRJgwQ&dbm_d=AKAmf-AQ9VL3s5Hpi9TNqIiFCGSwTnfvb-LSdXXDVcB-eEoR8rpEKnsmoGR9v6Z_ndli0U-td8lPIUzfLj_Ou_7Pp3PLhrIWLegb-z0xwSKqP78PcFqVE7ucyTBTRVZugah6pvFYveTG4l-ICb40O1ndQfgOF1XKVMNun30R-aYyE_2sRdJGQ-L_0a9fH_xrJqcYSo0lIH61SS9tQbzljaRWGYrnAO0XNUVl6FPeskd9jwvrSONFnFQhrPTqQCM4msU_N9pGgGL28DhoCBGeGbNgLtj693iMHtE5qzz1_Qje4aX-K2fCWCyQNsmID9cgCjSFStn68D9KHlh9FAyZ2hd53U_4D7X0S4TSYsZFOVo9gYMsLDvidz8PxTEDCU5rwD20KLosjUmc0xQp3_6xPBW81WZm8TtsxK6jU6HlJ-xVKhuezJxzaiK3ceCNj_5dfRk3mQqYReVmvf3rpL2B-qjJYx9sJTTuwUYU4htZqp_3_gRPravNV7EDQkQnMSo0ZgvqPR1o_valrFZBbgYgQ4wVG7vzo_3uVOi4x_tLIPjsRGAHwZNTzy7lRcUfNntFfl9y6NtGXvVAkGrmEtCC5y1L3UybKf5dMnjMX6n8lR6Fjv939_1MFzImrjOitb7icll3-muBJBxRvbqI0VmZyAyqUjm7pXatdksXweX9bMFXJTlRK8BK9VKpavfOGAgNE1x430sEvu_o6n0m9fShpvvMPdyTAlW-iu0tKSXUBeWyhuwWsYu93mzxdjzITPqMRS2RipxZ8tUfL4p_Y8-u21R8kUxja41q-_L86c3kLzBz2d4kSVFuA4U7nqURujEPLTiSdonlKhI5q0v24wWeJXcm6LbRI8taaprySMfp9uorU9ODkXKpYb9XowIHQYT8Y9QurwE9TJL5Qj8F8F9p_ZfbH6j0cbenRP49Q6zslSRnvh4FeMU9bk7D9n3Xb6_x4LBfSrsMfzLFl93PNLatFsmIZkF6yVSwgPFHdA2ePBieD0TDbqSqR31nDc3HvHezlYNpo4ztvhOHPL97UP7NIgpTxj75nARSbVwnQnPcgc6AooDQStKFwJr8HGkK4iEV5_XmgvpoxNjLdxbI05ZbqhGwWCyWGe4eivb2oyB_3Hsd30PGkS-Lqj3mbBnZsWtL8AvbB9_vqrEndUw4EiapiQ_ZOFIpkuoi5IaNAO1y7EQMULGb_b7TRLqqxAjUK6WsJKDt6U8GFvCFqfYqmPr6tdJaZs-wo6Cb6OZUBjHYxAlb7m95WXVvm56s7Jjwe4MnVMHuKGkXYh3Y2J8NpA-HeMleyTl1eKrcSoviN3Tzs5_Ch6kUxJiuw6ElOfMbiCN-xmqhYpC4pSn9WPxXe3E2cIH2Rudqoe7vXOHILuoL7JSA0FLHbmNr9X5x3ft1pxXLGogqBiJjFl54Je7TGdeFssRgZWOg9E4evdWXpK-1MU38AT_CLgxsx54_vrx6-ncnvJL7HNhv-Z0k1y18g-wOE3WyMehIHLyvM6iGKaUm6p0qxGsH_4fuXdxpeeE9XvOuvJHy9vyPjhyYmGoCCuHnc6_B2ElKMwL3WrOHa0S8o57K1bAStXrBfBsCZY53vlaRANZGZCG61u5dnu2d_R1qnArS6H62PXCSd6JK3Dn9_nAYI6BSTntPcwVkwXoLCirKODh7mtnnkRbz9Mw55VT5-NWWhcq9oz8U4imEfnxgwV-B8WDI16kTbXbof5efkhTl4Yngu9sJwJu7g0KWrb_U-gnQBCVuc5_TtfYmCZGLnK5UG12Oj662nmjxX7LF91FZZGxfTkYc3Z2Ir0jdgRMeNvtMmmQpCEJhV9nh9B2-XUGJxN3Rt8lOY8ilz60cZRBoRUI9MW9S0hCZsSvulRxEH4BBkHrajJ05c-7Byw3140VFQBr10ZPV1fOudWGW0iVcb_YQ7PRbTmGNU4rtFEn-ntFHmXR3QU4yMi8puk3B1UK3nV7UvslGWuW1QKiBWVX9aF2FDEidb03tOpvZstk9I25FqBHapMlPndVVCp3srET-1MdOdgnubPKLoAjjTp5B__Gu9hhoegnb8zxAAWHUj4IqFHjdz5wnUH2zGk-ptX1CCx9QrTksYcKi5FB6DZHb0LrovahuQvyFYlJOWdo5ydTW6ZF9ob7CwzRwBCzhp2aoX-CrG3T4nMp5Gn3mRrv6mrJYVGW7iMCeAePf9n9duCv_H4lprEF4ZovVRlvJokBTDAS2QKIgQKW93O9yrylAPjPu_a49sx05OC0HwapIe1LKbl3WZk4RqF8tm7J89SUaExZLIQ10w-nrnHkX1sJuyPItZPQMY7h_wgn5jpawghu2bmlsoeJuzJnWFYWJdXUx3aTC_mqZh4kMCiveBsheTG9UwlZzCtnV7U5ZKkHM37IiDGSZHZxOtnWS_ucGI-dzq25-pxoR0a9V6pQN8TBxCLhCygN5nkJg8WZ_yYAYCGWhuCdrn5aIsXu3Ut_o9CG3OxvkJd-rnt3tDl4VS8O_oup0GlS1vo-BVzEgTTUk9rvb3tqQ4AlJbAtNu8vn6k9TJXRbEq17fOiFvEP8Tsay6ltG_UajW_bYB27ie00QIpWu38W_Fgga2vGYyy2Cffg62X_LkYZZL7EDQQeX1LmtAtKXTwreObSrZsfZaHTbjHtphE0Q4XtCbuzDHho6Q6CiFTWSs9hcd6-qky3GN5APBatBPbSSwnsQL10aQ7DnxRQgH9TziC8HJanNOFqF4MZXl2H3efNfXunYSDUzjOvYE41dHx0vrOUtYFi0XcFtyNHM3jdQovM24CbJwhn0ywwhK-GiijyEVNopQ7KUK87tMulkbvRLV4a-0gzoFUNSC2tb9y3z7QCCjiAi46UUnDqTa0sye1y-FHetAAAu4nxEJy17uTUfxljSofOT5w9Q9rSp34hpWXsX3UDzowWB1Ljt2_RDgKUQdxM-5I5aKvOeS5faJ-a3HYEKTR7i_Bdj8FC2XILtPA4oaJptBLp-asKylQ_lh0f9y7HWVqVIwOzLbDdN71Wu5Sz-1fl_xw1dbS_wjMdB1R5DTg&cid=CAASEuRoOr0sYTC-NeA4doKBlHtOIg&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:02:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 3F3D 24 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df94b6cedc01499d102054bb635b49f063b916765bee0c6dc1799e0ef46c217e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:06:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 7436944165253170378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:06:01 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4DF6 0
23 B 64ms
44ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 25BD 0
0 58ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPFNNYda6siq-LaIGiP9mtUyt1WLEBOHBYSK-EJL0bEXWrF4-oihIAOZQo-Wt7yM0IfbsKDDGyUkYZi8krSP0P1bmM1VJVXdUq_WRGQQV0lva6-We5rCl6TwAQ93zdGt5ImbfdlU3b8Y6-IY3EpmDF1basXXcj0s73x4HcIIokWlPtmK7cPiXu3utGUr-Df8Y2PHZndyIlOX6EeNGFHv49itX3ljyAQEVTtQX6_oca8uU6lDRqGGMigNvSK6k6Jc_TE9M4IZGcnlE8L-P1Gfhar58MsYV7SEhHRRRmobFWjA1U27g27DQ_YLnPSTC8PdxnMELc8UH121S0QMhNTOk&sig=Cg0ArKJSzHL9ThRwMKjCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B366 0
0 60ms
46ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZkHNSbBmGDH17fBusM-b1MuFDBgzdOFrBaQO8JSsIhRrq64J0btPwVHt-2gRQYkkXe9-JJtzS-y8Lxztqtyd5TPsvosVwvwh1obktdRFdCPRTM4lglVm9C6dlRSVnAwz3RK-7nlP35DS4UFOQ4JhNUghrVlMtqxHh0EmR-XAQ9Nli55jUrdo_eUur9e1GIk6P5-N2gY8KQx6YctAwwq8DccqQOzL1VbMmFUQmL76eplw-5Xu_vAhDKseX3I0pqyE1qw1Q0FrX8gdBlQlCt0TZyo33eJAT46camQcsxTTGGRs2kWPkAxe2t2h8SaNybLGVnOqE5V2st5wU8Cwf-xazDNFfYRrM26U&sig=Cg0ArKJSzN8zXhGXnXQmEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 05 Feb 2022 14:07:15 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 24CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIH5XednhNITAIb3w7qlGSA&google_cver=1

43 B
549 B

51ms
17ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIH5XednhNITAIb3w7qlGSA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahi0-pq8ATAB&v=APEucNVEQmfLh6CUl95L9HdNiW7gWq5nWdIRgooZ4ocXxvNRl4KjfE-r_cTaT8Jv6rpr-NBFQRYcf9dHDWUwVIdBDx4c4rJf4RLq_SYGb3T105d2GeRCw-Lo5YbbCn2vp_J7Ib7MyhUz9fnpuAlbbNhQ1wfq0so94ABjRMyuT6uhKYffZ7LLmw0
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 14:07:15 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 130
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEIH5XednhNITAIb3w7qlGSA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24CA
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZWMzMmRmYTItODY4Yy0xMWVjLTk5NjItMTUyYjg0YmQwMzA2

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZWMzMmRmYTItODY4Yy0xMWVjLTk5NjItMTUyYjg0YmQwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMCe2QEQ1rr1Ahi0-pq8ATAB&v=APEucNVEQmfLh6CUl95L9HdNiW7gWq5nWdIRgooZ4ocXxvNRl4KjfE-r_cTaT8Jv6rpr-NBFQRYcf9dHDWUwVIdBDx4c4rJf4RLq_SYGb3T105d2GeRCw-Lo5YbbCn2vp_J7Ib7MyhUz9fnpuAlbbNhQ1wfq0so94ABjRMyuT6uhKYffZ7LLmw0

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 05 Feb 2022 14:07:15 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZWMzMmRmYTItODY4Yy0xMWVjLTk5NjItMTUyYjg0YmQwMzA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 71
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 24CA 0
194 B 59ms
19ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B630 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 68847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 05 Feb 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B630 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 30221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 06 Feb 2022 05:43:34 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15360649606527256241/ Frame 80F1 8 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15360649606527256241/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ac44761e2f2a7404c3cd8274249cfbcae6e39125ccd1dbd10605c03a36e8668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2788
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 14:36:54 GMT
expires: Wed, 01 Feb 2023 14:36:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Jan 2022 23:19:45 GMT
content-type: text/html
age: 343821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5CF1 0
24 B 80ms
80ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstX5V0qgifq7v2r5J2Otj52ukvjJKaBei5IfilzyiDfQh2d79B7rGCnXj9MaWlPmV2FPzxrmBBAJ59D-DcC_pdv09Veg7VNE8s4x0Lp7ZGgATbZDKN9_4uhLzudvL5m_BGh0-Wk8Rfr7o6P_y8b7OMBuRRiFie7h5c0N-KM21a4tr3O-1yx8II1qUxDCYOqpw2-QbT1QW1gauxBK9K4z1fzhqjqy8bGwE5sQqfgl8AybWddo8Tldbpomc8IFs4TAozRe6B6ESriGgC5HxV9d96uva_lajN-4rl1BxgeAlk5l1RpjrhFNpjSTQbEZu6zAfxtyXuFw2r7nyPYMtv_Iw77eiiNSzPoiqgujoFvVi11y821_Nmm2HZNQa2aqNRqmk5N8J8kT57GLT03ROw8YvJuZ7pDhCrQXfTuBqA4gC0icDMayFBezimdwZPohvNzcnQ7CiQO4MMcffPwZBV3Rz_Ta5cmci2O9GvTKGuS3HutfI7vTA6SJClsLbYPltiPauCE00mxBPGFd84ObHwGtp7UEo08VvpFA7uRavEtm49hHRZla4CHSlDY_9XK6-17cZvzAEaRGU4miaMymQYkrdyRjxuEiaJFP6XS8QRK9Uu0ohzTiSq0--IU8xsP23cceTbwHZPAc0xkN6YNvBPLVBAwCRTPluo6DGGL_oZdvPsLJspufYv2PnPcbJKdjZBSiEw-bWGm-vzvNJccpa_aLCHyhum60-0oSwrhOIdWL1RNYVh9u9S9J1zEmy9Ez3p2gf5aQrq3_j1DpmafIBQ5ioVfQn0srkiKwgP-zE3XZHTxBF6zv_dBmZtLrWHb9ft7FzZiBzhOf-p9NzvikctnC2RuvczySd8acF5RA4C9zMHxZxetVuPzxBmOAX8FQrjH6YOUB3JkBie0o45hVySCNJvU_sZXrdMxUMm8PlOruTHcwkl2d6ApllXoMQPOx7dSY0suA4UjaI7dLOVPgZnX9qVFLhHpdnCCTezCalqAGfF-ZIlVLRrq30m4z1LnVC8esqsJ1UcoBzKl3F_cyatwVW2ZlDfLSdM8EfBNPpYzp-1a-ec6blb2qJltKzYotLbGAf0aHMiyvEq3COyDLB5jXBWrFOsDsQJsZlj6UKEx2X01zNAqoevUPw0r5aXBJ8W6ekMLzx8fENZrhaC2T8BINDjAYA&sai=AMfl-YTX1PnzI2SA70PVzDqrL7g-wYw6Lx-WSi5w7IB6nOfS5H5VjLtb1DHDQa09AOnwrpigFtBuBCmMeV4c1t6DA-aXfluuagXOgrLR4E5FTV06cVaW3lUBhGTqtkTfOidiG5Mts2Hnvxn1c7k3kL50-S5MIS4kvw&sig=Cg0ArKJSzNJydzGkrvKiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=296&cbvp=1&cstd=293&cisv=r20220201.56423&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 05 Feb 2022 14:07:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 5CF1 0
337 B 109ms
31ms Image
text/plain 99.80.121.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=rvqaq4z14&advertiserid=8244906&campaignid=26944795&siteid=7060575&sitename=N755990.3107238APEXEXCHANGE&placementid=323209024&adid=%adid!&creativeid=163018049
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.121.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-121-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1644070035
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 63D0 1 KB
752 B 7ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sat, 05 Feb 2022 05:53:44 GMT
expires: Sun, 06 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 29611
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sfht0if3y.js Show response
cdn.krxd.net/controltag/ Frame 92D6 11 KB
4 KB 36ms
7ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9cf0a7f1ad73851698fe4e7acf61754a0d6cc2dfe12ac15f4c0248feace8cd85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sat, 05 Feb 2022 14:07:15 GMT
via: 1.1 varnish, 1.1 varnish
age: 688
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 3743
x-served-by: config-service-a001-ash-prod.krxd.net, cache-iad-kiad7000031-IAD, cache-hhn4073-HHN
x-response-time: 0
x-do-esi: esi
x-timer: S1644070036.783888,VS0,VE0
etag: "b7b9ede32a13955b010743207a7d773d9229f60e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 883

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/ Frame 56E9 12 KB
2 KB 40ms
40ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

988b74dce089a5f589958a0af7c072a2dfeaabc3f9bf23d4d7bc5d340f318ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1867
date: Sat, 05 Feb 2022 14:07:15 GMT
expires: Sun, 06 Feb 2022 14:07:15 GMT
cache-control: public, max-age=86400
last-modified: Sat, 29 Jan 2022 20:23:49 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 92D6 0
24 B 81ms
81ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVuaXDmqaW9eSreWMnP-exkdePvTIPIONEdc301_TPhyipQzNHi6lHORsrk_Ua825cpKKNYOXBtCsTxzEgyomPGjG-IHcSk5Y8TStJKa9o4lrfArv7bETNI7fxbOYP9LBGL2ZvWzL2zM8YKrONNTRqjn2HlTelDqgZUxDr8uG7AXIT95uWqeKeWFj6BK1A7Wmm8M7YGbHKfCjcrGOdL1MAqdDLqkMxWE-0ipI4p4DLZdNZ2qLDXK4_gLCNb_Lxtxn630TVXefVTA0tE05XMtZAo8XLuqThl3R4lLf9zmT495vFAxA-GgDHBqCTDLHqunvkiJzfrmgY8APSHTXCQytd6VqdAoqbusrLaVWTv6LG5fcsmWG3N0RFhKnRS98nN7WOHVVaqBJMgk7boaOQ-1_I62MTW3i8Y8h6N5r0a_iULwouI7gpWY6IXowx4QJ1xshULOOFIvV_WhZneBPKB8bfy3FBzppqmhlXYSUZ1a4GIM-Fc2SAF2IGFRbDJee_sAW9vDDF2Ob1Y29-K8459i9z-slTFDCRWlNtGWoGY_qpIowMNEv4qch1diq3oI5ub8etyX47tQmv4EGcQssNMt17EY2awgUMhusA6HK54NLMTcMXnSa0iLLYA_EfIBF3-d7ycwxhLmirlufMJbWyHesBdKeH4ZEAf8IXoMSCr535IJQcNNTvHvwvwkWBd4klOvY9mipdycZj5SBY3MLkTkpqRhsBY_DA6xqwM06qwT81cjfIqeNxmVb3zstvGrP9Ss4MvECSKSMMhTKiHWHokqbUiczB-oj8tIcrLnzRwnHsJxfR8sT1I3Qo2PGfn0TWiW2DMrXCy0u66w78Mlqzot4TcHDmvqFUVxF5u_N3-WQLrP2AIh42J5OcCLz5d25_EGkWtYPkLRMXsmjq7Z6INOcUj_EDHJd1wGu4MnTO2SZsIYflY8TnAr5cLCtcVXpoIvJLFuZEQD0B29FT4zx2qcZmimJpS6KX2yqIKmPYYxIZAPGhWGYIcdT1EI--ZJGGA_vwxr_iL1FQD995S28y_EeCTo8Qo-piwbRXP14q7hNeKDw0VlvGUaZOsmzmCVLxRwOFjvU_NgMYQH48X_Hnegef70UjiCEadrbnL7cKxa9gNizsQQgx2IM2FW6aEj7gtLuQ4UM7gBSavLrTaxdnKdDWbvR1MKwhMlbiRdT49g&sai=AMfl-YRJ9KC0JJ8f14AmGI9euC0nttWNYrb22tbAKv2AZfUo2vsR9ZfP3mzFgDs11LxyRrugk-iWVv0NzRMQDUeJ_J-9y0jZmgAcsIqG4oMn8uprhdMNgKvBIRW_2wo6vSKxMHyQVYgvAjzy-ZFy8fIKC42wOrIl0A&sig=Cg0ArKJSzOjt9zzK9lKwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=309&cbvp=1&cstd=303&cisv=r20220201.50777&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 05 Feb 2022 14:07:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/1179665840288294935/ Frame 361B 8 KB
3 KB 11ms
11ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1179665840288294935/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

588ae2ec187e7ee02102834257b241e8a3f815bf0d44662e7cfe18072207ac0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2786
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 14:37:12 GMT
expires: Wed, 01 Feb 2023 14:37:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Jan 2022 23:18:17 GMT
content-type: text/html
age: 343803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EAE3 0
24 B 83ms
83ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssv-Njregz9ilLo4QzBI9x0Vcip3iUAcXR5dkFaDALxyNI4DzUAEbYzr9r-PKeGMzTXvpuvRptIbnnuL3kGUcomX2Xn2jV87bUAZ0baziYWoJ9SDvuwGcalGrLvaQ7IpoBHZfcn7NTwCdRmUF3UBBcsMpEDXMkE29Dnkrc60WeLs-9OUe68HIP22xcsLYMAwzMT5lP44TkuuRiDJJ3xkjRTlBXlhGyXvACwDwKj1ctDRcSWAbUzJlZscjo7_MeeVMYist-vNgf67OIP4alJ5N7-gae1T39v8wTcX8t-njnh_mtpkEQOyrtl1_q7eXnjjI2ccpZVoHdaWuWpnp2tAkuVNdaajJbYDEdLanN8VnLANWTK4D95bqEhByYpnMZM1xozt3Laj5rICCU6yf0ChpLZ3Mx2B3w_59fEU4OhiTBma5udxTDkYjQ501hhOHLSoZRHf9dpbFq-nZnHDdL-3OyG5A0x6COfkkkAHv7HzcM89ibq-Zr3zGMbjTiKyyr6CKkWkOZebdErz_3YKsZW0ehGH85clbQHS4B8qSoyus1JT4j0t5J6BaaXJCvYWy074uIey9083xb73LvpdCyskSFy1ymYcYalDDdKbDVz9_XaLpgjU3XjR1-f7vriO6pGyiGoT7hJOviHlOP6Ea5uVGnYd6D0As4nazzR1yPQtzOmd39dy0QoaqL9zd8xaCmIkFKD6fEpaadxGKGT_zklgW3VyEkfZEjUeTn4Pf1FkRmPR6jR4H6JWpcz7jMgXREBzMCiB1hjx-lzRuVq3dz5n7lKcTTRZL_NYmL6l_F09R-y1wcz2ffx1Qz5YRJOnfNMHGchqud-nLN6SxvBQmwHtcszFwI2U9K4RMJoCyVqmdwBDFWKdFMnQH0rcuFy9nlrMMvl-3-znUZMPu2XctPZokw9zxswAMXk5ZZ_ja9tFBR0rv4Aojf7tvcx51UgswQDRXoViCEiex4JKqn6N_SykgCmbWst1HJb21tgrsigoykI1jSm2yeG_BQgmf1bgLkWPN2OK3-T7QBo1V8hXui9fceXuEfgr3itXh0VxmEXlCBVKfNpqKd5AD8oeZ2ELIX8TtQv90Ryrg9t9mGuSHeH1mhuqQQSbaOlhpXQh7MxRbMPOb88IL_T_yuMuS7pIbYgVBffu_EOvJQ5lw&sai=AMfl-YQZ3DajEw303GgsNFtqb3T8Aw-ORt5vsJ1qzQ9fxRo_jC-HhGfcWR7AxeTUuHAxo5QYyJ7YPw_unRalhTxpkAubqeWOmu3_KUPI_vacAX3GcaR3bV_uH2yRfz4VW0NUd8rdvdiqNZtjTuWoGjeOxgsiXGdU-g&sig=Cg0ArKJSzP8oKZU0TdkpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=300&cbvp=1&cstd=298&cisv=r20220201.59258&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 05 Feb 2022 14:07:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame EAE3 0
338 B 80ms
30ms Image
text/plain 99.80.121.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=rvqaq4z14&advertiserid=8244906&campaignid=26944795&siteid=7060575&sitename=N755990.3107238APEXEXCHANGE&placementid=323024289&adid=%adid!&creativeid=163013122
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.121.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-121-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
cache-control: private, no-cache, no-store
x-request-time: D=85 t=1644070035
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
DATA 200
OK truncated
/ Frame 4DF6 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29284cc18fc6c70301a26226a1da1259cbad8f549ba6c9f86b2cfa2606d884a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 72D1 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Feb 2022 16:37:12 GMT
expires: Fri, 03 Feb 2023 16:37:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 163803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5CF1 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Feb 2023 16:37:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 47F7 1 KB
752 B 8ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sat, 05 Feb 2022 05:53:44 GMT
expires: Sun, 06 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 29611
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 5CF1 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be9b814ea69cb77615c3617fbd841ef5869432cc38bab6d155955fbeea658654

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 92D6 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Feb 2023 16:37:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 90B1 1 KB
752 B 11ms
11ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sat, 05 Feb 2022 05:53:44 GMT
expires: Sun, 06 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 29611
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 92D6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae73d0e1f470006616e4d21bfa5c02eee62e7e68ad12869b6a0d8d2a2d3574bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame F042 42 KB
15 KB 49ms
11ms Document
text/html 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
last-modified: Wed, 08 Dec 2021 10:46:21 GMT
x-amz-version-id: mkXtqZN.sX1diyvNHzDOuWx2fzD7.NTz
server: AmazonS3
content-encoding: gzip
date: Sat, 05 Feb 2022 14:04:39 GMT
etag: W/"72b7eb0ed3b552f546f4240f3e4e9f26"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: T4wAhdhqHMJyRCgXW2X2jb1CbnSoVfeKAUBkNToV444HQEprO1Terg==
age: 35738

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 049B 42 KB
15 KB 46ms
12ms Document
text/html 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
last-modified: Wed, 08 Dec 2021 10:46:21 GMT
x-amz-version-id: mkXtqZN.sX1diyvNHzDOuWx2fzD7.NTz
server: AmazonS3
content-encoding: gzip
date: Sat, 05 Feb 2022 14:04:39 GMT
etag: W/"72b7eb0ed3b552f546f4240f3e4e9f26"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: SqAsDrODeNozCf4VBnVbjJyo6mHqfFvhFJA8TBg7c_sNZLT6MWc0WQ==
age: 35738

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame EAE3 41 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163803
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Feb 2023 16:37:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E50C 1 KB
752 B 8ms
8ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sat, 05 Feb 2022 05:53:44 GMT
expires: Sun, 06 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 29611
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EAE3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fed58fddbfe1b720a19189ca27f0019074db1b42fdba1896a2c7ceacc8e6621

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 80F1 236 KB
63 KB 70ms
18ms Script
text/javascript 2a02:26f0:f7::5c7b:e033
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15360649606527256241/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e033 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:22:16 GMT

GET
H2 200 controltag.js.a1705c5ac5f06cf0c202ff70908fc042 Show response
cdn.krxd.net/ctjs/ Frame 92D6 259 KB
83 KB 8ms
7ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
age: 5841959
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 11844755
content-length: 84509
x-served-by: cache-hhn4073-HHN
last-modified: Mon, 02 Aug 2021 12:06:17 GMT
x-timer: S1644070036.033007,VS0,VE0
etag: "a1705c5ac5f06cf0c202ff70908fc042"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Jul 2031 12:06:16 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 361B 236 KB
63 KB 65ms
16ms Script
text/javascript 2a02:26f0:f7::5c7b:e033
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1179665840288294935/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e033 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:22:16 GMT

GET
H3 200 1643485919913.css
s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/ Frame 56E9 9 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/1643485919913.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ff68480aeacacf08f899e9751bd8cc81a1a06840d2338e2c5c447786bb247c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2217
x-xss-protection: 0
last-modified: Sat, 29 Jan 2022 20:23:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 16:08:25 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 56E9 118 KB
40 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 15:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 15:39:31 GMT

GET
H3 200 1643485919913.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/ Frame 56E9 32 KB
11 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/1643485919913.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0163cf949cea5a556b144eb406773e848d3f639848858e5eafa49657b5927f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11115
x-xss-protection: 0
last-modified: Sat, 29 Jan 2022 20:23:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 16:08:25 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C6A5 22 KB
8 KB 18ms
18ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Feb 2022 16:37:12 GMT
expires: Fri, 03 Feb 2023 16:37:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 163804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15360649606527256241/ Frame 45AE 8 KB
3 KB 18ms
7ms Document
text/html 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15360649606527256241/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ac44761e2f2a7404c3cd8274249cfbcae6e39125ccd1dbd10605c03a36e8668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2788
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 01 Feb 2022 14:36:54 GMT
expires: Wed, 01 Feb 2023 14:36:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 05 Jan 2022 23:19:45 GMT
content-type: text/html
age: 343822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3F3D 0
24 B 84ms
83ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5ZMcN8a_cq3xcAWHt8ZtFCkXV1R5rneVnPzKF5GC3VRwfszgACHo7fRnUBJX8w_JYYQwvdhyErNCTTKLdV6FDSdpL26_j6IAPXvJMePMsO4DwUFcqtxPI0s_RJPeyIo1TzIqbSvCfkLJ8Us04mmHVOr2bFKnVJHnJVIsAtjkXsN5VDnmMioIyjS305F1BSjbHdn178VTXN_02Zlrkuix33Q-hif2OtUSfAxnMp8-MLnjsn2Ga49LfzTwO8ZMgixOvQK2bT7B0sekyQ1XhcSCoZLkz6OuUFdiMSIvevQ0bPxJbWDJeNVlt1KPzrUdVt5C0Ss-6yQiZTwPATlC31vx4GWoxCdhUnSPAWkOWbhV-29WzJnGEQC7ekmVyVIVTxMMIvaiYr0GAgVDnUracf4S2LBdKFX_ykQNyPy_gnegzW_j4TrWA3eNlzPxCSQKFrl-Pt2BtNznXSYDwRM2rQ4KBrS4uTHvapFdvz486r2PPwsQOlhYw7CmZ1e-w7rxA5RIp6aP3s725vvGZ5H8EfeCSSjzCLTM4ydII47B8Io_v_s38m2ciwkP2q7hqHTgRrtGFZQOuUdVClSw466N4ErV0d9YqFffPEoCIgEEwoYmiHgZ6aIQLXehkWcT1s3Wfq3HUMk8HSp3d4fUApcM6L9UsdSDijbTNpECw8-9Pfg3TKAP-IpEsSH6nhd2vNZ9mEv7kfbamtYQSSr28Qsd-QOVxIuNMwQnJe2H9MsNiu32MI0gwF8SqwpNKGguWTCDuRJnH01-ZgkQYhpLAWXY4z5iiSmK5cUMJFjZpv7A_W9kWEWAbIQAv1fCaVUDNJbv5Mn5Z6Ewi1PCnerDMGZAldxNcG7Usgc4Njs4cUiIONoaXh-S7BiGq1s765nfJ8JhjcS0bY5FzfGh9DiXlP289TtD1mN8TwY05J_LJoE2ALyTCwMlIbLSWXoCiKZizWuRN4V4BuYKcsyvz6Gjc-a7aFdoqUXpKZBLECTK-NLV2c9p9n2Nw9n1vYJEu12fWcj0E7igD95AGIIZkmecnEl7SzSOkhilZM5_P2CbFtK6gwygj5mAs-MZXkS8aVhZb4ZvFscou9q_UXXcGj7YogaUKvsVR9GnyJiw-mj5w8o1E7d9DN6TZ-fOt-TxTjFpWQLoR1_Gw3T4pOCpFjYXRN40novFY8g&sai=AMfl-YR3qvm1i1ySduugVnKgpRY_qgB5NdIsovnlTgk2UF1SaH06rwk350hThKe8VWiLgGogOp7IUaFNSDrWhO2t3473tjbGH_MwSiaWHQj6yJeKVOlOk6uaxVF9USBfcqG6I7PiOwdXauSj9n_kubX_7cosFJR4gQ&sig=Cg0ArKJSzP_-mAqCPJIfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=376&cbvp=1&cstd=374&cisv=r20220201.70348&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 05 Feb 2022 14:07:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 3F3D 0
337 B 36ms
30ms Image
text/plain 99.80.121.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=rvqaq4z14&advertiserid=8244906&campaignid=26944795&siteid=7060575&sitename=N755990.3107238APEXEXCHANGE&placementid=323209024&adid=%adid!&creativeid=163018049
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.121.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-121-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1644070036
x-served-by: beacon-n005-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 css
fonts.googleapis.com/ Frame D26E 6 KB
670 B 27ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5968639485&adk=2761460659&adf=272530240&pi=t.ma~as.5968639485&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035293&bpp=11&bdt=132&idt=221&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=2&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=1571542740&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2048&biw=1600&bih=1200&isw=300&ish=250&ifk=2321873798&scr_x=0&scr_y=0&eid=42531398%2C31064036%2C31063221%2C21065725&oid=2&pvsid=4306747683082109&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t5koc7w0c16m&btvi=1&fsb=1&dtd=240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 13:20:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Feb 2022 14:07:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame D26E 1 KB
882 B 10ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 13:54:22 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame D26E 19 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 13:57:30 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame D26E 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:15 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 249A 22 KB
8 KB 11ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Feb 2022 16:37:12 GMT
expires: Fri, 03 Feb 2023 16:37:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 163804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame E8EA 6 KB
670 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_LMrec2_16526K&adk=2587679829&adf=272530255&pi=t.ma~as.Google_LMrec2_16526K&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035305&bpp=5&bdt=129&idt=248&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=741711046&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=1330430865&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=2398180986554050&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.33jngu59ejlu&btvi=1&fsb=1&dtd=269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 13:22:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Feb 2022 14:07:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame E8EA 1 KB
882 B 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 13:54:22 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame E8EA 19 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 13:57:30 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame E8EA 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:15 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F3D 41 KB
15 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 16:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Feb 2023 16:37:12 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 679D 1 KB
752 B 7ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sat, 05 Feb 2022 05:53:44 GMT
expires: Sun, 06 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 29612
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3F3D 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b7bcea381f923b754ab10be1e5574d3163abdab8138cce3576575d52acfd1c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D26E 123 KB
37 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame D26E 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D26E 0
0 16ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfHX8AzaN1i4OnFprX2RarSLZtCBzQTVQR6X5iYlrRe8hKUp5SI8yolvBDCQfwsmAq2MhGtuUdBkiPvnmdfnKWI8Iazg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5968639485&adk=2761460659&adf=272530240&pi=t.ma~as.5968639485&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035293&bpp=11&bdt=132&idt=221&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=2&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=1571542740&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2048&biw=1600&bih=1200&isw=300&ish=250&ifk=2321873798&scr_x=0&scr_y=0&eid=42531398%2C31064036%2C31063221%2C21065725&oid=2&pvsid=4306747683082109&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t5koc7w0c16m&btvi=1&fsb=1&dtd=240
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 4b5ee2b4ff5a9298bcc39e4df8189ef4.js Show response
www.gstatic.com/mysidia/ Frame D26E 27 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11337
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 15:21:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 May 2022 14:51:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8EA 123 KB
37 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame E8EA 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E8EA 0
0 15ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQYDL7o5zNQ07VZYIUuWZ4avQB8FEMvNFZ9fNsgbwnLNbzYlRpTAYtjoJ8F6_6XHECCXL3ja9myau8AhgWcBY8yt89BQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_LMrec2_16526K&adk=2587679829&adf=272530255&pi=t.ma~as.Google_LMrec2_16526K&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035305&bpp=5&bdt=129&idt=248&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=741711046&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=1330430865&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=2398180986554050&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.33jngu59ejlu&btvi=1&fsb=1&dtd=269
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 4b5ee2b4ff5a9298bcc39e4df8189ef4.js Show response
www.gstatic.com/mysidia/ Frame E8EA 27 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11337
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 15:21:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 May 2022 14:51:56 GMT

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 233ms
155ms Preflight 2600:9000:224a:4e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:4e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: riZWvCidaxwwesj-aOU7dMyHCBwik31tNulSF1Ksl5z0lKz3q609rg==

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame F042 236 B
991 B 161ms
159ms XHR
application/json 2600:9000:224a:4e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:4e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2aae558254e41ced516949d992a793330acc5cdbdd7d7920eb569551c8d91764

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: DUS51-P1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 236
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Sat, 05 Feb 2022 14:07:16 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: rTkhnl7Z0OpBfQy_H4uw-CAtWu9z-jfCwZ14fDYmLDeDN8l58SJqDQ==

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 049B 236 B
991 B 160ms
159ms XHR
application/json 2600:9000:224a:4e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:4e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

2aae558254e41ced516949d992a793330acc5cdbdd7d7920eb569551c8d91764

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: DUS51-P1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 236
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Sat, 05 Feb 2022 14:07:16 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: pZKjskIZLh4Q39KmKHJs6nwoDYhOHwvuj1COzR_k94GlD81Sf6hENA==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 233ms
157ms Preflight 2600:9000:224a:4e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:4e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: oldE4r3V4DQZKrC-1osfaRlIDRQkktGlT9Fbtu5Tw7xdYrusoXiZ2A==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C893 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Feb 2022 16:37:12 GMT
expires: Fri, 03 Feb 2023 16:37:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 163804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/10832574113670414510/ Frame D26E 18 KB
18 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10832574113670414510/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

975c8238bc4d4823895b685a9d4b8609ce74a5da84248853260801e75c221c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 06:34:48 GMT
x-content-type-options: nosniff
age: 286348
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18654
x-xss-protection: 0
last-modified: Fri, 17 May 2019 08:07:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Feb 2023 06:34:48 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1549537828540973394/ Frame D26E 1 KB
1 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1549537828540973394/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff27771a37ce7dbfe78265cdf412143c976f335d656af39dda319b8a3715731a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 04:59:29 GMT
x-content-type-options: nosniff
age: 292067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1098
x-xss-protection: 0
last-modified: Tue, 04 May 2021 13:06:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Feb 2023 04:59:29 GMT

GET
DATA 200
OK truncated
/ Frame D26E 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0524b66013df8ae6ddd6c701b89ef6f503fa396f34b1815020e42e00806bce15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/10832574113670414510/ Frame E8EA 18 KB
18 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10832574113670414510/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

975c8238bc4d4823895b685a9d4b8609ce74a5da84248853260801e75c221c0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 06:34:48 GMT
x-content-type-options: nosniff
age: 286348
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18654
x-xss-protection: 0
last-modified: Fri, 17 May 2019 08:07:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Feb 2023 06:34:48 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1549537828540973394/ Frame E8EA 1 KB
1 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1549537828540973394/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff27771a37ce7dbfe78265cdf412143c976f335d656af39dda319b8a3715731a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 04:59:29 GMT
x-content-type-options: nosniff
age: 292067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1098
x-xss-protection: 0
last-modified: Tue, 04 May 2021 13:06:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Feb 2023 04:59:29 GMT

GET
DATA 200
OK truncated
/ Frame E8EA 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0524b66013df8ae6ddd6c701b89ef6f503fa396f34b1815020e42e00806bce15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63D0
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEI4Pia8JsM6AA1lLn7EkQ3U&google_cver=1&google_push=AYg5qPLcmkPwMrV4uEelzAC9kpi_VrtzXim7pp5YJqjVyUEINLtSOBl4S6KJpzjlhOs6yqYd0VxcsgjxCGqWdKIPDMpOLBcrgG2IKg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C57789A137445FA8F2B6B05E6152F12&google_push=AYg5qPLcmkPwMrV4uEelzAC9kpi_VrtzXim7pp5YJqjVyUEINLtSOBl4S6KJpzjlhOs6yqYd0VxcsgjxCGqWdKI...

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C57789A137445FA8F2B6B05E6152F12&google_push=AYg5qPLcmkPwMrV4uEelzAC9kpi_VrtzXim7pp5YJqjVyUEINLtSOBl4S6KJpzjlhOs6yqYd0VxcsgjxCGqWdKIPDMpOLBcrgG2IKg

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8C57789A137445FA8F2B6B05E6152F12&google_push=AYg5qPLcmkPwMrV4uEelzAC9kpi_VrtzXim7pp5YJqjVyUEINLtSOBl4S6KJpzjlhOs6yqYd0VxcsgjxCGqWdKIPDMpOLBcrgG2IKg
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Fri, 04 Feb 2022 14:07:16 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63D0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEESxC-H8mbEYDZ4cRdPgRoQ&google_cver=1&google_push=AYg5qPIldTilO9TB6lHsF29UtMpqHVJ_yZ354zAmxQXp39YzeA20XRMU2jqRKoD6ycl8_r6wKpU47brKJNOZWj...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTIyNzAzNjk1NjU1NTQwOQ%3D%3D&google_push=AYg5qPIldTilO9TB6lHsF29UtMpqHVJ_yZ354zAmxQXp39YzeA20XRMU2jqRKoD6ycl8_r6wKpU47brKJNOZWjxMRI...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTIyNzAzNjk1NjU1NTQwOQ%3D%3D&google_push=AYg5qPIldTilO9TB6lHsF29UtMpqHVJ_yZ354zAmxQXp39YzeA20XRMU2jqRKoD6ycl8_r6wKpU47brKJNOZWjxMRIE3Pbn6uVyQNw

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTIyNzAzNjk1NjU1NTQwOQ%3D%3D&google_push=AYg5qPIldTilO9TB6lHsF29UtMpqHVJ_yZ354zAmxQXp39YzeA20XRMU2jqRKoD6ycl8_r6wKpU47brKJNOZWjxMRIE3Pbn6uVyQNw
Date: Sat, 05 Feb 2022 14:07:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63D0
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1&google_push=AYg5qPLDaPzqQDSHrgnAYBBiYSoezQ1GWok_XgR58j0YqW0RsB7UPUN2MwHBGqCGWtP8tiVinpbwSJcm6hVXSrfeNlSm...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1&google_push=AYg5qPLDaPzqQDSHrgnAYBBiYSoezQ1GWok_XgR58j0YqW0RsB7UPUN2MwHBGqCGWtP8tiVinpbwSJcm6hVXSr...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=28e44849-c3fa-40a0-9c11-df848c5be2b4&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJlLC8b3-s-s3nVh5_j5yhV1bQHBrEC2XFn54gf5uxh9O3WBIEU-biWN-4vXBHAzeU_i5pfuSF2hk5GlffCaZG7sPKja2jy&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJlLC8b3-s-s3nVh5_j5yhV1bQHBrEC2XFn54gf5uxh9O3WBIEU-biWN-4vXBHAzeU_i5pfuSF2hk5GlffCaZG7sPKja2jy&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJlLC8b3-s-s3nVh5_j5yhV1bQHBrEC2XFn54gf5uxh9O3WBIEU-biWN-4vXBHAzeU_i5pfuSF2hk5GlffCaZG7sPKja2jy&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==
Date: Sat, 05 Feb 2022 14:07:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63D0
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBd29pctppWfTEFXtN7XSXQ&google_cver=1&google_push=AYg5qPLZ-H5YimnVJ3S1O6WX9FZdi-BHFfpV-gYMWURjYdfbTHqdfFrTpXH81QCjOX-uITNIhQvogRpxbvQw-VOzeBwmjL5...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLZ-H5YimnVJ3S1O6WX9FZdi-BHFfpV-gYMWURjYdfbTHqdfFrTpXH81QCjOX-uITNIhQvogRpxbvQw-VOzeBwmjL5EkQdk7g&google_hm=MjM4OTc0OTg4NjQzNDA2...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLZ-H5YimnVJ3S1O6WX9FZdi-BHFfpV-gYMWURjYdfbTHqdfFrTpXH81QCjOX-uITNIhQvogRpxbvQw-VOzeBwmjL5EkQdk7g&google_hm=MjM4OTc0OTg4NjQzNDA2MzQ2

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 05 Feb 2022 14:07:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLZ-H5YimnVJ3S1O6WX9FZdi-BHFfpV-gYMWURjYdfbTHqdfFrTpXH81QCjOX-uITNIhQvogRpxbvQw-VOzeBwmjL5EkQdk7g&google_hm=MjM4OTc0OTg4NjQzNDA2MzQ2
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63D0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5rfA0A-PRTyCL6n9Ob60lw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5rfA0A-PRTyCL6n9Ob60lw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPILKHTgfmr2AbYNtfGe5k7yLiXARr_aL7bZ58rLt8ebgdbWQ6zaZX9akRrJKgkfa_Qx_y25frPcNpGbKcRDPJ98hLKNdxj5

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5rfA0A-PRTyCL6n9Ob60lw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPILKHTgfmr2AbYNtfGe5k7yLiXARr_aL7bZ58rLt8ebgdbWQ6zaZX9akRrJKgkfa_Qx_y25frPcNpGbKcRDPJ98hLKNdxj5
date: Sat, 05 Feb 2022 14:07:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 63D0 0
75 B 91ms
17ms Image
text/plain 185.86.138.120
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOxk21stJJPp7CO1BXZxIW0&google_cver=1&google_push=AYg5qPKtrpPx1rTk2cXHJspnHGeF1h4UAbphgCQr4hDBZAY3tSSfW7zB3mLST20GFEHZTgg6wKDpeLo-pm8miF1XuuIfncde_pwX
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.120 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:15 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63D0
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPjxtU0KP_JJ8jZhOZVaCLQ&google_cver=1&google_push=AYg5qPJWmvUAqiPmGiBQjzDd-tJYihVg4Cx1TzeouKtolDg91j2jcXUG...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPjxtU0KP_JJ8jZhOZVaCLQ&google_cver=1&google_push=AYg5qPJWmvUAqiPmGiBQjzDd-tJYihVg4Cx1TzeouKtolDg91j2jcXUG...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEPjxtU0KP_JJ8jZhOZVaCLQ&google_cver=1&google_push=AYg5qPJWmvUAqiPmGiBQjzDd-tJYihVg4Cx1TzeouKtolDg91j2jcX...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlYzczNWY1Mi04NjhjLTExZWMtYjliNS0wMjEzMTE0YzA3MDg%3D&google_push=AYg5qPJWmvUAqiPmGiBQjzDd-tJYihVg4Cx1TzeouKtolDg91j2jcXUGcNtTy0mZCH...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlYzczNWY1Mi04NjhjLTExZWMtYjliNS0wMjEzMTE0YzA3MDg%3D&google_push=AYg5qPJWmvUAqiPmGiBQjzDd-tJYihVg4Cx1TzeouKtolDg91j2jcXUGcNtTy0mZCHl2H08J0WRqdRcYubT1FIEMUaSklFgUVFQAuYM

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlYzczNWY1Mi04NjhjLTExZWMtYjliNS0wMjEzMTE0YzA3MDg%3D&google_push=AYg5qPJWmvUAqiPmGiBQjzDd-tJYihVg4Cx1TzeouKtolDg91j2jcXUGcNtTy0mZCHl2H08J0WRqdRcYubT1FIEMUaSklFgUVFQAuYM
date: Sat, 05 Feb 2022 14:07:16 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 63D0 0
12 B 15ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEgK5HXmVrR_ESxxEpfK8MwSCpWxVa8ekS1atIojQ3POwK0PXFMrtLkh30Va4A0oEsCQSMHw

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 47F7 35 B
464 B 34ms
10ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIof9Jxw7bsIFryC3auOrrA&google_cver=1&google_push=AYg5qPKWuO7hJ5e6PmCvgnOIU9ciGCX_KQ4bwKN_lD11e4A7BJHmVvrYwNKW3rwSmUd62GcN_ysMByebcTzzzXzqTT8eXh0jgkxx

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 47F7
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKu_kHayW95CbQux9Z2S0GoEsKujUJnM8FM8dH...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWY2RWxBQUFCRzRFNEYxUw&google_push=AYg5qPKu_kHayW95CbQux9Z2S0GoEsKujUJnM8FM8dHRqEn_53SUoZMchQC2U8RBgbQsv4LYJUVbac_GRf3MZVHOok_ZY6FMOlPG

170 B
188 B

21ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWY2RWxBQUFCRzRFNEYxUw&google_push=AYg5qPKu_kHayW95CbQux9Z2S0GoEsKujUJnM8FM8dHRqEn_53SUoZMchQC2U8RBgbQsv4LYJUVbac_GRf3MZVHOok_ZY6FMOlPG

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWY2RWxBQUFCRzRFNEYxUw&google_push=AYg5qPKu_kHayW95CbQux9Z2S0GoEsKujUJnM8FM8dHRqEn_53SUoZMchQC2U8RBgbQsv4LYJUVbac_GRf3MZVHOok_ZY6FMOlPG
Date: Sat, 05 Feb 2022 14:07:16 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 47F7 0
104 B 123ms
42ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEG3R9QZ-I1nFkEdTqCy5m1c&google_cver=1&google_push=AYg5qPJkNKp_yE45A0TKMMYJ9utk_wcQ4b3BstxSZtWtPm-Yn3gw0cAmqCEsIbdIOZ8DGAJAM5Y9pamyJTFNWleIGuDBSpWxWf35
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 47F7
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEHDK2WNhaTfErzNl6pDPaEI&google_cver=1&google_push=AYg5qPJgbZEhr0j8iuI9qI1ULVZSKuubyKjK7X3CYT0Jl-PtLfr2OfcmZBnkpOMkP-3RICgtzCMumjFMBmMMKYwjYkgjZvg...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJgbZEhr0j8iuI9qI1ULVZSKuubyKjK7X3CYT0Jl-PtLfr2OfcmZBnkpOMkP-3RICgtzCMumjFMBmMMKYwjYkgjZvg6COfN&google_hm=MjQzMTgxOTk...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
812 B

62ms
16ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 14:07:16 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 47F7
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELF5UNlavPJpJPNCmhCf7Ko&google_cver=1&google_push=AYg5qPJZCoj7kjaD_Js809PGq7ag5ZuYVsCRB8Sv8Q5pRsC8F48iLMYbwHnv6aY0Dd5QFtqY49YdEuqm...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELF5UNlavPJpJPNCmhCf7Ko&google_cver=1&google_push=AYg5qPJZCoj7kjaD_Js809PGq7ag5ZuYVsCRB8Sv8Q5pRsC8F48iLMYbwHnv6aY0Dd5QFtqY49Y...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPJZCoj7kjaD_Js809PGq7ag5ZuYVsCRB8Sv8Q5pRsC8F48iLMYbwHnv6aY0Dd5QFtqY49YdEu...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPJZCoj7kjaD_Js809PGq7ag5ZuYVsCRB8Sv8Q5pRsC8F48iLMYbwHnv6aY0Dd5QFtqY49YdEuqmcp_Mntik3cD-qMi4enOO

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPJZCoj7kjaD_Js809PGq7ag5ZuYVsCRB8Sv8Q5pRsC8F48iLMYbwHnv6aY0Dd5QFtqY49YdEuqmcp_Mntik3cD-qMi4enOO
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

pixel
cm.g.doubleclick.net/ Frame 47F7
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEL6gR7p_KH7K_kll82miE5A&google_cver=1&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEL6gR7p_KH7K_kll82miE5A&google_cver=1&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUx...

0
0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 47F7 0
75 B 84ms
17ms Image
text/plain 185.86.138.120
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOxk21stJJPp7CO1BXZxIW0&google_cver=1&google_push=AYg5qPKGGeioADzu8i_4buUoHvU0RdFWvpBTKKmkOaxN-CWN-CU-qu9hErG_F3j3XC1Oov720HMhL_FeWT-zjEGnK1BfEd_EruVa
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.120 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 47F7 0
12 B 16ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JbopxH_01zkY-0dhd-eEyx-nrJqS7XOazCIMEcAwAmV85494XG26Zhu0Ll9Q3syNBprBht

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/ Frame 56E9 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/1643485919913.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec18ada6631a132ac08e06cadc41662c34442d10596b7bfd27862ed7157b5c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/1643485919913.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:08:25 GMT
x-content-type-options: nosniff
age: 79131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1417
x-xss-protection: 0
last-modified: Sat, 29 Jan 2022 20:23:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 16:08:25 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 90B1 35 B
463 B 11ms
9ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIof9Jxw7bsIFryC3auOrrA&google_cver=1&google_push=AYg5qPLy72-G8C8jGUnZC_FlrX1kdMuAk4UerkFWWjpbK7afNamLHY_p9ILjJ1ct-a3ajWFUI8bsNmTtTkm4_mcuyBF66rrqVJQY

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90B1
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEFixinbaOhB63pb0OjuJmOg&google_cver=1&google_push=AYg5qPJb_5AIk6bgfQT3w80bwQ0aWYeYJJlczt1l5f452b8KwUsZfhcCXJWGygOvWDQm8NjzRXSTio0UsXEHCDmnuCAgFuJjtHmZ
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJb_5AIk6bgfQT3w80bwQ0aWYeYJJlczt1l5f452b8KwUsZfhcCXJWGygOvWDQm8NjzRXSTio0UsXEHCDmnuCAgFuJjtHmZ&google_hm=Q0FFU0VGaXhpbmJhT2hCN...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJb_5AIk6bgfQT3w80bwQ0aWYeYJJlczt1l5f452b8KwUsZfhcCXJWGygOvWDQm8NjzRXSTio0UsXEHCDmnuCAgFuJjtHmZ&google_hm=Q0FFU0VGaXhpbmJhT2hCNjNwYjBPanVKbU9n

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:15 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJb_5AIk6bgfQT3w80bwQ0aWYeYJJlczt1l5f452b8KwUsZfhcCXJWGygOvWDQm8NjzRXSTio0UsXEHCDmnuCAgFuJjtHmZ&google_hm=Q0FFU0VGaXhpbmJhT2hCNjNwYjBPanVKbU9n
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90B1
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ5VCLz...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJ5VCLz...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMDUxNDA3MTYwMDAzMTA2MTc2MjQ4Ng%3D%3D&google_push=AYg5qPJ5VCLzJEBdME49-t3X3ZN0W0-PDTM44ud_9LNBkvAZWUIQOjwIMvduBGftzJMDCr...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMDUxNDA3MTYwMDAzMTA2MTc2MjQ4Ng%3D%3D&google_push=AYg5qPJ5VCLzJEBdME49-t3X3ZN0W0-PDTM44ud_9LNBkvAZWUIQOjwIMvduBGftzJMDCr9KFF2EAqoFVDOpYWF-ozMR3UBOzOM

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAyMDUxNDA3MTYwMDAzMTA2MTc2MjQ4Ng%3D%3D&google_push=AYg5qPJ5VCLzJEBdME49-t3X3ZN0W0-PDTM44ud_9LNBkvAZWUIQOjwIMvduBGftzJMDCr9KFF2EAqoFVDOpYWF-ozMR3UBOzOM
pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 90B1 43 B
350 B 76ms
17ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMSBUCCGTgggSEGSo-3hAzs&google_cver=1&google_push=AYg5qPL4d_-GDt1mL1j6-cjXyZRXITjYu4EUvCsuTjulRlPHe1wGYm79HOInTfEUXp0BwRf1wvJy-yVCNx72SAyXWnbj_1ty79Id
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 645og4ci4812rbh4pdn801k0l18n8afp

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90B1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nQC8pV2iQjaxdlNmFQi-zA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nQC8pV2iQjaxdlNmFQi-zA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJNJEMAazGuiRBUHWcCXjb3kNdjuwH3dNNHuG7_3GlVjEYBeNEQgcAOG7UqUF-fYVSnET3L8t5FMpZa22FE2NXF4zqBpBk

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nQC8pV2iQjaxdlNmFQi-zA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJNJEMAazGuiRBUHWcCXjb3kNdjuwH3dNNHuG7_3GlVjEYBeNEQgcAOG7UqUF-fYVSnET3L8t5FMpZa22FE2NXF4zqBpBk
date: Sat, 05 Feb 2022 14:07:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 90B1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOoNP7aOHd8CZG9NElqVauk&google_cver=1&google_push=AYg5qPJS9HcCYl4tfl6EzfKrJf7G_RGDSDUxiuHOJBBu_aad4HwFZd112YY3S7GVZHn3PFqmMF8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o5V1VNU1ItMjUtQTZCWQ==&google_push=AYg5qPJS9HcCYl4tfl6EzfKrJf7G_RGDSDUxiuHOJBBu_aad4HwFZd112YY3S7GVZHn3PFqmMF8rKnK3EkdkhDHUMSHu2jGW1teg

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o5V1VNU1ItMjUtQTZCWQ==&google_push=AYg5qPJS9HcCYl4tfl6EzfKrJf7G_RGDSDUxiuHOJBBu_aad4HwFZd112YY3S7GVZHn3PFqmMF8rKnK3EkdkhDHUMSHu2jGW1teg

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o5V1VNU1ItMjUtQTZCWQ==&google_push=AYg5qPJS9HcCYl4tfl6EzfKrJf7G_RGDSDUxiuHOJBBu_aad4HwFZd112YY3S7GVZHn3PFqmMF8rKnK3EkdkhDHUMSHu2jGW1teg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 90B1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdju...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 90B1 0
12 B 16ms
16ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LvwMn2yP4nIYuK5Cn_aYBPlhamvCnnTYWArJ3o3wH8iQb-ntUJ8Ww0Du6HPkBWeQhT_qZ2

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame 92D6 0
337 B 31ms
30ms Image
text/plain 99.80.121.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=327246144&adid=505723104&creativeid=156919757&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.121.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-121-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=72 t=1644070036
x-served-by: beacon-n018-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame E50C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENtRj8Tnb4DZkE9onCIAoA4&google_cver=1&google_push=AYg5qPI9WCLAM_mDYZPIBOi5rMPKqj18TcfeG6MBnijFhceFS3dkmHUESXoTenG-Y38ceHms9Gq1Ma9WqvpS2by3dUr1jvUUomcCF...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENtRj8Tnb4DZkE9onCIAoA4&google_cver=1&google_push=AYg5qPI9WCLAM_mDYZPIBOi5rMPKqj18TcfeG6MBnijFhceFS3dkmHUESXoTenG-Y38ceHms9Gq1Ma9WqvpS2by3dUr1jvUUomc...

43 B
414 B

187ms
165ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENtRj8Tnb4DZkE9onCIAoA4&google_cver=1&google_push=AYg5qPI9WCLAM_mDYZPIBOi5rMPKqj18TcfeG6MBnijFhceFS3dkmHUESXoTenG-Y38ceHms9Gq1Ma9WqvpS2by3dUr1jvUUomcCFg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI9WCLAM_mDYZPIBOi5rMPKqj18TcfeG6MBnijFhceFS3dkmHUESXoTenG-Y38ceHms9Gq1Ma9WqvpS2by3dUr1jvUUomcCFg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d8cb43fe89e92ba-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d8cb43e6b4e92ba-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENtRj8Tnb4DZkE9onCIAoA4&google_cver=1&google_push=AYg5qPI9WCLAM_mDYZPIBOi5rMPKqj18TcfeG6MBnijFhceFS3dkmHUESXoTenG-Y38ceHms9Gq1Ma9WqvpS2by3dUr1jvUUomcCFg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPI9WCLAM_mDYZPIBOi5rMPKqj18TcfeG6MBnijFhceFS3dkmHUESXoTenG-Y38ceHms9Gq1Ma9WqvpS2by3dUr1jvUUomcCFg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E50C
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESED7QMVoc33cW4Nz_FL_mFM4&google_cver=1&google_push=AYg5qPJRc0hVCzXDQh9O_W94T0AvSHInE79FpLfvVHh9ZNWhTs3JMbRGNQ7uKKNHAZksqSajNs1kS4sIQwseCjbsBbX7kjp...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED7QMVoc33cW4Nz_FL_mFM4&google_cver=1&google_push=AYg5qPJRc0hVCzXDQh9O_W94T0AvSHInE79FpLfvVHh9ZNWhTs3JMbRGNQ7uKKNHAZksqSajNs1kS4sIQwseCjbsBbX7k...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJRc0hVCzXDQh9O_W94T0AvSHInE79FpLfvVHh9ZNWhTs3JMbRGNQ7uKKNHAZksqSajNs1kS4sIQwseCjbsBbX7kjpO4qug

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJRc0hVCzXDQh9O_W94T0AvSHInE79FpLfvVHh9ZNWhTs3JMbRGNQ7uKKNHAZksqSajNs1kS4sIQwseCjbsBbX7kjpO4qug

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPJRc0hVCzXDQh9O_W94T0AvSHInE79FpLfvVHh9ZNWhTs3JMbRGNQ7uKKNHAZksqSajNs1kS4sIQwseCjbsBbX7kjpO4qug
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E50C
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEIzTkL10HjlLcluS8-gWaKQ&google_cver=1&google_push=AYg5qPKq6nhDI5gDjS6oxJtaYG1DPMjYK692oCH7rgygfs8ZGF4xFob0MDtgtgm4W2dBhJUwqJtnD7CO4kiH0zCt...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKq6nhDI5gDjS6oxJtaYG1DPMjYK692oCH7rgygfs8ZGF4xFob0MDtgtgm4W2dBhJUwqJtnD7CO4kiH0zCtf0iWkmcOZO_8Tg

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKq6nhDI5gDjS6oxJtaYG1DPMjYK692oCH7rgygfs8ZGF4xFob0MDtgtgm4W2dBhJUwqJtnD7CO4kiH0zCtf0iWkmcOZO_8Tg

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 05 Feb 2022 14:07:16 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKq6nhDI5gDjS6oxJtaYG1DPMjYK692oCH7rgygfs8ZGF4xFob0MDtgtgm4W2dBhJUwqJtnD7CO4kiH0zCtf0iWkmcOZO_8Tg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 3ZxEoF5s_4ku7oTh-5FT2e4doev9D9rsLU0H9NJAhiGSBtbh-uCMbg==

GET

pixel
cm.g.doubleclick.net/ Frame E50C
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEM46Vs6x7UPSw44D_8cNINE&google_cver=1&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l

0
0

GET

pixel
cm.g.doubleclick.net/ Frame E50C
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEL6gR7p_KH7K_kll82miE5A&google_cver=1&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEL6gR7p_KH7K_kll82miE5A&google_cver=1&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E50C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPLEMJYBVuB4Vz_VPNhNPCpgUM9kLRgnJWDw73Ya9-LxKQDGfULCHdOSryLL8WertlRT8jYTY50LWky60LlGXgE2LmV_KdbBNA&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-6d35dc82-76cd-4ea1-8aff-7ed8c5bf1156-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLEMJYBVuB4Vz_VPNhNP...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLEMJYBVuB4Vz_VPNhNPCpgUM9kLRgnJWDw73Ya9-LxKQDGfULCHdOSryLL8WertlRT8jYTY50LWky60LlGXgE2LmV_KdbBNA&google_hm=A2013IJ2zU6hiv9-2MW_EVY

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLEMJYBVuB4Vz_VPNhNPCpgUM9kLRgnJWDw73Ya9-LxKQDGfULCHdOSryLL8WertlRT8jYTY50LWky60LlGXgE2LmV_KdbBNA&google_hm=A2013IJ2zU6hiv9-2MW_EVY

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLEMJYBVuB4Vz_VPNhNPCpgUM9kLRgnJWDw73Ya9-LxKQDGfULCHdOSryLL8WertlRT8jYTY50LWky60LlGXgE2LmV_KdbBNA&google_hm=A2013IJ2zU6hiv9-2MW_EVY
date: Sat, 05 Feb 2022 14:07:16 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX6d35dc8276cd4ea18aff7ed8c5bf1156003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E50C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMnDtTzbzgva5HI5rrAmNYw&google_cver=1&google_push=AYg5qPLpl5O3TT3I-Pbiz4c7P9eJzxshdXoloG0ybhjkwFCg3DfPBb49PgCmidGlm6q3QD6iY7...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEMnDtTzbzgva5HI5rrAmNYw&google_cver=1&google_push=AYg5qPLpl5O3TT3I-Pbiz4c7P9eJzxshdXoloG0ybhjkwFCg3DfPBb49PgCmidGlm6q3QD6iY7...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IZFhXY3A1RTJ1RWJuQTRjVUU1dTZhdTVnQWU5WHA2X35B&google_push=AYg5qPLpl5O3TT3I-Pbiz4c7P9eJzxshdXoloG0ybhjkwFCg3DfPBb49P...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IZFhXY3A1RTJ1RWJuQTRjVUU1dTZhdTVnQWU5WHA2X35B&google_push=AYg5qPLpl5O3TT3I-Pbiz4c7P9eJzxshdXoloG0ybhjkwFCg3DfPBb49PgCmidGlm6q3QD6iY7RfNDfDl2N_Vj5HUQfHcNh8OKCI2A

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1IZFhXY3A1RTJ1RWJuQTRjVUU1dTZhdTVnQWU5WHA2X35B&google_push=AYg5qPLpl5O3TT3I-Pbiz4c7P9eJzxshdXoloG0ybhjkwFCg3DfPBb49PgCmidGlm6q3QD6iY7RfNDfDl2N_Vj5HUQfHcNh8OKCI2A
date: Sat, 05 Feb 2022 14:07:16 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame E50C 0
12 B 16ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KLX-Y7sX_-JW9qOS_5rwGVWbuLce-Ri6OZoNDZhnWNVd7ZG4rz-WcwtFh5GfswY6tx7MQeVA

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 -RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js Show response
pagead2.googlesyndication.com/bg/ Frame 72D1 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-RQXuketuW9jWIYsaM5S-Ql31PXoBsmd6vdkFHZtDQI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13701
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Feb 2023 17:36:34 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 92D6 0
23 B 46ms
46ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVuaXDmqaW9eSreWMnP-exkdePvTIPIONEdc301_TPhyipQzNHi6lHORsrk_Ua825cpKKNYOXBtCsTxzEgyomPGjG-IHcSk5Y8TStJKa9o4lrfArv7bETNI7fxbOYP9LBGL2ZvWzL2zM8YKrONNTRqjn2HlTelDqgZUxDr8uG7AXIT95uWqeKeWFj6BK1A7Wmm8M7YGbHKfCjcrGOdL1MAqdDLqkMxWE-0ipI4p4DLZdNZ2qLDXK4_gLCNb_Lxtxn630TVXefVTA0tE05XMtZAo8XLuqThl3R4lLf9zmT495vFAxA-GgDHBqCTDLHqunvkiJzfrmgY8APSHTXCQytd6VqdAoqbusrLaVWTv6LG5fcsmWG3N0RFhKnRS98nN7WOHVVaqBJMgk7boaOQ-1_I62MTW3i8Y8h6N5r0a_iULwouI7gpWY6IXowx4QJ1xshULOOFIvV_WhZneBPKB8bfy3FBzppqmhlXYSUZ1a4GIM-Fc2SAF2IGFRbDJee_sAW9vDDF2Ob1Y29-K8459i9z-slTFDCRWlNtGWoGY_qpIowMNEv4qch1diq3oI5ub8etyX47tQmv4EGcQssNMt17EY2awgUMhusA6HK54NLMTcMXnSa0iLLYA_EfIBF3-d7ycwxhLmirlufMJbWyHesBdKeH4ZEAf8IXoMSCr535IJQcNNTvHvwvwkWBd4klOvY9mipdycZj5SBY3MLkTkpqRhsBY_DA6xqwM06qwT81cjfIqeNxmVb3zstvGrP9Ss4MvECSKSMMhTKiHWHokqbUiczB-oj8tIcrLnzRwnHsJxfR8sT1I3Qo2PGfn0TWiW2DMrXCy0u66w78Mlqzot4TcHDmvqFUVxF5u_N3-WQLrP2AIh42J5OcCLz5d25_EGkWtYPkLRMXsmjq7Z6INOcUj_EDHJd1wGu4MnTO2SZsIYflY8TnAr5cLCtcVXpoIvJLFuZEQD0B29FT4zx2qcZmimJpS6KX2yqIKmPYYxIZAPGhWGYIcdT1EI--ZJGGA_vwxr_iL1FQD995S28y_EeCTo8Qo-piwbRXP14q7hNeKDw0VlvGUaZOsmzmCVLxRwOFjvU_NgMYQH48X_Hnegef70UjiCEadrbnL7cKxa9gNizsQQgx2IM2FW6aEj7gtLuQ4UM7gBSavLrTaxdnKdDWbvR1MKwhMlbiRdT49g&sai=AMfl-YRJ9KC0JJ8f14AmGI9euC0nttWNYrb22tbAKv2AZfUo2vsR9ZfP3mzFgDs11LxyRrugk-iWVv0NzRMQDUeJ_J-9y0jZmgAcsIqG4oMn8uprhdMNgKvBIRW_2wo6vSKxMHyQVYgvAjzy-ZFy8fIKC42wOrIl0A&sig=Cg0ArKJSzOjt9zzK9lKwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=771&vt=11&dtpt=462&dett=3&cstd=303&cisv=r20220201.50777&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 45AE 236 KB
63 KB 19ms
19ms Script
text/javascript 2a02:26f0:f7::5c7b:e033
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15360649606527256241/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e033 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:22:16 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D125 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Feb 2022 16:37:12 GMT
expires: Fri, 03 Feb 2023 16:37:12 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 163804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3CED 1 KB
752 B 10ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sat, 05 Feb 2022 05:53:44 GMT
expires: Sun, 06 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 29612
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4A57 1 KB
752 B 9ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sat, 05 Feb 2022 05:53:44 GMT
expires: Sun, 06 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 29612
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Animation.js Show response
s0.2mdn.net/sadbundle/1179665840288294935/ Frame 361B 64 KB
8 KB 18ms
17ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/1179665840288294935/Animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1179665840288294935/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5893813fd82637ad80c6b6cdd608485bd27896e6acb3215dda94ca5d95166f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1179665840288294935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 14:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8283
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 23:18:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Feb 2023 14:37:13 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame EAE3 0
23 B 56ms
55ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssv-Njregz9ilLo4QzBI9x0Vcip3iUAcXR5dkFaDALxyNI4DzUAEbYzr9r-PKeGMzTXvpuvRptIbnnuL3kGUcomX2Xn2jV87bUAZ0baziYWoJ9SDvuwGcalGrLvaQ7IpoBHZfcn7NTwCdRmUF3UBBcsMpEDXMkE29Dnkrc60WeLs-9OUe68HIP22xcsLYMAwzMT5lP44TkuuRiDJJ3xkjRTlBXlhGyXvACwDwKj1ctDRcSWAbUzJlZscjo7_MeeVMYist-vNgf67OIP4alJ5N7-gae1T39v8wTcX8t-njnh_mtpkEQOyrtl1_q7eXnjjI2ccpZVoHdaWuWpnp2tAkuVNdaajJbYDEdLanN8VnLANWTK4D95bqEhByYpnMZM1xozt3Laj5rICCU6yf0ChpLZ3Mx2B3w_59fEU4OhiTBma5udxTDkYjQ501hhOHLSoZRHf9dpbFq-nZnHDdL-3OyG5A0x6COfkkkAHv7HzcM89ibq-Zr3zGMbjTiKyyr6CKkWkOZebdErz_3YKsZW0ehGH85clbQHS4B8qSoyus1JT4j0t5J6BaaXJCvYWy074uIey9083xb73LvpdCyskSFy1ymYcYalDDdKbDVz9_XaLpgjU3XjR1-f7vriO6pGyiGoT7hJOviHlOP6Ea5uVGnYd6D0As4nazzR1yPQtzOmd39dy0QoaqL9zd8xaCmIkFKD6fEpaadxGKGT_zklgW3VyEkfZEjUeTn4Pf1FkRmPR6jR4H6JWpcz7jMgXREBzMCiB1hjx-lzRuVq3dz5n7lKcTTRZL_NYmL6l_F09R-y1wcz2ffx1Qz5YRJOnfNMHGchqud-nLN6SxvBQmwHtcszFwI2U9K4RMJoCyVqmdwBDFWKdFMnQH0rcuFy9nlrMMvl-3-znUZMPu2XctPZokw9zxswAMXk5ZZ_ja9tFBR0rv4Aojf7tvcx51UgswQDRXoViCEiex4JKqn6N_SykgCmbWst1HJb21tgrsigoykI1jSm2yeG_BQgmf1bgLkWPN2OK3-T7QBo1V8hXui9fceXuEfgr3itXh0VxmEXlCBVKfNpqKd5AD8oeZ2ELIX8TtQv90Ryrg9t9mGuSHeH1mhuqQQSbaOlhpXQh7MxRbMPOb88IL_T_yuMuS7pIbYgVBffu_EOvJQ5lw&sai=AMfl-YQZ3DajEw303GgsNFtqb3T8Aw-ORt5vsJ1qzQ9fxRo_jC-HhGfcWR7AxeTUuHAxo5QYyJ7YPw_unRalhTxpkAubqeWOmu3_KUPI_vacAX3GcaR3bV_uH2yRfz4VW0NUd8rdvdiqNZtjTuWoGjeOxgsiXGdU-g&sig=Cg0ArKJSzP8oKZU0TdkpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=790&vt=11&dtpt=490&dett=3&cstd=298&cisv=r20220201.59258&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Animation.js Show response
s0.2mdn.net/sadbundle/15360649606527256241/ Frame 80F1 76 KB
9 KB 17ms
16ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15360649606527256241/Animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15360649606527256241/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

426d486615a8ad79acaf76e8b9b82be074764cf2e92656e853537a9f8fbc5b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15360649606527256241/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 14:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343821
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9463
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 23:19:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Feb 2023 14:36:55 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5CF1 0
23 B 54ms
54ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstX5V0qgifq7v2r5J2Otj52ukvjJKaBei5IfilzyiDfQh2d79B7rGCnXj9MaWlPmV2FPzxrmBBAJ59D-DcC_pdv09Veg7VNE8s4x0Lp7ZGgATbZDKN9_4uhLzudvL5m_BGh0-Wk8Rfr7o6P_y8b7OMBuRRiFie7h5c0N-KM21a4tr3O-1yx8II1qUxDCYOqpw2-QbT1QW1gauxBK9K4z1fzhqjqy8bGwE5sQqfgl8AybWddo8Tldbpomc8IFs4TAozRe6B6ESriGgC5HxV9d96uva_lajN-4rl1BxgeAlk5l1RpjrhFNpjSTQbEZu6zAfxtyXuFw2r7nyPYMtv_Iw77eiiNSzPoiqgujoFvVi11y821_Nmm2HZNQa2aqNRqmk5N8J8kT57GLT03ROw8YvJuZ7pDhCrQXfTuBqA4gC0icDMayFBezimdwZPohvNzcnQ7CiQO4MMcffPwZBV3Rz_Ta5cmci2O9GvTKGuS3HutfI7vTA6SJClsLbYPltiPauCE00mxBPGFd84ObHwGtp7UEo08VvpFA7uRavEtm49hHRZla4CHSlDY_9XK6-17cZvzAEaRGU4miaMymQYkrdyRjxuEiaJFP6XS8QRK9Uu0ohzTiSq0--IU8xsP23cceTbwHZPAc0xkN6YNvBPLVBAwCRTPluo6DGGL_oZdvPsLJspufYv2PnPcbJKdjZBSiEw-bWGm-vzvNJccpa_aLCHyhum60-0oSwrhOIdWL1RNYVh9u9S9J1zEmy9Ez3p2gf5aQrq3_j1DpmafIBQ5ioVfQn0srkiKwgP-zE3XZHTxBF6zv_dBmZtLrWHb9ft7FzZiBzhOf-p9NzvikctnC2RuvczySd8acF5RA4C9zMHxZxetVuPzxBmOAX8FQrjH6YOUB3JkBie0o45hVySCNJvU_sZXrdMxUMm8PlOruTHcwkl2d6ApllXoMQPOx7dSY0suA4UjaI7dLOVPgZnX9qVFLhHpdnCCTezCalqAGfF-ZIlVLRrq30m4z1LnVC8esqsJ1UcoBzKl3F_cyatwVW2ZlDfLSdM8EfBNPpYzp-1a-ec6blb2qJltKzYotLbGAf0aHMiyvEq3COyDLB5jXBWrFOsDsQJsZlj6UKEx2X01zNAqoevUPw0r5aXBJ8W6ekMLzx8fENZrhaC2T8BINDjAYA&sai=AMfl-YTX1PnzI2SA70PVzDqrL7g-wYw6Lx-WSi5w7IB6nOfS5H5VjLtb1DHDQa09AOnwrpigFtBuBCmMeV4c1t6DA-aXfluuagXOgrLR4E5FTV06cVaW3lUBhGTqtkTfOidiG5Mts2Hnvxn1c7k3kL50-S5MIS4kvw&sig=Cg0ArKJSzNJydzGkrvKiEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=817&vt=11&dtpt=521&dett=3&cstd=293&cisv=r20220201.56423&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame D26E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b35e9f23450638d249dfe65d2547472ecffe7302f3f6d6ba8df37418137ff6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D26E 15 KB
15 KB 24ms
9ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 101953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 09:48:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D26E 15 KB
15 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 245457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:56:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D26E 15 KB
15 KB 26ms
13ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 245324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:58:32 GMT

GET
H2 200 af5fc09f-edef-481c-bfa7-696005c6deb3 Show response
consumer.krxd.net/consent/get/ Frame 92D6 221 B
416 B 59ms
36ms Script
text/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8e22e71d8d78c46c6030bbdd057890642f2db09b51041daa2537ebc4bb7b7572

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a002-dub-prod.krxd.net, cache-hhn4057-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1644070036.328041,VS0,VE31
content-length: 177
x-cache-hits: 0, 0

GET
DATA 200
OK truncated
/ Frame E8EA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 552b12037e4f3847eb7b6f1fc7a957545712f1a9eb0bc9460a8be623f581fb84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.gr.19.8.284.js Show response
static.adsafeprotected.com/ Frame 3F3D 189 KB
60 KB 67ms
9ms Script
application/javascript 2600:9000:2156:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.284.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/892768/59097903/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:07:13 GMT
content-encoding: gzip
age: 853204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jan 2022 16:52:12 GMT
server: AmazonS3
etag: W/"fb9b2792c3db887dfff0ad3cd668ef5a"
vary: Accept-Encoding
x-amz-version-id: dmAY6a2.PaweZS3llbmldpNvP5GdhzI6
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: kwMu18h8fQNoRQCWm6aQYM75nCGWC0wkVzPUte84h6GFsBs3_bz5yg==

GET
H2 200 main.gr.19.8.284.js Show response
static.adsafeprotected.com/ Frame 5CF1 189 KB
60 KB 73ms
16ms Script
application/javascript 2600:9000:2156:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.284.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/892768/59097903/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:07:13 GMT
content-encoding: gzip
age: 853204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jan 2022 16:52:12 GMT
server: AmazonS3
etag: W/"fb9b2792c3db887dfff0ad3cd668ef5a"
vary: Accept-Encoding
x-amz-version-id: dmAY6a2.PaweZS3llbmldpNvP5GdhzI6
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: W5-E1hHwTrZXuw5jr_58IFprp1aI-ofg7MiPdALhMuFSF8wz9gekcQ==

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E8EA 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 101953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 09:48:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E8EA 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 245457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:56:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame E8EA 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 245324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:58:32 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 56E9 13 KB
6 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/1643485919913.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 17:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Feb 2023 17:58:10 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 56E9 7 KB
5 KB 19ms
18ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

934956b7a40203e7a031386af6022afe1683299b1c7fcec4e1d2c54808ed1f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5555
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 679D
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OWRzWVU5bnAxTmdsSUU1&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPK8Y6LsizndQPWLO3ULzHdaupkr9pLQb-4HdmuHdm5...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OWRzWVU5bnAxTmdsSUU1&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPK8Y6LsizndQPWLO3ULzHdaupkr9pLQb-4HdmuHdm5f3GxFC4spgBUgofnrH-CtSIeVicbD0nAN7lidp3eZzBhsvS3Vhg

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:16 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-087e8c0a3b0870f0e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OWRzWVU5bnAxTmdsSUU1&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPK8Y6LsizndQPWLO3ULzHdaupkr9pLQb-4HdmuHdm5f3GxFC4spgBUgofnrH-CtSIeVicbD0nAN7lidp3eZzBhsvS3Vhg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 679D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIqdIz6eaQ5YDCU8f1i-5nE&google_push=AYg5qPK55YIBSLRF4vCYUoFAQ0-UEpLicw_trjGxEP4ezLQR8uOk8UpfPq...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIqdIz6eaQ5YDCU8f1i-5nE&google_push=AYg5qPK55YIBSLRF4vCYUoFAQ0-UEpLicw_trjGxEP4ezLQR8uOk8UpfPqAcrOTHPXdLqIhdtPYI9HlpplF5AdanTuBTcy9TKQ

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1644070036.428339,VS0,VE94
x-served-by: cache-hhn4057-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIqdIz6eaQ5YDCU8f1i-5nE&google_push=AYg5qPK55YIBSLRF4vCYUoFAQ0-UEpLicw_trjGxEP4ezLQR8uOk8UpfPqAcrOTHPXdLqIhdtPYI9HlpplF5AdanTuBTcy9TKQ
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 679D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIBVZylfuuSRz2XCaLu76Eg&google_cver=1&google_push=AYg5qPLIiDYCAnL0gRFwRVyIsmGxO3AI3f9-HOzILBW7lGSL5dpeOZss6oIdIL3uQ2bNdXLu9_wxhUN...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEIBVZylfuuSRz2XCaLu76Eg&google_cver=1&google_push=AYg5qPLIiDYCAnL0gRFwRVyIsmGxO3AI3f9-HOzILBW7lGSL5dpeOZss6oIdIL3uQ2bNd...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=UdhR1EXlTrOB20YXcOXnyGH-hJQ

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=UdhR1EXlTrOB20YXcOXnyGH-hJQ

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=UdhR1EXlTrOB20YXcOXnyGH-hJQ
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 679D
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESELL7-Jt609qFGOD6RjACuSA&google_cver=1&google_push=AYg5qPJjsGsx1Qe0vjBhi7nzpIYKBoWb_2hDqQ4QCJITXAbWb6O7fbgBwMwovG0W4keRWzWzA9rtw7inkxnD41uA...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rwd8T3JET-S5VxtexBV55g2&google_push=AYg5qPJjsGsx1Qe0vjBhi7nzpIYKBoWb_2hDqQ4QCJITXAbWb6O7fbgBwMwovG0W4keRWzWzA9rtw7inkxnD41uAdZqvB6lM3ek

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rwd8T3JET-S5VxtexBV55g2&google_push=AYg5qPJjsGsx1Qe0vjBhi7nzpIYKBoWb_2hDqQ4QCJITXAbWb6O7fbgBwMwovG0W4keRWzWzA9rtw7inkxnD41uAdZqvB6lM3ek

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 05 Feb 2022 14:07:16 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Rwd8T3JET-S5VxtexBV55g2&google_push=AYg5qPJjsGsx1Qe0vjBhi7nzpIYKBoWb_2hDqQ4QCJITXAbWb6O7fbgBwMwovG0W4keRWzWzA9rtw7inkxnD41uAdZqvB6lM3ek
x-host: tde-deliveryengine-production-655df8fcc8-fh8zv
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 679D
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1&google_push=AYg5qPIExZ2jTCeDHrWHEUtDsBTwSByNrVbKnDGuuUXp6_Mf6sl0xWaBNoipNHrnNv2dv_NajJSN10JT9MIvvsrdB93n...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIExZ2jTCeDHrWHEUtDsBTwSByNrVbKnDGuuUXp6_Mf6sl0xWaBNoipNHrnNv2dv_NajJSN10JT9MIvvsrdB93n2hEJN0A&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==

170 B
188 B

20ms
19ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIExZ2jTCeDHrWHEUtDsBTwSByNrVbKnDGuuUXp6_Mf6sl0xWaBNoipNHrnNv2dv_NajJSN10JT9MIvvsrdB93n2hEJN0A&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIExZ2jTCeDHrWHEUtDsBTwSByNrVbKnDGuuUXp6_Mf6sl0xWaBNoipNHrnNv2dv_NajJSN10JT9MIvvsrdB93n2hEJN0A&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==
Date: Sat, 05 Feb 2022 14:07:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 679D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOoNP7aOHd8CZG9NElqVauk&google_cver=1&google_push=AYg5qPIhRtLpFpfe7luNBU1eevR1BuPGGjJAVWEnbHx689SrdRkLGU_1ITisbbF2M4MQpFbS7GI...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o5V1VNWTAtMUItNjgxVQ==&google_push=AYg5qPIhRtLpFpfe7luNBU1eevR1BuPGGjJAVWEnbHx689SrdRkLGU_1ITisbbF2M4MQpFbS7GIzSWnz1LZ-6SvTwQvx5_E7ArA

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o5V1VNWTAtMUItNjgxVQ==&google_push=AYg5qPIhRtLpFpfe7luNBU1eevR1BuPGGjJAVWEnbHx689SrdRkLGU_1ITisbbF2M4MQpFbS7GIzSWnz1LZ-6SvTwQvx5_E7ArA

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1o5V1VNWTAtMUItNjgxVQ==&google_push=AYg5qPIhRtLpFpfe7luNBU1eevR1BuPGGjJAVWEnbHx689SrdRkLGU_1ITisbbF2M4MQpFbS7GIzSWnz1LZ-6SvTwQvx5_E7ArA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 679D 43 B
65 B 43ms
42ms Image
image/gif 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEOYafJsrZqVWErkLyGaPyEg&google_cver=1&google_push=AYg5qPIS7IntBRa1388RUzHaA8_bYXvHHvy4odz5ZNaXnPupctL5_BvYHb_XjjMW8YuJ88L0JlFOpQZg_xH4tcT0D1QRubMwsWro

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 06 Feb 2022 14:07:16 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 679D 0
12 B 16ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kss45v4lbVrnmoBnW3Xac0-Re5mYLaFCDu92C_Qc2iIqeCYvbtS-XvZr2kEOsOk_uneopnMQ

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 6E08 6 KB
670 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=7691821754&adk=2833670827&adf=776186316&pi=t.ma~as.7691821754&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035391&bpp=4&bdt=212&idt=193&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=623277121&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=3097249311&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=4436955030176171&pem=908&tmod=1056153063&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.rhvm6zc4novi&btvi=1&fsb=1&dtd=203

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 13:22:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Feb 2022 14:07:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 6E08 1 KB
882 B 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:54:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 13:54:22 GMT

GET
H3 200 Animation.js Show response
s0.2mdn.net/sadbundle/15360649606527256241/ Frame 45AE 76 KB
9 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15360649606527256241/Animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15360649606527256241/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

426d486615a8ad79acaf76e8b9b82be074764cf2e92656e853537a9f8fbc5b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15360649606527256241/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 14:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343821
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9463
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 23:19:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Feb 2023 14:36:55 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3F3D 0
23 B 43ms
43ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5ZMcN8a_cq3xcAWHt8ZtFCkXV1R5rneVnPzKF5GC3VRwfszgACHo7fRnUBJX8w_JYYQwvdhyErNCTTKLdV6FDSdpL26_j6IAPXvJMePMsO4DwUFcqtxPI0s_RJPeyIo1TzIqbSvCfkLJ8Us04mmHVOr2bFKnVJHnJVIsAtjkXsN5VDnmMioIyjS305F1BSjbHdn178VTXN_02Zlrkuix33Q-hif2OtUSfAxnMp8-MLnjsn2Ga49LfzTwO8ZMgixOvQK2bT7B0sekyQ1XhcSCoZLkz6OuUFdiMSIvevQ0bPxJbWDJeNVlt1KPzrUdVt5C0Ss-6yQiZTwPATlC31vx4GWoxCdhUnSPAWkOWbhV-29WzJnGEQC7ekmVyVIVTxMMIvaiYr0GAgVDnUracf4S2LBdKFX_ykQNyPy_gnegzW_j4TrWA3eNlzPxCSQKFrl-Pt2BtNznXSYDwRM2rQ4KBrS4uTHvapFdvz486r2PPwsQOlhYw7CmZ1e-w7rxA5RIp6aP3s725vvGZ5H8EfeCSSjzCLTM4ydII47B8Io_v_s38m2ciwkP2q7hqHTgRrtGFZQOuUdVClSw466N4ErV0d9YqFffPEoCIgEEwoYmiHgZ6aIQLXehkWcT1s3Wfq3HUMk8HSp3d4fUApcM6L9UsdSDijbTNpECw8-9Pfg3TKAP-IpEsSH6nhd2vNZ9mEv7kfbamtYQSSr28Qsd-QOVxIuNMwQnJe2H9MsNiu32MI0gwF8SqwpNKGguWTCDuRJnH01-ZgkQYhpLAWXY4z5iiSmK5cUMJFjZpv7A_W9kWEWAbIQAv1fCaVUDNJbv5Mn5Z6Ewi1PCnerDMGZAldxNcG7Usgc4Njs4cUiIONoaXh-S7BiGq1s765nfJ8JhjcS0bY5FzfGh9DiXlP289TtD1mN8TwY05J_LJoE2ALyTCwMlIbLSWXoCiKZizWuRN4V4BuYKcsyvz6Gjc-a7aFdoqUXpKZBLECTK-NLV2c9p9n2Nw9n1vYJEu12fWcj0E7igD95AGIIZkmecnEl7SzSOkhilZM5_P2CbFtK6gwygj5mAs-MZXkS8aVhZb4ZvFscou9q_UXXcGj7YogaUKvsVR9GnyJiw-mj5w8o1E7d9DN6TZ-fOt-TxTjFpWQLoR1_Gw3T4pOCpFjYXRN40novFY8g&sai=AMfl-YR3qvm1i1ySduugVnKgpRY_qgB5NdIsovnlTgk2UF1SaH06rwk350hThKe8VWiLgGogOp7IUaFNSDrWhO2t3473tjbGH_MwSiaWHQj6yJeKVOlOk6uaxVF9USBfcqG6I7PiOwdXauSj9n_kubX_7cosFJR4gQ&sig=Cg0ArKJSzP_-mAqCPJIfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=729&vt=11&dtpt=353&dett=3&cstd=374&cisv=r20220201.70348&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/sukkot/sukkot10.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame C6A5 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 249A 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/ Frame 6E08 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:57:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7737
x-xss-protection: 0
server: cafe
etag: 11249816806015362922
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 13:57:30 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 6E08 2 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E08 123 KB
37 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 6E08 14 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:04:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6204
x-xss-protection: 0
server: cafe
etag: 12229469669374805284
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Feb 2022 14:04:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6E08 0
0 15ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQuuYB20RO83qmrEsByCzwtZLPIZoX2ZXObtmmiqS6fX8pMTXWLPAzbWwyFmlqbJ2qhygwM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=7691821754&adk=2833670827&adf=776186316&pi=t.ma~as.7691821754&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035391&bpp=4&bdt=212&idt=193&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=623277121&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=3097249311&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=4436955030176171&pem=908&tmod=1056153063&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.rhvm6zc4novi&btvi=1&fsb=1&dtd=203
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 4b5ee2b4ff5a9298bcc39e4df8189ef4.js Show response
www.gstatic.com/mysidia/ Frame 6E08 27 KB
11 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4b5ee2b4ff5a9298bcc39e4df8189ef4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 14:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11337
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 15:21:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 May 2022 14:51:56 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/15988308953110935789/ Frame 6E08 38 KB
38 KB 14ms
10ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15988308953110935789/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4c7624d71141bc24456225abe4e8587ecef2dc0f3a2c5db6b13fd76305c364c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 21:11:44 GMT
x-content-type-options: nosniff
age: 320132
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38881
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 08:40:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Feb 2023 21:11:44 GMT

GET
DATA 200
OK truncated
/ Frame 6E08 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e7948eacec03b7a5733b8ebf00d32492e565d6ff80e6a7032cc66233b41450e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Animation_atlas_1.png
s0.2mdn.net/sadbundle/1179665840288294935/ Frame 361B 114 KB
114 KB 9ms
8ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/1179665840288294935/Animation_atlas_1.png?1620311625259

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

105f1d512f341e1a9ea5b204628c3b7e2250069c9f9dab7e28f1fa4080b9b97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/1179665840288294935/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 14:37:13 GMT
x-content-type-options: nosniff
age: 343803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116949
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 23:18:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Feb 2023 14:37:13 GMT

GET
H2 200 main.gr.19.8.284.js Show response
static.adsafeprotected.com/ Frame EAE3 189 KB
60 KB 9ms
7ms Script
application/javascript 2600:9000:2156:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.284.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/892768/59097737/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:07:13 GMT
content-encoding: gzip
age: 853204
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 26 Jan 2022 16:52:12 GMT
server: AmazonS3
etag: W/"fb9b2792c3db887dfff0ad3cd668ef5a"
vary: Accept-Encoding
x-amz-version-id: dmAY6a2.PaweZS3llbmldpNvP5GdhzI6
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: FOfV-DGbFf68OVqRdCYTRAzOq8TkDob4ltzzeCqSg15Wnl3aV0bdWg==

GET
H3 200 Animation_atlas_1.png
s0.2mdn.net/sadbundle/15360649606527256241/ Frame 80F1 178 KB
178 KB 10ms
9ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15360649606527256241/Animation_atlas_1.png

Requested by

Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a200ab5ee0a0362c99e8cba9cd21b0166e6c5d1a74f5e448b55caf81bbc0177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15360649606527256241/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 14:36:55 GMT
x-content-type-options: nosniff
age: 343821
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 182033
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 23:19:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Feb 2023 14:36:55 GMT

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame C893 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6E08 0
0 82ms
80ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CT4RAk4T-YdLuJdvG1fAPyoK4mAuKrNbzZ4aY4L7zDrCygOyQAhABIIXskgJgldqpgrAHoAHMjPWaA8gBCakChe8Dwc41sz6oAwHIA8sEqgTcAU_Qwk_LALBMhd51PNsJPeX0W9CCJb0RBFmy9OnyQTOPB4HGfSiAtQBe1dSJ2nIy3lVqaGzyLA8zRcT7YaMhY_AbpXk2nd5btpDoxUD95Ov8oOtayoM02g5VURUovENq5WXo9EoAKF-SC_DNlFE6rq_61o6-Yw2QwQjOfBce012e5pllsYQ7P1CGSQ977_TA7RnsRRFuT7duV-4TB4ucj_N47sluU-4KMO_0jN_bktIa0aqLqjC6v7i_P1tZRTg6TFvM3-JZwGPU2okXAIoTnFhvwJbq31f9PfSGK4fABNqG1cmhA5IFBAgEGAGSBQQIBRgEoAYugAec84plqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ1aID0ggJCIDhgHAQARgfgAoByAsB2BMMiBQB0BUBmBYBgBcBshccChoIABIUcHViLTgyNzUzMDIxMDc2OTM2NjQYAA&sigh=xMx58QoY4PI&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=7691821754&adk=2833670827&adf=776186316&pi=t.ma~as.7691821754&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035391&bpp=4&bdt=212&idt=193&shv=r20220201&mjsv=m202202010101&ptt=9&saldr=aa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=623277121&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=3097249311&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=4436955030176171&pem=908&tmod=1056153063&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.rhvm6zc4novi&btvi=1&fsb=1&dtd=203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 05 Feb 2022 14:07:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 56E9 17 KB
6 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 92D6 81 B
240 B 31ms
31ms Script
text/javascript 99.80.121.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.121.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-121-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 03a6b902340645ab75b746e9efdad06d6edba90e41fd6c2a3ac62058fbda38f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=38 t=1644070036
x-served-by: beacon-n016-dub-prod.krxd.net
content-type: text/javascript

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3CED 70 B
264 B 103ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELYmkvRQfBN7zuhMidsVT50&google_cver=1&google_push=AYg5qPJXfQsYrhX_gOFc3XwzMkd_uGK-GTt2glRvnpxIe8DEBkYjT8wBh8kvb3wyVNDtfY3j6TnLeIlcK2imNGUhLly_oiWE3bpP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5968639485&adk=2761460659&adf=272530240&pi=t.ma~as.5968639485&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035293&bpp=11&bdt=132&idt=221&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=2&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=1571542740&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=2048&biw=1600&bih=1200&isw=300&ish=250&ifk=2321873798&scr_x=0&scr_y=0&eid=42531398%2C31064036%2C31063221%2C21065725&oid=2&pvsid=4306747683082109&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.t5koc7w0c16m&btvi=1&fsb=1&dtd=240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CED
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEESxC-H8mbEYDZ4cRdPgRoQ&google_cver=1&google_push=AYg5qPKNDzLMaq-jKIaPqg0IqRalpUi2WZ0F-ahE_VCiC1GV33sir7YclNTQiyIZ7vMnumnOCuWFfMpmV3rrlv...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTIyNzAzNjk1NjU1NTQwOQ%3D%3D&google_push=AYg5qPKNDzLMaq-jKIaPqg0IqRalpUi2WZ0F-ahE_VCiC1GV33sir7YclNTQiyIZ7vMnumnOCuWFfMpmV3rrlvRZi5...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTIyNzAzNjk1NjU1NTQwOQ%3D%3D&google_push=AYg5qPKNDzLMaq-jKIaPqg0IqRalpUi2WZ0F-ahE_VCiC1GV33sir7YclNTQiyIZ7vMnumnOCuWFfMpmV3rrlvRZi5TXAIATSM4

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA2MTIyNzAzNjk1NjU1NTQwOQ%3D%3D&google_push=AYg5qPKNDzLMaq-jKIaPqg0IqRalpUi2WZ0F-ahE_VCiC1GV33sir7YclNTQiyIZ7vMnumnOCuWFfMpmV3rrlvRZi5TXAIATSM4
Date: Sat, 05 Feb 2022 14:07:16 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CED
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1&google_push=AYg5qPIU8UOnh5kI0FdzggLaC_RLB3XpfiFQskJCQ2Vi9qC-Htu40hFlCk5Z6znxPYrNd2TaRq19iui4l_eoii_0ax1q...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIU8UOnh5kI0FdzggLaC_RLB3XpfiFQskJCQ2Vi9qC-Htu40hFlCk5Z6znxPYrNd2TaRq19iui4l_eoii_0ax1qF9VQQreJ&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==

170 B
188 B

21ms
21ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIU8UOnh5kI0FdzggLaC_RLB3XpfiFQskJCQ2Vi9qC-Htu40hFlCk5Z6znxPYrNd2TaRq19iui4l_eoii_0ax1qF9VQQreJ&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIU8UOnh5kI0FdzggLaC_RLB3XpfiFQskJCQ2Vi9qC-Htu40hFlCk5Z6znxPYrNd2TaRq19iui4l_eoii_0ax1qF9VQQreJ&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==
Date: Sat, 05 Feb 2022 14:07:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CED
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBd29pctppWfTEFXtN7XSXQ&google_cver=1&google_push=AYg5qPIXbwuTvL-dKHicM7YAcliJpdj-YcjPWGZkSNafb3XHOaRZrbg_-0SvFBF0u--3q3oOtevh2GcxcTJji4_YUmqHuEP...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIXbwuTvL-dKHicM7YAcliJpdj-YcjPWGZkSNafb3XHOaRZrbg_-0SvFBF0u--3q3oOtevh2GcxcTJji4_YUmqHuEPJ90UD&google_hm=MjM4OTc0OTg4NjQzNDA2MzQ2

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIXbwuTvL-dKHicM7YAcliJpdj-YcjPWGZkSNafb3XHOaRZrbg_-0SvFBF0u--3q3oOtevh2GcxcTJji4_YUmqHuEPJ90UD&google_hm=MjM4OTc0OTg4NjQzNDA2MzQ2

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 05 Feb 2022 14:07:16 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPIXbwuTvL-dKHicM7YAcliJpdj-YcjPWGZkSNafb3XHOaRZrbg_-0SvFBF0u--3q3oOtevh2GcxcTJji4_YUmqHuEPJ90UD&google_hm=MjM4OTc0OTg4NjQzNDA2MzQ2
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CED
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESED7QMVoc33cW4Nz_FL_mFM4&google_cver=1&google_push=AYg5qPLBV5UAhx1kQaV0n3I14Nm3HT-Pi6MIQKzn3C-RipUTPnLKPZLgoC6jDWOwT8r55L8uKo2no8hzcicdZXIszqTQNb8...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLBV5UAhx1kQaV0n3I14Nm3HT-Pi6MIQKzn3C-RipUTPnLKPZLgoC6jDWOwT8r55L8uKo2no8hzcicdZXIszqTQNb8fhIcZ

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLBV5UAhx1kQaV0n3I14Nm3HT-Pi6MIQKzn3C-RipUTPnLKPZLgoC6jDWOwT8r55L8uKo2no8hzcicdZXIszqTQNb8fhIcZ

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPLBV5UAhx1kQaV0n3I14Nm3HT-Pi6MIQKzn3C-RipUTPnLKPZLgoC6jDWOwT8r55L8uKo2no8hzcicdZXIszqTQNb8fhIcZ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3CED
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELF5UNlavPJpJPNCmhCf7Ko&google_cver=1&google_push=AYg5qPK4QkBQnxmfLNQ8bESwGb8B7uPSv0kIACWdevhM0KHrYnaPaLKZ4yVhN5ZY3MyyFxPQU2jy79sT...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPK4QkBQnxmfLNQ8bESwGb8B7uPSv0kIACWdevhM0KHrYnaPaLKZ4yVhN5ZY3MyyFxPQU2jy79...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPK4QkBQnxmfLNQ8bESwGb8B7uPSv0kIACWdevhM0KHrYnaPaLKZ4yVhN5ZY3MyyFxPQU2jy79sTPDuN_-wxffB9QHS2LY4

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPK4QkBQnxmfLNQ8bESwGb8B7uPSv0kIACWdevhM0KHrYnaPaLKZ4yVhN5ZY3MyyFxPQU2jy79sTPDuN_-wxffB9QHS2LY4
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3CED 0
12 B 19ms
19ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYNxPhgT7-BX7RN9HFAxiKNLplAn__2yEgrpfQlYKiDbCcITvdhhSHKqJ_iQ0qvQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 40BD 0
0 42ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupLCUp2qIe2e2-_q5faIf_4aqOmT5nG7aFhxXSzOE4ToHesdYK1kKde2MAXui0nTQAFcXjnHceLHRXsmVwLL8qKkFvemMmAFLOtj8DUtYPLhZnzjbo230GaGrlKEyUFZA2OA1XbK0omyWWKYMEAqk_muNLHPtEKsWXwZOB-ER8wlAUpWwkFXaoB2PdjkdjB7B6vzuV-8-9ze4m9f3EGeyp9uUt5cMm9mdo5JZ7vBAMKBB2ZB0-hsVoK3NbELrfxSfwyGo0Jsm-HWF7kaGcQfGY044LWnnbsAb2vlkf5XQ0xG5T2xM9umqwjUfjVn2BqhC4ARr5hPJNu9NqhI9qeaI7BL-G&sig=Cg0ArKJSzE-ZOvgfrL50EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 40BD 13 KB
10 KB 21ms
21ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1575af48a3e7bde0538d3a98ce2a71a7a75408482271a51dd832354710566e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9819
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A57
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIof9Jxw7bsIFryC3auOrrA&google_cver=1&google_push=AYg5qPI1qAlNw9K6lGHsb4Kvzr4FnAe0-6TzwFf8KddOdGAaED8EhydGiY...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI1qAlNw9K6lGHsb4Kvzr4FnAe0-6TzwFf8KddOdGAaED8EhydGiYd3gq9SuEwWhVYUfT7zPx02wGoofU1XXWShiIT3ZXtf&google_hm=8ZMHzf...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI1qAlNw9K6lGHsb4Kvzr4FnAe0-6TzwFf8KddOdGAaED8EhydGiYd3gq9SuEwWhVYUfT7zPx02wGoofU1XXWShiIT3ZXtf&google_hm=8ZMHzfUgh2pIJgksTtM4CQ

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPI1qAlNw9K6lGHsb4Kvzr4FnAe0-6TzwFf8KddOdGAaED8EhydGiYd3gq9SuEwWhVYUfT7zPx02wGoofU1XXWShiIT3ZXtf&google_hm=8ZMHzfUgh2pIJgksTtM4CQ
pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A57
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OWRzWVU5bnAxTmdsSUU1&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPLVjFNm0KiA-qm0RUeETq7FMiwJGHZVo3wDLbM5cBg...

170 B
188 B

20ms
20ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OWRzWVU5bnAxTmdsSUU1&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPLVjFNm0KiA-qm0RUeETq7FMiwJGHZVo3wDLbM5cBg0403pNsUC17_TUW4sewTi3rgJpq8rs1Ogd8mwESUAwXHEqgICOozL

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 14:07:16 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-087e8c0a3b0870f0e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OWRzWVU5bnAxTmdsSUU1&google_gid=CAESEFKi5K1gXCmFEnL7I70ZdLM&google_cver=1&google_push=AYg5qPLVjFNm0KiA-qm0RUeETq7FMiwJGHZVo3wDLbM5cBg0403pNsUC17_TUW4sewTi3rgJpq8rs1Ogd8mwESUAwXHEqgICOozL
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 4A57 43 B
674 B 196ms
184ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESENtRj8Tnb4DZkE9onCIAoA4&google_cver=1&google_push=AYg5qPKHsaffuP8oE9x3hGKhHHpoCckZlEo6C_7wDw89f3MLJlwtsS8Njv3v4_cFjVb6Qojpd8qftEH4QWxBBttNLhlrMxthr5Ji&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKHsaffuP8oE9x3hGKhHHpoCckZlEo6C_7wDw89f3MLJlwtsS8Njv3v4_cFjVb6Qojpd8qftEH4QWxBBttNLhlrMxthr5Ji%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_LMrec2_16526K&adk=2587679829&adf=272530255&pi=t.ma~as.Google_LMrec2_16526K&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035305&bpp=5&bdt=129&idt=248&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=741711046&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=1330430865&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=2398180986554050&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.33jngu59ejlu&btvi=1&fsb=1&dtd=269
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d8cb44028005bdd-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 4A57 70 B
265 B 84ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELYmkvRQfBN7zuhMidsVT50&google_cver=1&google_push=AYg5qPLh8rFXqbJti9chMqOqk0_UhpYxSgUATBfoD8rDY2gvKu5FaTXmnOY38wdP7quNlGm9jcTLt38iOZ68m52J4T1evB9DQKEC
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_LMrec2_16526K&adk=2587679829&adf=272530255&pi=t.ma~as.Google_LMrec2_16526K&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1644070035305&bpp=5&bdt=129&idt=248&shv=r20220201&mjsv=m202202010101&ptt=5&saldr=sa&cookie=ID%3D390fc1d269c4a297%3AT%3D1644070032%3AS%3DALNI_MYGaGLpB5zU9qjg1Elp8hSOJiKP-Q&correlator=1111014703122&frm=23&ife=4&pv=1&ga_vid=2085351050.1644070032&ga_sid=1644070036&ga_hid=741711046&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=2343&biw=1600&bih=1200&isw=300&ish=250&ifk=1330430865&scr_x=0&scr_y=0&eid=42531397&oid=2&pvsid=2398180986554050&pem=908&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.33jngu59ejlu&btvi=1&fsb=1&dtd=269
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A57
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIBVZylfuuSRz2XCaLu76Eg&google_cver=1&google_push=AYg5qPKFPXoeltxHk-3jOmXVa_u4VfFZ5NKZvmuGLmmvVpOHnhkge-GugDe49Esh7gThG_TIrSt2WOt...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=UdhR1EXlTrOB20YXcOXnyGH-hJQ

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=UdhR1EXlTrOB20YXcOXnyGH-hJQ

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=UdhR1EXlTrOB20YXcOXnyGH-hJQ
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

200
OK

google_sync_status
x.bidswitch.net/ Frame 4A57
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1&google_push=AYg5qPJlLC8b3-s-s3nVh5_j5yhV1bQHBrEC2XFn54gf5uxh9O3WBIEU-biWN-4vXBHAzeU_i5pfuSF2hk5GlffCaZG7...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1ac4bd40-597e-4529-ae5c-9327496200b9
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=1ac4bd40-597e-4529-ae5c-9327496200b9
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=675569e2-1056-4aec-8abd-6b38ef96d529&user_group=1&ssp=google&bsw_param=1ac4bd40-597e-4529-ae5c-9327496200b9
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=GsS9QFl-RSmuXJMnSWIAuQ==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1

43 B
220 B

10ms
10ms

Image
image/gif

3.121.12.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1
Protocol: HTTP/1.1
Server: 3.121.12.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-12-72.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 14:07:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHrUqqvNhg4nmu81SCddIUw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A57
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELF5UNlavPJpJPNCmhCf7Ko&google_cver=1&google_push=AYg5qPK-3EwoVKZIwxrYKLqbsfCLN7vgjV6DHZgarQSr3oFSo0Pd96fxNu4V3GQwqDFrMZMib3dRi9Xu...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPK-3EwoVKZIwxrYKLqbsfCLN7vgjV6DHZgarQSr3oFSo0Pd96fxNu4V3GQwqDFrMZMib3dRi9...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPK-3EwoVKZIwxrYKLqbsfCLN7vgjV6DHZgarQSr3oFSo0Pd96fxNu4V3GQwqDFrMZMib3dRi9XuESOVvExJaKNX0LmjBTdj

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzQyMzM0NTI3NDYxOTU4MTc5NA&google_push=AYg5qPK-3EwoVKZIwxrYKLqbsfCLN7vgjV6DHZgarQSr3oFSo0Pd96fxNu4V3GQwqDFrMZMib3dRi9XuESOVvExJaKNX0LmjBTdj
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4A57 0
12 B 17ms
16ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JixAl3JQ32Xvkvu5PlnNIwG7t9kZB4HGW-fjMOd84juiQuXP0ct7P3qFaiTh6-PXW8SA1B

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 13BB 0
0 43ms
42ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucX2WS_L1SQkSUsxOnvs259E7gMifV0cz6OwwpkTL61mwJbpjywXU61faUMpRndE7BtNPk7Lys4Ck_3epFnXtZQ2ePOpY3f42CG3OebQ17_dOzJU3YsctKHxglPW9F5EEAQHgkoExIcxYMSul_yu21fZxtd9R3sMssJed-dA2F4fSWHtKuDCZfWa-M4_MwhfZSOcPME_kwT4yfMJ_bKOHHXj8LX-XYYiDKDHmg3UbMTslX_148uhNmoQbWC6Bs8JVoQnulgTxR144wRNumemrryqeiWNu65RwnUcb9Pj19JXaKgR9e_IY7IAdqq6tysPmyjHG4HUzDXX7_gWRVvLA&sig=Cg0ArKJSzCLpRprzRpWTEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 13BB 13 KB
10 KB 21ms
21ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c820d8e2bdd674ae4630554dd47c788e32af1e6ca557edf7709dedc8de3ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9746
x-xss-protection: 0

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame D125 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 200 Animation_atlas_1.png
s0.2mdn.net/sadbundle/15360649606527256241/ Frame 45AE 178 KB
178 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15360649606527256241/Animation_atlas_1.png

Requested by

Host: code.createjs.com
URL: https://code.createjs.com/1.0.0/createjs.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a200ab5ee0a0362c99e8cba9cd21b0166e6c5d1a74f5e448b55caf81bbc0177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15360649606527256241/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 14:36:55 GMT
x-content-type-options: nosniff
age: 343821
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 182033
x-xss-protection: 0
last-modified: Wed, 05 Jan 2022 23:19:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Feb 2023 14:36:55 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 3F3D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/892768/59097903/skeleton.js?adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fefcf57d3dba0c3af5211245e59583554.safeframe....
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

8ms
7ms

Script
application/javascript

2600:9000:2156:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:2156:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
age: 18423080
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 5FzRyrGN7T2ZQCPWf9GW37MgnNH2RKUyZ1Rx428WhgqGyY38Rkbhdg==

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
x-server-name: app10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame AFD1 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:2156:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 6321958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: 722fHxf5nNOZv7i2iHgcrxXB7916X9o7mqGWIaUuNOPiC-syNan9VQ==

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 5CF1
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/892768/59097903/skeleton.js?adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fefcf57d3dba0c3af5211245e59583554.safeframe....
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

9ms
8ms

Script
application/javascript

2600:9000:2156:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:2156:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
age: 18423080
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: jE6WBCL8gqwB-Wl5NI_rfdgRD61OKcRmbIya0czC6ip0eFKdcJttBQ==

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
x-server-name: app08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame D05D 80 KB
21 KB 11ms
9ms Script
application/javascript 2600:9000:2156:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 6321958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: ofnRDOIUOfFno4NN4PyZBQvovOX2skU5mXCUI12LO7i9VEI0BR5jxg==

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 789E 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 40BD 17 KB
6 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H3 200 congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame 56E9 98 KB
98 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/1643485919913.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/1643485919913.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:00:32 GMT
x-content-type-options: nosniff
age: 404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100772
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 09:13:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 14:15:32 GMT

GET
H3 200 86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 56E9 57 KB
57 KB 10ms
9ms Font
font/woff 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/1643485919913.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/1643485919913.css
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:02:05 GMT
x-content-type-options: nosniff
age: 311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58447
x-xss-protection: 0
last-modified: Wed, 15 Feb 2017 10:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 14:17:05 GMT

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame CD28 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 13BB 17 KB
6 KB 130ms
130ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3F3D 43 B
215 B 448ms
183ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=c47841b0-5e10-47ad-e265-ba96863bc416&tv=%7Bc:3m5HuK,pingTime:-3,time:381,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:237%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:381,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:237,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B156~0%5D,as:%5B156~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWzIkaJ+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a41%7C1b*.892768-59097903%7C1b1%7C1b2%7C1b3%7C1b4%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3F3D 43 B
216 B 355ms
93ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=c47841b0-5e10-47ad-e265-ba96863bc416&tv=%7Bc:3m5HuL,pingTime:-6,time:382,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:382,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:237,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B157~0%5D,as:%5B157~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWzIkaJ+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C194%7C1a1%7C1a2%7C1a3%7C1a41%7C1b*.892768-59097903%7C1b1%7C1b2%7C1b3%7C1b4%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:1b*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.123greetings.com*&br=c
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
DATA 200
OK truncated
/ Frame 6E08 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5320da9aebdd1311e1d299de33f7949a811aa83d2c5e664e81296d6d446a7562

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5CF1 43 B
215 B 432ms
185ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=726c7e69-142d-cd55-4eb9-8f3ffa1483eb&tv=%7Bc:3m5Hv2,pingTime:-3,time:396,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:277%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:396,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B125~0%5D,as:%5B125~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWzIkaJ+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C194%7C1a*.892768-59097903%7C1a1%7C1a2%7C1a3%7C1a41%7C1b.892768-59097903%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5CF1 43 B
215 B 428ms
183ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=726c7e69-142d-cd55-4eb9-8f3ffa1483eb&tv=%7Bc:3m5Hv2,pingTime:-6,time:396,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:396,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B125~0%5D,as:%5B125~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWzIkaJ+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C194%7C1a*.892768-59097903%7C1a1%7C1a2%7C1a3%7C1a41%7C1b.892768-59097903%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:1a*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.123greetings.com*&br=c
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6E08 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 101953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 04 Feb 2023 09:48:03 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6E08 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 245457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:56:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 6E08 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 245324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 17:58:32 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame EAE3
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/892768/59097737/skeleton.js?adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fefcf57d3dba0c3af5211245e59583554.safeframe....
https://static.adsafeprotected.com/skeleton.js

17 B
463 B

11ms
11ms

Script
application/javascript

2600:9000:2156:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:2156:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
age: 18423081
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: trmNh8a-a3MXn4JAAJrn7de13Dr4xVb4VWV0DotLkk4G1NqprQUE2A==

Redirect headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
x-server-name: app06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 6CD9 80 KB
21 KB 8ms
7ms Script
application/javascript 2600:9000:2156:8200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 6321958
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: lsYHeei3FSnZSa-vnUXasYloHga4sFaZU2mlJv34untvoLIom36jpQ==

GET
H2 200 optout_check Show response
beacon.krxd.net/ Frame 92D6 81 B
240 B 31ms
30ms Script
text/javascript 99.80.121.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.121.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-121-211.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 03a6b902340645ab75b746e9efdad06d6edba90e41fd6c2a3ac62058fbda38f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:16 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=32 t=1644070036
x-served-by: beacon-n004-dub-prod.krxd.net
content-type: text/javascript

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B366 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLS3-Ef0KwuDv-pt7Z1Q-9WsR9d4FN9Y49GF-EWyZZUieDfqH70NBYYnbvhexR4Xt3FxfAyUro2rD8lO-xtm71YO7ISYTqqod79PAFUCoAygSSN7qx&sig=Cg0ArKJSzCJZgpPpKta0EAE&id=lidar2&mcvt=1084&p=1033,635,1034,636&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&v=20220202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=265943010&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644070035186&rpt=494&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3F3D 43 B
215 B 351ms
184ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=c47841b0-5e10-47ad-e265-ba96863bc416&tv=%7Bc:3m5Hwj,pingTime:-2,time:478,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:501,bdZ:1029,beA:1186,beZ:1187,mfA:1408,cmA:1409,inA:1409,inZ:1412,prA:1412,prZ:1419,si:1424,poA:1424,poZ:1436,cmZ:1436,mfZ:1436,loA:1567,loZ:1569,ltA:1663,ltZ:1663%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:237%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:478,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:237,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B253~0%5D,as:%5B253~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWzIkaJ+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C194%7C1a.892768-59097903%7C1a1%7C1a2%7C1a3%7C1a41%7C1b*.892768-59097903%7C1b1%7C1b2%7C1b3%7C1b4%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:1b*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:238,readyFired:true%7D&br=c
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame EA75 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5CF1 43 B
215 B 250ms
94ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=726c7e69-142d-cd55-4eb9-8f3ffa1483eb&tv=%7Bc:3m5Hwu,pingTime:-2,time:486,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:300,bdZ:1056,beA:1211,beZ:1213,mfA:1482,cmA:1482,inA:1482,inZ:1483,prA:1483,prZ:1488,si:1490,poA:1490,poZ:1497,cmZ:1497,mfZ:1497,loA:1608,loZ:1609,ltA:1698,ltZ:1698%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:277%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:486,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B215~0%5D,as:%5B215~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWzIkaJ+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C194%7C1a*.892768-59097903%7C1a1%7C1a2%7C1a3%7C1a41%7C1b.892768-59097903%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:207,readyFired:true%7D&br=c
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 05E2 0
0 44ms
44ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuang8rfllUwlhUQfsFC2zgrpcR3ia6Jqu3Q3Wsioju1rJvjZHcTYOh94VNytgWERsuokGrj_eAsaulSJL2kN-8Uj8NtKxciuxRu5bCDufilIJ21qeCYq1qFsBRg4HAGsOdP0kdV8fQ4lJTHUzd79JVqIAoJGzix-hVCjBw7DPXz2p4hW9wqTq6WHBh2UtN_MXzYxCnwwcRYUE72eaU3oC42KOI8MUliL3gJeli8_IYXqDuLM-V3MWb_aBTyfJ9QUgDVf8V_RvVFPbwX17XQZzxnXPsy02pbMIheQg3Wd49ts6hZNnutPGGXvPeI8iNCbs0yVfHY0gvyfW5N7qR_QM&sig=Cg0ArKJSzNhcmgRLriCBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 05 Feb 2022 14:07:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 05E2 13 KB
10 KB 29ms
29ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220201&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be0584e5556a907700c0d369d793c2d9d8405b898d9841f03ae5ede753b3045f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 14:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9904
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EAE3 43 B
215 B 219ms
95ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=45e5a049-6378-0552-c15c-820d7189a3c2&tv=%7Bc:3m5Hx0,pingTime:-3,time:432,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:344%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:432,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:344,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B96~0%5D,as:%5B96~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWzIkca+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.892768-59097737%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1941%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:18*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EAE3 43 B
215 B 217ms
94ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=45e5a049-6378-0552-c15c-820d7189a3c2&tv=%7Bc:3m5Hx1,pingTime:-6,time:433,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:433,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:344,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B97~0%5D,as:%5B97~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWzIkca+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.892768-59097737%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1941%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:18*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:www.123greetings.com*&br=c
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ Frame 25BD 105 KB
33 KB 9ms
9ms Script
application/javascript 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b71cbde61efbdb2d35eb98be7fba7a3758eae7e277ee2fd1cf18858b9fd16df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 20:55:26 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 09:47:04 GMT
server: AmazonS3
age: 61911
etag: W/"8571f3de34a7dc399b12c9a104c65762"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 9YjNVpQSG8fU_jlENQUyFD6dnrkvJmaT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: thZiwu98m_s-BDjymnB3Pk6L0X8MVQto-UI-GUYauLhfS6m8dlmk2g==

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ Frame B366 105 KB
33 KB 7ms
7ms Script
application/javascript 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51b5ee83353dd7c1ee92e7089cc3f10263144601e521ef3d2583d0dd9177fb90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: M7pTfxBYPr7XlCRB3CsMwo3ppqKe2wQy
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 08:54:06 GMT
server: AmazonS3
age: 51451
etag: W/"ca1a73deed5ce0ea02fa39ac0d9640a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
date: Fri, 04 Feb 2022 23:49:46 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: IIZ-PSq4VbBwv-ZM4MXcLYZs22ARQv4IwBLUreuDUHy9E0F2KYwZIw==

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ Frame B366 105 KB
33 KB 8ms
8ms Script
application/javascript 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b71cbde61efbdb2d35eb98be7fba7a3758eae7e277ee2fd1cf18858b9fd16df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 20:55:26 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 09:47:04 GMT
server: AmazonS3
age: 61911
etag: W/"8571f3de34a7dc399b12c9a104c65762"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 9YjNVpQSG8fU_jlENQUyFD6dnrkvJmaT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: AvUALZ7oUobzYr7ACjK9W-M3HlOncgvDOpMdtY-LflQh9tkSSN5eWw==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4DF6 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSs9mo1OYC5_wxWwyoclwiKBjUZkrd5CwGMN5SHHJYzl3F0OC5wGuPKyrlPTAk89IHqgEhZ7INgRy16RLTXxX8Zq94SvJS1L5HM_VItnS9rCoNLrJiMA&sai=AMfl-YSf4mKfohY9gkyIV7gQba2K87AsoNGCpMIazORKtAPEK0TyttNe6CroLvbfZxBlpOoWXHci8i0veqiG-UUANjnA9IHfA-5uOiOiHbgpQf1You3F4Z0WNgyeZ9Q&sig=Cg0ArKJSzCQMrs3hz__UEAE&cid=CAASEuRo5R5lHimoj7EsFTfdB9tIlA&id=lidar2&mcvt=1118&p=929,402,993,870&mtos=0,1118,1118,1118,1118&tos=0,1118,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&app=0&itpl=20&adk=3674860380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644070035169&rpt=613&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5CF1 42 B
64 B 81ms
79ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsstE927oORA6aOqk1uR7qTXYxnZh5KbSMQmjQhmZYDGQkBXHsJ8A2oaZXJAMNAxhrMVq1BWWZgCEh2nHzZrhlDkCUPkbNVnMG6HoLddfnTPRqQKaoP9sw&sai=AMfl-YQNv3jpev7N9b49N11j8rqW4U01AIpfF781Mo7xWeoQLazVIl9Kl2Uqg-c9FuiKSTwN_rQZkkFXAfjisf6N-PYLnPrAHpQ8W6C-B3EwShG8VYT-xq_pHDsNgcM&sig=Cg0ArKJSzJkse9y41QsfEAE&cid=CAASEuRoFXLtAej77_S5B5PW_qPzJg&id=lidar2&mcvt=1119&p=236,970,486,1270&mtos=1119,1119,1119,1119,1119&tos=1119,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2334180326&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644070035136&rpt=683&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E46 35 KB
13 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 05E2 17 KB
6 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 14:07:17 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EAE3 43 B
215 B 110ms
109ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=45e5a049-6378-0552-c15c-820d7189a3c2&tv=%7Bc:3m5HAF,pingTime:-2,time:659,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:331,bdZ:1233,beA:1306,beZ:1307,mfA:1641,cmA:1641,inA:1641,inZ:1642,prA:1642,prZ:1648,si:1650,poA:1650,poZ:1661,cmZ:1661,mfZ:1661,loA:1738,loZ:1739,ltA:1964,ltZ:1964%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:344%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:659,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:344,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B323~0%5D,as:%5B323~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sWzIkaJ+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18*.892768-59097737%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C1941%7C1a.892768-59097903%7C1a1%7C1a2%7C1a3%7C1a41%7C1a5%7C1b.892768-59097903%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:18*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,sinceFw:314,readyFired:true%7D&br=c
Requested by: Host: efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
URL: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BC53 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 12:47:06 GMT
expires: Sun, 05 Feb 2023 12:47:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AB00 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf43064e3f1c998f26bf5c758e91e790ba4386a156df9deec3a09818a1f06287

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1urbWvkvwrhchOI/Y5ZFdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 05 Feb 2022 14:07:17 GMT
date: Sat, 05 Feb 2022 14:07:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-1urbWvkvwrhchOI/Y5ZFdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EAE3 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssH4LDAqN1Jox4OwWTObmpRl7sgWSzUcCjswshlyWC7LSCThiE4MXKZsTnbZvUL8oS20jnvJ_pbutrUBtFIbOQqnog9TwTjjc6PXXxNzRNO1jgFq0rTdw&sai=AMfl-YTftXGIOiU6WQpXr7c37M5F0IeGIizCuUMY9TVErTNcnjXpDJqNQ554BAKbyGtC50aCsobplqGcQ9C6Pn6AmCq8W_J9L9sB9LCsAcJ5qTO_4Hw1_u35vZrq3X4&sig=Cg0ArKJSzDyCkvRdeSnSEAE&cid=CAASEuRoBhB2cTCP0e3HsM7D-2MTlw&id=lidar2&mcvt=1194&p=47,560,137,1288&mtos=1194,1194,1194,1194,1194&tos=1194,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2931586391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644070035129&rpt=786&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 92D6 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjste2jkQRLWSAdi84fTE3Jv1v3HopcTWeGJ_FIYZlBjCrZiyMj7Geok2r6N_6lYIlr0_VEF-WbFKlUv3D1kg1dEteya1CjCv0aqjHHpDnmWai8TWPuCQBQ&sai=AMfl-YTV2g-Y6b7gHAjScN0jjRO1V9pb3iZzQLpBOLh2by6l6y_ZZt4ijoOKOCQpPD-tU9VzNcdG_fM7YY_SviEjBRdwZjVau6VdU04EeO6ExghAgqHwpSBYQ9EWyQ0&sig=Cg0ArKJSzODSrMMc3XPwEAE&cid=CAASEuRop7TjHE4moMDF9e4HHB3SNA&id=lidar2&mcvt=1195&p=239,401,299,869&mtos=1195,1195,1195,1195,1195&tos=1195,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=97135718&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644070035132&rpt=734&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 mhorizontal_allnetflat-m_v212a5045a-9664-4796-9ecf-bef94763a0ea.png
s0.2mdn.net/4528404/ Frame 56E9 24 KB
25 KB 10ms
9ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/mhorizontal_allnetflat-m_v212a5045a-9664-4796-9ecf-bef94763a0ea.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83459dd260d000a4adad5777fa192f2637bebbb820b24bb8f99e2faeefe0bc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 15:48:06 GMT
x-content-type-options: nosniff
age: 80351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25066
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:12:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 15:48:06 GMT

GET
H3 200 stern_nur-fuer-kurze-zeite6c61e08-5445-44de-b2f2-0927e7f93a3e.svg
s0.2mdn.net/4528404/1643625118200/ Frame 56E9 13 KB
4 KB 10ms
10ms Image
image/svg+xml 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1643625118200/stern_nur-fuer-kurze-zeite6c61e08-5445-44de-b2f2-0927e7f93a3e.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dc4d92e58716eea952cc64e46698788f4b0c43ef1ed7dff87b6dcbcdbf31693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 13:27:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3830
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 10:31:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 06 Feb 2022 13:27:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FD28 13 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 12:47:06 GMT
expires: Sun, 05 Feb 2023 12:47:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E07 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d889d8dc7bde568e22e43cc5c39a40d9cbed9174e3842390acddeca37ad96abd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6/tl6JLHn2hTGHt9TldXqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 05 Feb 2022 14:07:17 GMT
date: Sat, 05 Feb 2022 14:07:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-6/tl6JLHn2hTGHt9TldXqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F3D 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKAmn4H7j34iOJINCRZIUcQay2yEkQoWLkOjCpYFOr3mOQciWdOEwrhTsqr3dulUCyplXGpkESva0qHrBbFaXDKRyAwlnnB6ma5mzojyUv-acr-8304g&sai=AMfl-YQhU2UDq9CHXSKy5wRPUoCC09UvSiAXyqRnwUKcGjabQhodExm2_xp2-Uthb_tE_4YoCdoawkzfrNFLmlAuRzijd4SKc5y9URDHzdC_pwca92eMN_pesEymSeg&sig=Cg0ArKJSzK3ptW0w0-6vEAE&cid=CAASEuRoOr0sYTC-NeA4doKBlHtOIg&id=lidar2&mcvt=1072&p=993,970,1243,1270&mtos=0,1072,1072,1072,1072&tos=0,1072,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&app=0&itpl=20&adk=912788858&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644070035160&rpt=910&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 105 KB
33 KB 8ms
7ms Script
application/javascript 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 51b5ee83353dd7c1ee92e7089cc3f10263144601e521ef3d2583d0dd9177fb90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: M7pTfxBYPr7XlCRB3CsMwo3ppqKe2wQy
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 08:54:06 GMT
server: AmazonS3
age: 51452
etag: W/"ca1a73deed5ce0ea02fa39ac0d9640a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
date: Fri, 04 Feb 2022 23:49:46 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 28KOvCmIZ2nflPBI3kkwArqJwLFSwjPM6KVihX6jCGmKSSOeY-C4vw==

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ 105 KB
33 KB 7ms
7ms Script
application/javascript 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b71cbde61efbdb2d35eb98be7fba7a3758eae7e277ee2fd1cf18858b9fd16df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 20:55:26 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 09:47:04 GMT
server: AmazonS3
age: 61912
etag: W/"8571f3de34a7dc399b12c9a104c65762"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 9YjNVpQSG8fU_jlENQUyFD6dnrkvJmaT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: ofNmSVp0XG29HK6VVjMYApfznIM1xUHu3S88NPOS_dkArJZweji4UQ==

GET
H3 200 mhorizontal_allnetflat-m_v212a5045a-9664-4796-9ecf-bef94763a0ea.png
s0.2mdn.net/4528404/ Frame 56E9 24 KB
25 KB 8ms
7ms Image
image/png 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/mhorizontal_allnetflat-m_v212a5045a-9664-4796-9ecf-bef94763a0ea.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/1643485919913.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83459dd260d000a4adad5777fa192f2637bebbb820b24bb8f99e2faeefe0bc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61858357/20220129122349491/index.html?e=69&leftOffset=0&topOffset=0&c=YXGw5UcvNm&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 15:48:06 GMT
x-content-type-options: nosniff
age: 80351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25066
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 07:12:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Feb 2022 15:48:06 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3F3D 43 B
215 B 96ms
96ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=c47841b0-5e10-47ad-e265-ba96863bc416&tv=%7Bc:3m5HG9,pingTime:-10,time:1088,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1644070037432%7C%7Caf58f29dec5b030e2869e7a8a9431896%7C%7C8866308252d63f9bf74b74e606896148%7C%7Cfe0f5e96811022b86830279a353569d7%7C%7C518a1c8757cf72b979ff760c3d202096%7C%7Cbf484897fc4afeef237cb534b07bfa07%7C%7C084589aff2e70f7ace295e84c1fd1e48%7C%7C4c081efdba56b2337668e8b274c89c74%7C%7C1629390669,im:%7Bimprf:%7Bttecl:1572,ecd:8,tsecr:363%7D,pci:%7Btdr:830%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D18D 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 05 Feb 2022 12:47:06 GMT
expires: Sun, 05 Feb 2023 12:47:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A3A7 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8c6305b50c075fd56009e025bd5866ddddc2d03e62da9b67750b516c61e037c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sllBC+iIM9+QC6qGfDoU3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 05 Feb 2022 14:07:17 GMT
date: Sat, 05 Feb 2022 14:07:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-sllBC+iIM9+QC6qGfDoU3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 72D1 0
26 B 44ms
43ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQkeakoT-Ye2cGpCArASCwaGgCQAAAAA4AeAEAg&bg=!LC-lL2vNAAYZkRhwGZE7ACkAdvg8Wi_n5ZNIYQFPQzSSayENEw1vFvu5qrOCDhIqPPpKbKErQqdSyAIAAANiUgAAAAhoAQeZAyWP5ddoF2XH3X2-8ehBSG_8L-TzTVfjX89-ug7ZZegh-O3iHyJ3Vi9AJaAB0-XfJ24MBslCKOUNt5Ib1y2QjZ1gm4_wQ_a6gEHAhAahAw0nsTKx2VhUhr9s-PQrzjKzJcIwDEIPuSk20yTxougjbgMzbSWpeMqIMGX7InZByuEcxdA-MVA4ANv7d62jR3fW2Zu7_8sObBim5eTxKotxysOlKdpGIooZeZzEhkWIKNUxL5WRBzNUXPw0DpQmY2OgSc86oPEMMmlvDQ8VaRaIUu4Sywd8M6hWSWaaJNPcgsIujGEMxtEDhlfQzyHGKIuk89WIgDKu62SSDI_OP4jvM05iCaJ1TZG1UYHbhbroWySDjOOk3dNryP6pxW1YkP8ofyrGR_p7u16q9GJZzurZuwYLDJBu56MabfZJ0PkrawzyrbhD11L1wM12Ght4_evH3slRntYd-x6VR73IxYzjLyNrXQZbImYixDtXK0Rma5R-YqxhrXWXqKQY99rf5cj6Q1DQ6HuEEH48MCvhb7Igc5is8Lg5IcVJEvO--9HtRDpv2MKYH5u-JMPCfB7LzvuZM66sXPiBrGX9NgPbzbON-PKHjqwdIQrPXrCJgYCx5KBx6ani7VdGODgKFtKZ2_L8yM39O7JxGIP7VMY5oly7k4caZewcRDslnVmGzTlfR175576ZEn0ecq4GHcbtcDZvcfaMJ0CK_OJ5Fy08juwadfgEsUfaWEpEoppZ7V6_CEXbdasbQk22gGOElW2qnvfRjuwpdTybYZ-HHjcIsMe-BGYHdAMlUa3dkSVTrPAEJTZdwl35Eb0LZuhkem1xE0EiQARRvijji1ZUJ2x6wSkyuBsoY-p96aLYFlx95BD-aH66_jW-MIIf60BwwHqSgX8bsqPO9Q3UStVT6e7fLeiKxTpPHTMJFAmN4JkTxyS3fguMIY9mnG32ycdwqUTLoUTFpdhLS8s06h9_fAwd6ODyD4o1NbSE2ac-zdHstVI89sWfRSwpRuVl6G-05IeUc5aU33y_H9ACsPqKVf-hHgfqTtZ2fl08ds6qC029zTE-wQ-zVFrgNQ6Z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 47E0 42 KB
15 KB 8ms
7ms Document
text/html 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
last-modified: Wed, 08 Dec 2021 10:46:21 GMT
x-amz-version-id: mkXtqZN.sX1diyvNHzDOuWx2fzD7.NTz
server: AmazonS3
content-encoding: gzip
date: Sat, 05 Feb 2022 14:04:39 GMT
etag: W/"72b7eb0ed3b552f546f4240f3e4e9f26"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JcXCaIK7dxKNNqKnltu3ldDHjwWyApPgqGuHXpnLqzVQ4Ea6c_MrKQ==
age: 35740

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AB00 0
0 56ms
55ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220201&jk=4306747683082109&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5E07 0
0 105ms
105ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220201&jk=2398180986554050&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C6A5 0
26 B 44ms
44ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRlvlk4T-YdnrEoyOjuwP_rG8iAwAAAAAOAHgBAI&bg=!a2ilaCzNAAYZkRhwGZE7ACkAdvg8Wg6Ocf2O4nJouZPyaxEVZux40Qc889sYeXrRszKzJdMCrcnr2QIAAAQDUgAAAAJoAQcKADbtc3Nk60iXyxzpEN8sw7D74raS6E1cMO0mU68LBwzOSyKSGQPwg5bWa8cMUhSAzgDnND3c7z2ZAxnXuJGACDZoZl4JSUuI2kUinfaiJ_s8RtqHhR9j7GIHIHMIhImhKb02emCTglPdJ3fjWeHXmxQV32rCpMVaRsWUhy6MnZBPqYz6dmOoAOZ6bLTuPcNT6Lrp3gcl8lLMwRp3zhImd7B_bk2Q8jhU3YA2iJqPo1_YsCifkVIyG4M4M6JJLyoZMpf6oKQlWbxK6YOKeRYPvk3ClleauTb1Bmtp6Tt-qEeKG_9i0xYgtnwLUcHmc-JMP2Rxpm1cmSEAlNTMDWpeiNhY7sOJxh-sAbjBGc749myV0Q7A1u2pv4E__B8hPjI8RuR0LJ7iNh38gutSweGmJUVgq89_gKA-n2CSP50e-I2AhWVdBrJXt0HKu7ZGY9BHEndY8H22SM56hxdHGey4LzIMmAC-wkG1XtFQwbyEmiWiQXqTclYVXB4VE_KdeZA0VTxUrh8XitTvD5Dr9cxMQcj0sRlIrJb-CNOZrbd6GBKV7mlUuAJB-ci9GevdJq3CV1HA5wQDLuCYfS2PyhjqvTMRsP-mdXwNKD1e76sRW2Vjry6HwWRy3uVMomFin_J8NtdZUdzU5UGs7LjlvTCmA3rgSCdOlF4mYyAMj35iP_ZMNoIvnKmDfJ3p4tSiWzUgYB0tciU6XqyU63mPd7_WCb7TI6cX9avgOXfRJ6W1bdpPeuhEuZyCwRWxOdWs1a2s3VH6UwDZ-aqeeODDx9Kpr84K6ft952PltjPOoep5qmCTm2RDnfQf-io8b4l6bil6l2OcnC1HpPqxXTUVotHgpTFs66GtxP2fiByLyYrrQc6ZYK0tzbOkGPWDXKMc42XzcwDeP3hR-KqoehGXGaPerEPprjlVObBy0cKDCVrzPNHWbzHrjLUVjE7VcPGpARuXpdftTN0YcXrhfxQjHJeyTCdBKQpp1CMLEyOLH1rzD0u8DLFrd2ttbs_Xzp82pEr1vZ7e4I_Qb1ymVg94SG15N-GSC6dCo-F8795Q-b_WJ5yP64QUbkVSz002oQfm8l5wCCpA_ZET9nRTKZJMLbcKZcPyS7am-bwNcjjdjvLKHu8peZAY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 249A 0
26 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4E3ik4T-YfbOE8OU-gaw7YbwCAAAAAA4AeAEAg&bg=!wcKlwobNAAYZkRhwGZE7ACkAdvg8Wk5huAIU7vOqIJ2sZIgLaLRB-uIrGqnGPERDzl7AsboFg4FDxAIAAARJUgAAAAJoAQcKAIc_LMaItZmMeb2DdAtU7CHazOOAh9Vp1twGCcBRZk7wDIr6qYiNPxJtmzJj1G2BoRur7M43UAtzQw6-CxZjfA5Je_DJcUtZllFB-EaSTiWhBKYTUOxkKv4oeGTaQ8-e-KrVa3HmaU7VF-H0f_QK7-66Rnd6DaCX01abGZJNJefC0YyVb76SnlWZAwpOMvrpY8v8fyc9wUYdTyPhZYYpg16bIladw5k9ButN3wDjDx78kHbKUq1k8imob546NQbyvd5fs8cJ0f6yTLjpmBdhCY-DBoW_0Nsxv6en22-msV7xCN46mfnC6VEGU5LpN2S5wTkN004O0mgXq44Ud1zzEdJM3UEoeYksIGV7JrVhsX08agAV7JMQcLAX6HyA3cWOwnQJnTuGHbbAvZ5j8ETRlJ4BO8EC9D0p2bd0gb4C_3fTDIyErdpIrdR_zXGVYqdwHcu4JGuFkVMaIccmxjbOlWC2oYO3aPotMfNnrbuXpkLVLmD7WdMcUxPec4olGUmX6XAAtVtr6I0qASsBMH5_rbnkqCrDB8Py90p7CZIZ7IUG39_lQTkZF3yApcyqvCwmUxBg7RZofMM2J2vhuRNuxkVaHmFjx_98gxpDDvlB8UXfj2DRjJOmPng_JzM1VHGfMZfQPwMIXLO8M8qPtpBB7kLEck25uC4uOT6yQp0_IrS6Ea8ZeBRAzDJTcpLb0viymrRInEj2U3yachNK0iAcPD5X9PwxKM8AFPjwqBFka8UkAOUiu66ELbJCpevlf0U8t1Of8VktpScSDlSmjPdRNujkemP28gWKjO3jtFKMpGjkzmeECunKtSP72aE3Wc6SjtNxcdPx9Fpi7GYdrF2v0tMvXZBaNJlZPflaCvQtpKC8Yv8X3hK5zhLTljC21Wu34OxCHn3DvrhbK7U_JQazZsjv83oQnQDBaltvyU4snKkcgI28qNH3jHU5Rng5M6b5dWpNEnxVN0NhkzatEOXE_Xn0NsLX5sxvYjuysubnTQf0kOxq6Q-dPTTDwCACeUNhus8IAaLruGcl3vDAEQWr0NRuJP0gph7W6RE3K6gWMwz965QyiI0V3LHEP6r-w9nDDrxmGq8UiMb3mG6p1W_aiiJViImpIxX-E2OByLpDspNnKFke20L3PYWSaN7AXXlqWZ6Ra0uEn83IPo7qPTBD4VqsAmTb39ZxEHo6nK9LnsP6XFb2GhliEAy9DQvEZQXsKNubo-8K

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame BC53 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame FD28 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C893 0
26 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbnKTk4T-YYb2EsyI9u8PzdiOoAcAAAAAOAHgBAI&bg=!oqGloeXNAAYZkRhwGZE7ACkAdvg8WrOrMVwdHcjWW6iCCVZvHrzH8N44NyiqbNqkOqRIQzUPBn6V_gIAAAQKUgAAAAJoAQeZAwftBay9zGRfAOBbUlxCxcHsvyJ-D-__frgQEbAQHD6DeUp_R3qVQu4lotjk-WRzI4AkG8SvM-cmfJLFT2YnZGa_XmOP7PV5-90xFa2pA9D5jQOWrweKStZPrgXHngQPpE3fFBddyuKIuFcVExC_3mIlIXOrnNUHxR4Jk6YAJmJakNWmW-xUv6mE9LwNt-x0iJHl8-Ulh0-cJlQENAd1D90SLKNnmLyojTKDdJr6eKIyJ2MTRqrK6QxsvfnjVKwLxBKhVs2M4BQRN6z5w7nfFzy15000QQ_axvGPYk79K23pMUT4dlmdEh1RlaaXF_jHhKRv3mVyPfuxRbFQR1O8enNY3wSJKSzMeyYXWxhDwzsSu5D3i3eTkYNdI8P2gBQXrggZKlkDie5VECP2ukRzHPIxdW6jK1i5RsCNLmzUNVlDGUhLb4dGukhTNfizKYx2iYiV7TsHWgZQGas_Qcw7fJoJGvxOlTpasPGkbCL4dF9nYx0vZJ5eeaXgGvlj9ttlMyHRtERqM-JM3f75v_zOMKhlXfFE49u4SII5tASd7CkziTksrEVbnPTY5eyiwG90zL609KgeF7wn_fDaJG9rxbI5eeUq-dvepQTCXfHlXyESKl7_7_o_YeE3Kb6qz_x2pHus6FaOGM5NTH1dEK1dLNu5svSIqVOIRvTw0qDo3YGh9-9jtXmytRJkmOuJcizgtlfuIrdfAN7pMYiKPNVmEU87PEcXcXNMsK43uC4ByUojdKDi8dItO7CzhEJVkyHhwgbCB1Pf0GR4cGB-8EgDqKtmXkah0XrBePIYMW1YSOweTKCDc6ZA6qXAdTVViPpc-krPPjAduy19W89OfxAP2ZVmJlU8yYoVZqBByEDA_MweUQ5s0hwoZjMhGoEXxpyHxnqrLLEUaCDIV3DI__vLR2GuHiDUGwQd5wvDcaT3PrXECs37Qxtwvja_Dk9FLnzYAy3ELUv6ejmMqwgjo7zcct0MEP9htD-RNwvEWrhCbAvVQlb6Uj2yCVe8h1pPdJYgCwkoW6ZWQcA6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D125 0
26 B 44ms
44ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUXsDk4T-YdTfHMWLlQfspbCwAgAAAAA4AeAEAg&bg=!tbaltvLNAAYZkRhwGZE7ACkAdvg8WuSXJVY1f9xdxCSIQlTwKJmYzdWy6N1y_q3UtmM7VOaO5HrA9AIAAANNUgAAAAFoAQcKABGI4twhIB8u-tGBEEfyVVWmspkDC3-e2hrEb1iH7Ij46HZRANHmTGk6JwsyJ-3f-StUTjoUOEHC6Swq-1DtK1ObPVohflBvXBUnjDtdg8HL4p8sqYg2tVw8L4FuPXFFIHI6p8-BIXbTvuLeub3YdCcGHWhdVJh45aRSRtdOz6M0sfL3dPFrsid02nQ_jHx5_Abzl9kV5mMfvVXi6O9pmY1RLph1U2M9wqSLX3vHHGX6XKlbjO3DOnqB8B8Aq5O3GSizCT1VTq_mgU30_87Dlhk69MkQ-QW61hvnIGfjFZu1SoRzWyFBWVd1iU-Qs7DjCY0ZMNiIE2v3i_6fyfUlULrQTmOseoN4HZfA54PyZSFBf6XBf28n7BQwtNlYtUcFpPX2-QeOvCR8SW1RYSCtL4zdY0INJEzUR7bqEoYp4g_JodwN3gan1bjPjYLGXkqcI4LuAjRvz8kyYVDCeuhpvFwKFJ5RKmOUJqodVoA2tmndYm3ypUAXKVLH5oanCjP5IlFrvikmnjQI6kySAIj7Tkwz8nhOPMWgxdqEaLAyPOZcN-CUTpZfXPd8YEo0tBH_p6JVABf9INUA0uWn50gYC0t_NDOG1IePwu-4NqcWyQn6yShgaOqIw_fRHiUCIpHIsFTcDAHywa1lIWDXmI0o2M6N4QTFgVStW53fEoMIJxvwBTaf_jvS-6SZemoYR9C_KfoNyx9Rfwi5xs03PX3hro02saH2Cqa6VGffxJCJus2BwtuXclP_kVfR88QHXOP9uoCg-5ajeXx87mYWYxI_okhQJOVf3U1aJ35FvcKQ0cl2Gd3ip8A8VQiElxtJUe-D4AA3m1MV3w8EtUH-w9ej83C1dygHZ43hGfL4570nksnCXMAdtKkUS-Va1tXeR5YJbuqSq-QUc4s57Xo82pnNltclqGvhbJZZ_71c4he8Z9n-iY_wXUsOy6LquJTTMles4Db7xAJ28hQXdsBDKs88a5qZBDzLUCtSZamwvZwsG97DxGfD-bNkL_Qb-mORTVCio08SaDnqSeolkr6xfPY4HrvzqrBYbsSXI0nzlthBV9gx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame EAE3 43 B
215 B 94ms
93ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=45e5a049-6378-0552-c15c-820d7189a3c2&tv=%7Bc:3m5HLc,pingTime:-10,time:1312,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1644070037432%7C%7Caf58f29dec5b030e2869e7a8a9431896%7C%7C8866308252d63f9bf74b74e606896148%7C%7Cfe0f5e96811022b86830279a353569d7%7C%7C518a1c8757cf72b979ff760c3d202096%7C%7Cbf484897fc4afeef237cb534b07bfa07%7C%7C084589aff2e70f7ace295e84c1fd1e48%7C%7C4c081efdba56b2337668e8b274c89c74%7C%7C1629390669,im:%7Bimprf:%7Bttecl:2005,ecd:12,tsecr:303%7D,pci:%7Btdr:726%7D%7D,sca:%7Bspg:c47841b0-5e10-47ad-e265-ba96863bc416%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5CF1 43 B
215 B 97ms
97ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=726c7e69-142d-cd55-4eb9-8f3ffa1483eb&tv=%7Bc:3m5HLn,time:1409,type:e,im:%7Bimprf:%7Bttecl:1834,ecd:10,tsecr:343%7D,pci:%7Btdr:786%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1409,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:277,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1138~0%5D,as:%5B1138~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:666,fm:sWzIkaJ+11%7C12%7C13%7C1411%7C1412%7C15%7C16%7C17%7C18.892768-59097737%7C181%7C182%7C183%7C1841%7C191%7C192%7C193%7C194%7C1a*.892768-59097903%7C1a1%7C1a2%7C1a3%7C1a41%7C1b.892768-59097903%7C1b1%7C1b2%7C1b3%7C1b4%7C1b5%7C1c11%7C1c12%7C1d1%7C1d2%7C1d31%7C1e%7C1f11%7C1f12%7C1g1%7C1h1%7C1i1,idMap:1a*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:17 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A3A7 0
0 55ms
55ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220201&jk=4436955030176171&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame 0
0 155ms
155ms Preflight 2600:9000:224a:4e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fsukkot%2Fsukkot10.html&eu=true&country=DE&hour=14&amp=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:4e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 05 Feb 2022 14:07:17 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ioAAfBGM7AR_Yp_5B5CgJ8RGfms8pOAM6k6BHbif9VGzdLdL4wn7mw==

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ 3 KB
2 KB 157ms
157ms XHR
text/plain 2600:9000:224a:4e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:4e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Feb 2022 14:07:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: DUS51-P1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 0
access-control-allow-origin: https://www.123greetings.com
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: jyLEUMT2vTZnauM1Kry-Oi6hEM9JPK1ryx1crx3ASexiLfKFcv1Siw==

GET
H3 200 K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js Show response
pagead2.googlesyndication.com/bg/ Frame D18D 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 10:16:29 GMT

POST /
events1.avantisvideo.com/ 0
0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BC53 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YbKpLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FD28 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2v52Iw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D18D 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?l2XnnA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 14:07:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5CF1 43 B
215 B 95ms
95ms Image
image/gif 35.169.97.154

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=892768&asId=726c7e69-142d-cd55-4eb9-8f3ffa1483eb&tv=%7Bc:3m5HQM,pingTime:-10,time:1744,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1644070037432%7C%7Caf58f29dec5b030e2869e7a8a9431896%7C%7C8866308252d63f9bf74b74e606896148%7C%7Cfe0f5e96811022b86830279a353569d7%7C%7C518a1c8757cf72b979ff760c3d202096%7C%7Cbf484897fc4afeef237cb534b07bfa07%7C%7C084589aff2e70f7ace295e84c1fd1e48%7C%7C4c081efdba56b2337668e8b274c89c74%7C%7C1629390669,sca:%7Bspg:c47841b0-5e10-47ad-e265-ba96863bc416%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.97.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 14:07:18 GMT
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 3.video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 20 KB
7 KB 10ms
8ms Script
application/javascript 2600:9000:2156:6600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/3.video-loader2.1-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:6600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 455fbb0071232e9d6fa39adf37a0e586a4c2828bc62e13422963f4b1503a78d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: cx2e7icYxKW2DdiUQqTS4jT.ZXZNcJhg
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 08:54:05 GMT
server: AmazonS3
age: 18782
etag: W/"35de873b6c5727b72d96125505982db9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
date: Sat, 05 Feb 2022 08:54:16 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: apTAvvWX2freVUfvOtaRc7Fo02xKD2U0p_nmy-Z-ks85fR3R2gHLkw==

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
739 B 71ms
8ms Script
text/javascript 2a02:26f0:6c00:2ab::2c79

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.video-loader2.1-cr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 05 Feb 2022 14:07:18 GMT
X-GUploader-UploadID: ABg5-UzuRsLKTUnE2j8TsFca2KTLvRt8NxnctG4I2-AHPJ54zUAh9bpPAQfezSx8RQX9PoHELvXaxJL-R91NukoaSB8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Sat, 05 Feb 2022 14:37:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA

Domain: events1.avantisvideo.com
URL: https://events1.avantisvideo.com/

Verdicts & Comments Add Verdict or Comment

471 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

72 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 05:04:41	Name: NID Value: 511=KSHePVs5TIrFeuF2W8svP211b_11rlDZLigsfla4wVrUZ0faKHuj2reYvn0xa6BPI9AOeT4TmfjsJWtViYgjCgoRruvD-YFPEfosGp2GtH593Wdl5_fTVVc3THhWR8ZxtArrptT2lKgawlZsm7vzzcsYGTE10lnRoj50SNZvD7I
www.123greetings.com/	1970-01-20 09:26:46	Name: country Value: DE
www.123greetings.com/	1970-01-20 09:26:46	Name: state Value: HE
.123greetings.com/	1970-01-20 09:26:46	Name: visitor_id Value: 12765112260311008132
.123greetings.com/	1970-01-20 01:24:22	Name: RV_cardIds Value: 121029
.123greetings.com/	1970-01-20 00:42:36	Name: custom_mus Value: 0
.123greetings.com/	1970-01-20 18:12:22	Name: _ga Value: GA1.2.2085351050.1644070032
.123greetings.com/	1970-01-20 00:42:36	Name: _gid Value: GA1.2.811394175.1644070032
.123greetings.com/	1970-01-20 00:41:10	Name: _gat_gtag_UA_5085183_1 Value: 1
www.123greetings.com/	1970-01-20 00:41:10	Name: config_data Value: CADB=1\|CLG=1\|CBR=1\|CUB=1\|CCC=1\|CFLC=1\|CPFR=1\|CBRR=1\|TCP=1\|TAP=1\|TCAP=1\|TRE=1\|QkDshLgd=0\|FBCon=1
.trkn.us/	1970-01-20 09:26:46	Name: barometric[cuid] Value: cuid_6867a2d8-5ced-406a-8837-ec6368f036c1
.doubleclick.net/	1970-01-20 00:41:13	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 10:02:46	Name: IDE Value: AHWqTUkc-ZMjTFV51JTcobq4N8uic6KDOhWKPYaG6ZpH-t8XgTk2lG9TCuzMUBLM
.casalemedia.com/	1970-01-20 02:50:46	Name: CMPS Value: 3239
.casalemedia.com/	1970-01-20 09:26:46	Name: CMID Value: Yf6Ek.-U.aWhgilL8nUnyQAA
.adnxs.com/	1970-01-20 02:50:46	Name: uuid2 Value: 7342720143086200473
.adnxs.com/	1970-01-20 02:50:46	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU%i`3gq!]tbPl1M>e)ZlrFUfJ+tGXxoPLC!EAbXOE)Mz4E%[K1vxFq`hz`dYyPCnAiV%nugO%v4VB%nms7*%KZy
.casalemedia.com/	1970-01-20 02:50:46	Name: CMPRO Value: 1201
.123greetings.com/	1970-01-20 10:02:46	Name: __gads Value: ID=390fc1d269c4a297-22f93c2f36cd00af:T=1644070032:RT=1644070035:S=ALNI_MYIG6A-ZjNy1dnb7VOW8qb04w6aQA
.spotxchange.com/	1970-01-20 09:26:50	Name: audience Value: ec32dfa2-868c-11ec-9962-152b84bd0306
.casalemedia.com/	1970-01-20 09:26:46	Name: CMRUM3 Value: 2d61fe84932760CAESEHJiSvDXC9hGdkBldReQy44
.krxd.net/	1970-01-20 05:00:22	Name: _kuid_ Value: OpPskdKq
.bidswitch.net/	1970-01-20 09:26:46	Name: tuuid Value: 1ac4bd40-597e-4529-ae5c-9327496200b9
.bidswitch.net/	1970-01-20 09:26:46	Name: c Value: 1644070036
.bidswitch.net/	1970-01-20 09:26:46	Name: tuuid_lu Value: 1644070036
.quantserve.com/	1970-01-20 02:50:46	Name: d Value: EBIBCQGvJYEA
.quantserve.com/	1970-01-20 10:11:24	Name: mc Value: 61fe8494-2ac68-eeffa-ae6a8
.pubmatic.com/	1970-01-20 00:42:36	Name: KTPCACOOKIE Value: YES
.adfarm1.adition.com/	1970-01-20 02:50:46	Name: UserID1 Value: 7061227036956555409
.simpli.fi/	1970-01-20 09:28:12	Name: suid Value: 8C57789A137445FA8F2B6B05E6152F12
.adform.net/	1970-01-20 01:21:29	Name: C Value: 1
.casalemedia.com/	1970-01-20 00:42:36	Name: CMST Value: Yf6Ek2H+hJQA
.advertising.com/	1970-01-20 09:28:12	Name: APID Value: UPec735f52-868c-11ec-b9b5-0213114c0708
.onetag-sys.com/	1970-01-20 18:12:22	Name: OTP Value: Ut5WE2_9t_GoTtxMdvxJAFIryK3LZmxxFUCjSzDRuYw
.yahoo.com/	1970-01-20 09:27:07	Name: A3 Value: d=AQABBJSE_mECELjmkPYJ-aLot7yIau-aUHkFEgEBAQHW_2EIYgAAAAAA_eMAAA&S=AQAAAt9pI060XS1jwbWciZpNj4M
.pubmatic.com/	1970-01-20 02:50:46	Name: KADUSERCOOKIE Value: E6B7C0D0-0F8F-453C-822F-A9FD39BEB497
.agkn.com/	1970-01-20 09:26:46	Name: ab Value: 0001%3AzBss1jtf8XsbVA1tGDOFeZKjLOqVlbz0
.agkn.com/	1970-01-20 09:26:46	Name: u Value: C\|0CEApkUEUKZFBFAAAAAAAAQ13AQCAAQpAAAAAAA
.adform.net/	1970-01-20 02:07:34	Name: uid Value: 3423345274619581794
.360yield.com/	1970-01-20 02:50:46	Name: tuuid_lu Value: 1644070036
.360yield.com/	1970-01-20 02:50:46	Name: tuuid Value: 9b8a43f5-204e-4d90-95ad-d408ca2995f2
.de17a.com/	1970-01-20 09:19:34	Name: guid2 Value: 1.4138106561607302868
.analytics.yahoo.com/	1970-01-20 09:28:12	Name: IDSYNC Value: 18wq~232e
.1rx.io/	1970-01-20 09:26:46	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6d35dc82-76cd-4ea1-8aff-7ed8c5bf1156-003%22%7D
.e.dlx.addthis.com/	1970-01-20 10:11:24	Name: na_tc Value: Y
.travelaudience.com/	1970-01-20 10:07:05	Name: _tracker Value: %7B%22UUID%22%3A%2247077C4F-7244-4FE4-B957-1B5EC41579E6%22%7D
.targeting.unrulymedia.com/	1970-01-20 09:26:46	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-6d35dc82-76cd-4ea1-8aff-7ed8c5bf1156-003%22%7D
.w55c.net/	1970-01-20 10:07:05	Name: wfivefivec Value: 9dsYU9np1NglIE5
.w55c.net/	1970-01-20 01:24:22	Name: matchgoogle Value: 5
.sitescout.com/	1970-01-20 09:26:46	Name: ssi Value: 51d851d4-45e5-4eb3-81db-461770e5e7c8#1644070036475
.rfihub.com/	1970-01-20 10:02:46	Name: rud Value: H4sIAAAAAAAAAOMSNjIxNrQwtLQ0NzU1MbM0MLA0NRHiM9RNcfN2T4439sxyK8qX4jU0MzExMDcwMDYzsTQBAM-xo9M0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjIxNrQwtLQ0NzU1MbM0MLA0NRHiM9RNcfN2T4439sxyK8oHAF0nlLAlAAAA
.rfihub.com/	1970-01-20 10:02:46	Name: smd Value: H4sIAAAAAAAAAOPiNTQzMTEwNzAwNjOxNAEAGdrF7Q8AAAA
.rfihub.com/	1970-01-20 10:02:46	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA129XDxNgr3y0gMSXMtqvLLMStwCUh09QziNTQzMTEwNzAwNjOxNHnFiMoHAHymudc9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA129XDxNgr3y0gMSXMtqvLLMStwCUh09QQAsa2X0x4AAAA
.sitescout.com/	1970-01-20 01:24:22	Name: _ssuma Value: e30
.everesttech.net/	1970-01-20 09:26:46	Name: everest_g_v2 Value: g_surferid~Yf6ElAAD8FhnYwBB
.scoota.co/	1970-01-20 18:12:22	Name: tuuid Value: 28e44849-c3fa-40a0-9c11-df848c5be2b4
.scoota.co/	1970-01-20 18:12:22	Name: c Value: 1644070036
.scoota.co/	1970-01-20 18:12:22	Name: tuuid_lu Value: 1644070036
.addthis.com/	1970-01-20 10:11:24	Name: na_id Value: 2022020514071600031061762486
.addthis.com/	1970-01-20 10:11:24	Name: na_tc Value: Y
.addthis.com/	1970-01-20 10:11:24	Name: uid Value: 61fe8494e189a8cc
.addthis.com/	1970-01-20 10:11:24	Name: ouid Value: 61fe849400010e91f046503fb6771ec4346c9ccac30967ef063f
.dlx.addthis.com/	1970-01-20 01:24:22	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 01:24:22	Name: na_sr Value: 20220205
.dlx.addthis.com/	1970-01-20 00:41:10	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 01:24:22	Name: na_sc_e Value: 0
.tribalfusion.com/	1970-01-20 02:50:46	Name: ANON_ID Value: a4ns6ESZdIiiSTnMSYlkdnWCVjZaF85fo9ZbE1BTO3vnU9F7ZaQH9GVJ9cr4ts8Qk74giwypZaB8Oj0SD7neBJWiQ
pool.admedo.com/	1970-01-20 09:26:46	Name: tuuid Value: 675569e2-1056-4aec-8abd-6b38ef96d529
pool.admedo.com/	1970-01-20 09:26:46	Name: c Value: 1644070036
pool.admedo.com/	1970-01-20 09:26:46	Name: tuuid_lu Value: 1644070037

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://web.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yf6Ek-_U-aWhgilL8nUnyQAABLEAAAIB&google_cver=1&google_gid=CAESEM6Ut5dhKOkhX9H2p-PQE7Q&google_push=AYg5qPJQ-mNq_5z6PPvKrpI9mVre_CLfncdjuZANnDkeAYPVFnNVC5kSZneT5TC8jI1BiDmf_XV_FysN2rtfmRWyNebBmuNVX8E Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPKRtu84wyj2KyPT_ey4oNTn4e0Puf7id7J1f0e3ipSv4Frmf_t6doKUtYHKdIcuUfcfUQHL1r9VEfsuSzgcnKdLCi7xfg_l Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPI36pQ0Ex5Rn7Ah73ZyFkl7ht5rx5fhz_doQAWKnx82tl_mAvdCXlGLc4D0KI__lGL9rbt75FKKrLjfGlo8dpoK08w-p_YsbA Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=m4pD9SBOTZCVrdQIyimV8g&google_push=AYg5qPLmde7ekdA2nC0Ea2qV0KCnfMdcoqFwvzHouPzzGVZg-NmJW3fZcZ5VU4N0JeaPX6XLvbYpbgyqAnclzUxxK4J1J0tllIEZ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
assets.pinterest.com
avm.avantisvideo.com
beacon.krxd.net
c.123g.us
c1.adform.net
cdn.ampproject.org
cdn.avantisvideo.com
cdn.krxd.net
cdn1.avantisvideo.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
connect.facebook.net
consumer.krxd.net
d.agkn.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
efcf57d3dba0c3af5211245e59583554.safeframe.googlesyndication.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.123g.us
i.ytimg.com
i1.ytimg.com
ib.adnxs.com
image6.pubmatic.com
log.pinterest.com
match.adsrvr.org
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.everesttech.net
pixel.rubiconproject.com
play.aniview.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
r.scoota.co
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.adsafeprotected.com
static.avantisvideo.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
trkn.us
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
v.123g.us
web.facebook.com
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.jpada.com
x.123g.us
x.bidswitch.net
cm.g.doubleclick.net
events1.avantisvideo.com
104.90.104.248
104.90.192.27
142.250.184.226
142.250.185.130
142.250.186.130
151.101.0.84
151.101.130.133
151.101.2.49
151.101.66.133
159.122.14.34
18.156.184.150
184.72.245.68
184.73.249.63
185.86.138.120
185.94.180.126
193.0.160.128
198.47.127.19
2.18.234.21
213.155.156.168
213.19.147.45
2600:9000:2156:6600:1c:38a0:8a40:93a1
2600:9000:2156:8200:8:48e:53c0:93a1
2600:9000:224a:4e00:3:748e:7940:93a1
2600:9000:224a:ae00:1b:5138:8a40:93a1
2600:9000:225f:fa00:8:9ed9:9c40:93a1
2606:4700::6812:d05
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1288:80:800::7000
2a00:1450:4001:800::2006
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::200a
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2016
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9d
2a02:26f0:6c00:2ab::2c79
2a02:26f0:f7::5c7b:e033
2a02:fa8:8806:12::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:54::84
2a05:d018:d29:3602:fe29:439e:4d6:8c92
3.120.72.86
3.121.12.72
3.122.111.84
3.126.56.137
3.33.220.150
34.98.64.218
35.169.97.154
35.186.253.211
35.190.0.66
35.210.53.219
37.157.4.28
37.252.173.22
44.237.151.190
52.212.85.16
52.214.119.250
52.216.110.53
54.224.71.103
66.155.71.150
67.27.159.252
67.27.235.252
69.173.144.165
8.241.121.252
8.248.143.252
85.114.159.93
99.80.121.211
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
03a6b902340645ab75b746e9efdad06d6edba90e41fd6c2a3ac62058fbda38f7
0524b66013df8ae6ddd6c701b89ef6f503fa396f34b1815020e42e00806bce15
097fe57903bfaee075f670a6eb95c1afbc03e27bb8ba702daf3a9cc95cbfd0fe
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0bf8c97c0f2f0ba103d6d71694807b37ffa37de08e21ff56586e939b4ef3da
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8
0d58874df689aa5f7fa093241def6a379ea8e40104f612f435f12d02447c5ed2
0e6fb84e11c6ef0e2eb33f845c6fbb8e7076f76b9baf0be4f64195b8c93ea955
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa
0fed58fddbfe1b720a19189ca27f0019074db1b42fdba1896a2c7ceacc8e6621
105f1d512f341e1a9ea5b204628c3b7e2250069c9f9dab7e28f1fa4080b9b97c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
12fb8c8ed06c31e003e41850935bca35d10e58f2aa0bb936d97f504417afd1a8
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1575af48a3e7bde0538d3a98ce2a71a7a75408482271a51dd832354710566e57
1624c39255bcec121ecc563695148c354432e070801a013c22235c87346621c4
172d39a0e72098c0900788ddc9dd241e7aad7babd36728b468a2d9e834ad1d6b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a200ab5ee0a0362c99e8cba9cd21b0166e6c5d1a74f5e448b55caf81bbc0177
1c75dc0181018edcb5f31db29b6b65bfd996043907ca84cd0d3604e42f3149c2
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1e7948eacec03b7a5733b8ebf00d32492e565d6ff80e6a7032cc66233b41450e
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24eba652967915088a60ca2e5d1827abe08c344883a55e580834470411a4e65a
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29284cc18fc6c70301a26226a1da1259cbad8f549ba6c9f86b2cfa2606d884a0
295b316a729d0cf7ebf52fcd24099f6684a0280d4b20dbc67fc59c757726f071
2aae558254e41ced516949d992a793330acc5cdbdd7d7920eb569551c8d91764
2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787
2b7bcea381f923b754ab10be1e5574d3163abdab8138cce3576575d52acfd1c7
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
30fe3eecfb1de0e53530c1f78c1ea065bdacc6255bd7b15ea8fbc90c05f0f692
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
33a8b1f8961879fea380ff9ee900dc288e5331a77dd7d654e9f4a3643a28b94f
35276e401d27d1f4ceb5f451cd11b25ff453808d2152e338e07b4b25978f25a2
35fbe12027c6736c2c30fc82336e5c58e1454e24c4d8c484789c310c0f94d31d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3dc4d92e58716eea952cc64e46698788f4b0c43ef1ed7dff87b6dcbcdbf31693
3e76d7ae7716a1ea1ca7666151f623c974b954f4d90e889832c910eee1451708
3ea3b1e9041e39b8cbe48c1955d273b5051e8adae04c04cda9781050164abeee
3ec8a31e13fcb12fc39c3ab5c20e1ce6198a681a113c0c02b0c23dad7ae382da
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
426d486615a8ad79acaf76e8b9b82be074764cf2e92656e853537a9f8fbc5b8b
433a68d66a17c3497cccd2146100d29d923d7a1c81e561f2070c43863eb71f20
4456cf81924cba5700b182f3b9c8551a3e5a6dd554b3d057e0b0937418992b0a
455fbb0071232e9d6fa39adf37a0e586a4c2828bc62e13422963f4b1503a78d8
464a10045129466e9a3f4c3a7bf79144eabc96d53dca239b01f0464e1cc98852
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47caa86eab1e0d1d82c047b091ddc85ea4c96e46f8bb1001830d2296b8d760d3
49f7016d72b9f4a189ae03271059d0bb01aa0ab908fa06fd08a3adbea45b7ea1
4a3726a929770b473d7b345b56260855d7f5bed7cfb505d2f9204baed1d96072
4ac44761e2f2a7404c3cd8274249cfbcae6e39125ccd1dbd10605c03a36e8668
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51b5ee83353dd7c1ee92e7089cc3f10263144601e521ef3d2583d0dd9177fb90
523daccd0e313416b532fac77822023608bf94f7972513da35c57e32a8f69bbd
5320da9aebdd1311e1d299de33f7949a811aa83d2c5e664e81296d6d446a7562
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552b12037e4f3847eb7b6f1fc7a957545712f1a9eb0bc9460a8be623f581fb84
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55abb13cc57f93a933ea0f3e5a5e1918c905685ee3a627498746fcfb05fc67db
5769bdfa40b03530aa926e7c9797008cbe2d22391f3767caab9e97a95c019cdd
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
588ae2ec187e7ee02102834257b241e8a3f815bf0d44662e7cfe18072207ac0f
5893813fd82637ad80c6b6cdd608485bd27896e6acb3215dda94ca5d95166f3a
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ded43bae7eeb79ab544e26dbad051960b7db1da4ceed550be859e979be23ba
6283edafe2a9232fed2eb5a06e75304befa95e05d65ba994b3bd819b8cb08f9c
62ea985a30a4c55c41af4d0f2c968e7152e1e04bb8a96e4b5d56bbd2cd75d200
664837d2bb88ac17d1bc3d9c3e65cb23adf2ba6051d2c48dfe9c3dac555eb66e
665239ed8810651d06378b553487c8de2810edde76adb989c81bee8b92fadf53
66b930c528fcf1201ec716daf6685d909bc2497d9acfb2cf2182563de1c0a169
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6b71cbde61efbdb2d35eb98be7fba7a3758eae7e277ee2fd1cf18858b9fd16df
6b7e39fdbac406615f91557fb69b63192b596f5a601c2a18c36bd4aa0459647c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7272d4ee4691fbb05f8844d60af444ec17e03d6e009fddaebd2bc97c2ab66b67
738db4924b849a16c3b0979e1562cda906374a9bc374cdb8a5b4df28734d76dd
73963f651883c39e1b16ff1f486dc3b7fd362c5f427df2adda0903fe1419674e
75fe12928afa987c16ee3affc39402bf355671f7441849ee474a15be03d629ca
76d507787e9cb8cc91e5cf3f2aae4a816e9466a7164df455e377f47cff68bef3
7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4
7b5db7625a4caef335e90d7df9c1755641894fc6868393d168506af5a3c7848b
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82bd02cee2c77b75a28a94f51c1163035315c09ef8eafe6fa5f79f35b97424e5
82dd4a981d9bdc00497c77c380ad77c848a6e5d0303ed1bb521a209a38c2380c
83459dd260d000a4adad5777fa192f2637bebbb820b24bb8f99e2faeefe0bc4a
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
88a3aadc803c8814d12566edfc7441007bb45fba85885a790e103fd9e05c72dd
8961bac40e3103c815ae9020416429332bb9a56b14f12fe5721fd54184400118
8a26d21843d898034492431179529f6bb758d862d2156a63f67947a5b2ae3839
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8a9160be38896b965a6b99b9249b437dd0e4a5cf9fa2400e1b21aa5182ae0cd2
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4
8c6305b50c075fd56009e025bd5866ddddc2d03e62da9b67750b516c61e037c9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e22e71d8d78c46c6030bbdd057890642f2db09b51041daa2537ebc4bb7b7572
90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905
934956b7a40203e7a031386af6022afe1683299b1c7fcec4e1d2c54808ed1f97
936a96afcde77875ce1b932be875ad57396d7b54dafdc05a190c994d14112630
975c8238bc4d4823895b685a9d4b8609ce74a5da84248853260801e75c221c0c
988b74dce089a5f589958a0af7c072a2dfeaabc3f9bf23d4d7bc5d340f318ec1
98c8caaf195484d910310bb3014af13cc6c81e3dd927d5808905ec16e5f5a093
98dbce2fa38f8a1dd879d6af2eefb8f98d274ebdc2474343da7080d4db8a776b
99bd167da3ca87663712b3fe46510856e2366a90e14e1e02fd7f407244fa365d
9a84239c1204d9f210f089f6c450809de4995f4f29e2dbe8280455ec1f315ac9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b35e9f23450638d249dfe65d2547472ecffe7302f3f6d6ba8df37418137ff6c
9cf0a7f1ad73851698fe4e7acf61754a0d6cc2dfe12ac15f4c0248feace8cd85
9eb084612d63c1939ce99b714f5c030e5ecfce81c05b8adc4d2b2e4ffa1c76e9
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff68480aeacacf08f899e9751bd8cc81a1a06840d2338e2c5c447786bb247c6
a0163cf949cea5a556b144eb406773e848d3f639848858e5eafa49657b5927f4
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2724c563f011ecd36539a73f36c2ebb99d2a35e31d70a85425a5bc354510939
a3b64d86346a3bd2ef243790b37012de4a7120441531ad66fdb2214d92554c6b
a41658a853e37bfcc6115a75d77abfa4cbd5836be5e76e0edc143b3ea4720aff
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a86510b2cc06f107f79bf153683fff148c4d46da3ab1c23904c8851d23d3918c
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ae73d0e1f470006616e4d21bfa5c02eee62e7e68ad12869b6a0d8d2a2d3574bd
aec332be30ea374bceccd48b585c4920f299ff9cae598459d63ab8dea867cc3e
b0dcfcdf9265f2b5fd584eaceb0b061430cb48808562bae32275176e2358e15b
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b56038a77bd58ff58874b00dd3779c33afd29a3580131c9a2786d4f4dad4b79d
b6c5cc018d723c9f2389abe37e105bb44b581d9d8cd982ad70a69e53dceac8ee
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01
bb7f7b25c6ba935d88dbeed578b73dc092c7ad44931a47aea45ef70360cbc65c
bcc649e653b4fd96ff759065c7db898969e306c9c4c7ae3cbff8bc3091825f64
bcd23839e51a3a9454c3b44775b2a70b545790777e1b85e09bdde3f9f992de58
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be0584e5556a907700c0d369d793c2d9d8405b898d9841f03ae5ede753b3045f
be9b814ea69cb77615c3617fbd841ef5869432cc38bab6d155955fbeea658654
bec18ada6631a132ac08e06cadc41662c34442d10596b7bfd27862ed7157b5c2
bedf401578c2fcba260181d638c0e30c4510c4992643d0d7fc22a9d09f7fcbe3
c3236b3b82b99ae8d074fffa1b94385327d4a63bdb639602e7f3e33d4c6e8a8d
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c4c7624d71141bc24456225abe4e8587ecef2dc0f3a2c5db6b13fd76305c364c
c5cfe6329a28119a02115058261d9103d3d94bb068133ff1fc574cca1b6f0656
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cead727c7f108bb8a4644fa6eae433352dfb0ffeb1fe194840b6ca82c0b6e701
cf43064e3f1c998f26bf5c758e91e790ba4386a156df9deec3a09818a1f06287
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0fbf06f675663f1ec793289e8eaa4dcc4eb791f90e6311ed809b506e88f3a3e
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d149cef7c8029e29de2ab35f086b502c0f3baa6b72f43aa4a63128ce8b62e6fb
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
d5067f3ef4bc6ee0d309eaad5c419fa3eb307e145302a33792d66ee98284d3f3
d889d8dc7bde568e22e43cc5c39a40d9cbed9174e3842390acddeca37ad96abd
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
dc3bc858b071f656a2650f9399c3646b99b9ece4afa223bcaae86f762c512fdf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df94b6cedc01499d102054bb635b49f063b916765bee0c6dc1799e0ef46c217e
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c820d8e2bdd674ae4630554dd47c788e32af1e6ca557edf7709dedc8de3ecd
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5553667ede613433132355ecf71ca6198df1e2e8b94c213039f8c096fb694b9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9e17cf3ea4e3a1c2d16021a4fbcae417def61f60fa5eececd48719b1cab35fa
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ed1c2c6b7b77b966dd42dbec5cda78e14595383a75aa465912cbd75c0e2dc569
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff9611cedbd4005f4e14141b36370a67bffe1e50b1082cb32a84ee835c27a21
f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f5cc0170d9bebf7d43aa74b381ff2899cc5a3d3fec051e7f7966451db10f0257
f91417ba47adb96f6358862c68ce52f90977d4f5e806c99deaf76414766d0d02
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
f9ac73fec0556f6c60345e710b209cc345b05da0d436a6a0d36b7018d0c66fa5
fa86037fc6bd9fa7a3c9b118bc6ffb7a63c0d70b163bb81531db1766a152621e
fc633dffe1f314ee8d65257c7943c576e389f08cfaa4b1acdce3bef337e881bb
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
ff27771a37ce7dbfe78265cdf412143c976f335d656af39dda319b8a3715731a

www.123greetings.com Open in urlscan Pro 184.72.245.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

477 Requests

87 %HTTPS

44 %IPv6

57 Domains

87 Subdomains

60 IPs

10 Countries

5916 kBTransfer

14265 kBSize

72 Cookies

12 Outgoing links

Page URL History

Redirected requests

477 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Screenshot
Live screenshot

Full Image

477
Requests

87 %
HTTPS

44 %
IPv6

57
Domains

87
Subdomains

60
IPs

10
Countries

5916 kB
Transfer

14265 kB
Size

72
Cookies

477 HTTP transactions
18 data transactions