birthdayapp.org Open in urlscan Pro
54.243.113.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mail.familyflashbackapp.com/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirth...
Effective URL:
https://birthdayapp.org/birthdays/statusPublic/1?appid=&fbuid=100001481467092&friendfbuid=1154590486&utm_campaign=sendbi...
Submission: On June 08 via manual (June 8th 2022, 11:33:17 am UTC) from IN — Scanned from DE

Summary HTTP 96 Redirects Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 24 domains to perform 96 HTTP transactions. The main IP is 54.243.113.67, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is birthdayapp.org.
TLS certificate: Issued by R3 on May 21st 2022. Valid for: 3 months.

This is the only time birthdayapp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.197.224.155 54.197.224.155	14618 (AMAZON-AES) (AMAZON-AES)
3	54.243.113.67 54.243.113.67	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	199.232.198.2 199.232.198.2	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	18.66.242.40 18.66.242.40	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	52.25.66.184 52.25.66.184	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:4e00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:20:... 2606:4700:20::681a:95b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:170... 2a02:26f0:1700:38d::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.198.78.12 143.198.78.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
96	33

1 54.197.224.155 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-224-155.compute-1.amazonaws.com

mail.familyflashbackapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.243.113.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-113-67.compute-1.amazonaws.com

birthdayapp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.198.2 (United States)

ASN54113 (FASTLY, US)

i.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.242.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-40.dus51.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.25.66.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-66-184.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:4e00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:95b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:38d::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

is5-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.198.78.12 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: birthdayapp.org

api.birthdayapp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	criteo.net static.criteo.net — Cisco Umbrella Rank: 578 pix.eu.criteo.net — Cisco Umbrella Rank: 7369 csm.eu.criteo.net — Cisco Umbrella Rank: 7618	45 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	275 KB
10	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2592 api.amplitude.com — Cisco Umbrella Rank: 1305	55 KB
7	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	686 B
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	15 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 144	198 KB
4	birthdayapp.org birthdayapp.org api.birthdayapp.org	1 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11353 ads.eu.criteo.com — Cisco Umbrella Rank: 7606 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9641	62 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	141 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 671	34 KB
2	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2364 rs.fullstory.com — Cisco Umbrella Rank: 2068	72 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 171128	94 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	2 KB
1	mzstatic.com is5-ssl.mzstatic.com — Cisco Umbrella Rank: 1787	3 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1303	689 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	43 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8526	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	648 B
1	gstatic.com fonts.gstatic.com	44 KB
1	giphy.com i.giphy.com — Cisco Umbrella Rank: 76185	96 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 624	24 KB
1	familyflashbackapp.com 1 redirects mail.familyflashbackapp.com	402 B
96	24

	Domain	Requested by
13	pix.eu.criteo.net	ads.eu.criteo.com
9	pagead2.googlesyndication.com	birthdayapp.org pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	api.amplitude.com	cdn.amplitude.com
7	static.criteo.net	ads.eu.criteo.com
7	www.facebook.com	connect.facebook.net birthdayapp.org
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	connect.facebook.net	birthdayapp.org connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	www.googletagmanager.com	birthdayapp.org www.googletagmanager.com
3	maxcdn.bootstrapcdn.com	birthdayapp.org
3	birthdayapp.org	birthdayapp.org
2	cdn.tailwindcss.com	1 redirects birthdayapp.org
2	cdn.amplitude.com	birthdayapp.org
2	fonts.googleapis.com	birthdayapp.org
1	rs.fullstory.com	edge.fullstory.com
1	edge.fullstory.com	birthdayapp.org
1	api.birthdayapp.org	birthdayapp.org
1	is5-ssl.mzstatic.com	birthdayapp.org
1	www.google.com	tpc.googlesyndication.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	i.giphy.com	birthdayapp.org
1	code.jquery.com	birthdayapp.org
1	mail.familyflashbackapp.com	1 redirects
96	33

This site contains no links.

Subject Issuer	Validity	Valid
birthdayapp.org R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-17` - `2022-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.giphy.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-04` - `2023-03-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
itunes.apple.com Apple Public EV Server RSA CA 2 - G1	`2022-04-25` - `2023-05-25`	a year	crt.sh
api.birthdayapp.org R3	`2022-05-05` - `2022-08-03`	3 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-04-13` - `2022-07-12`	3 months	crt.sh
*.fullstory.com R3	`2022-04-15` - `2022-07-14`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://birthdayapp.org/birthdays/statusPublic/1?appid=&fbuid=100001481467092&friendfbuid=1154590486&utm_campaign=sendbirthdayappemails&utm_medium=email&utm_source=userbirthday
Frame ID: 6B73B8B758B4A44A2A81A85F2DEB6572
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220606/r20190131/zrt_lookup.html
Frame ID: C8EFD5149F84B658FABF6E568BC9AEAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2967823254413987&output=html&adk=1812271804&adf=3025194257&lmt=1654687992&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654687992048&bpp=3&bdt=295&idt=166&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2591011370009&frm=20&pv=2&ga_vid=335272524.1654687992&ga_sid=1654687992&ga_hid=1780437160&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=488072552080402&pem=421&tmod=1835066164&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=184
Frame ID: CD0A4BBB0E559FED379DB313ACDE7B56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2967823254413987&output=html&h=280&slotname=5434470529&adk=3689417004&adf=745599300&pi=t.ma~as.5434470529&w=1200&fwrn=4&fwrnh=100&lmt=1654687992&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654687992051&bpp=2&bdt=297&idt=184&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2591011370009&frm=20&pv=1&ga_vid=335272524.1654687992&ga_sid=1654687992&ga_hid=1780437160&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=488072552080402&pem=421&tmod=1835066164&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gtPQiZF26Y&p=https%3A//birthdayapp.org&dtd=189
Frame ID: CFFEFD512D81D2769275C80DDF31A7D5
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqCI-AAEq9UIFVtXAAWEkVfV4J2smAtb5LYdPQ&u=%7C7esLV1Cx0669TvVBLbd3zH4%2Bs4QBIx0%2FwCdG4ryO9JQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_26wPBVdJeSXp2mDCnysltnWfMe6jtPfB9hsEANWyV5QhwkVkqNBW8fZ4aoHTe5m8vtqZhFNeiC36Fk1Z_StRCMQSdo0T1376xVw7KD-W8gB-j3K7WlI8_IhU1WG31r9Yv7URseTqLpL9O0uT50esXRW44gHF3bv6NXYtV_e9g9QtWhDFcMxcw8WWzSfLD047Hl3tA1IH1DjSUhUYgZWbmZ-7V2W3jn31RyK1bJpD-kszaF92UMjJkOOff5Ji4Q9JsUJiO6v6LFntWI9McYrQ-nhA_g99mVnhS1iDhkkBrs5Tqn53FPAcfQn-bF_g6-LQAFMNhv5TLk6YHzolbfX5-mIFXrtS0UmweiyiYXvDxM2dy5uzluIXlQrvkPxYVWEzcOvRju708tRI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCorfS-IigYtXXEte21fAPkYmWyAzJntKxXPWR3r6xAcCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi0yOTY3ODIzMjU0NDEzOTg3oAHVttLqA8gBCakCZ2YtMWDtsT6oAwGqBJACT9ApueIPiDgOJpvU2Q90bckyGJSsjPUI0THvyobKSR6TONnrWhNflA4fHS-iLUG9kORDRsFpWPx0T0I2R9lAoMauNEqItGQlfvorxAK6CMpyTfmrk6H5OgcX9rwlekP3-zBg0vv86Xt67rBiFUfvrlg8yQkWIXg-mmzn1rXBDe4l_91-td0fZvbCkoxIw9l_8VwpyOW-McdH7-Dss8m4fsBECsVUc3nJ2ydB-ZLz6KErfA_JN0iIMskxQisnEaNjF-C7VMfQaH7Aijrgvgg8zegayFByrwYbTcGbLvbEztS8NFEak8jY16vS0-YAfRjEIjzg0CeUcmxndUQ7Eek-2OErtDjdEjoD5cCyZYvWdjGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0z_bqMiZoP0Kqr4IrqIaYJDd-J7g%26client%3Dca-pub-2967823254413987%26adurl%3D
Frame ID: DE566369D59AD319E2658507D251CC1B
Requests: 26 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=1589724364614983&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fa06b7d9b707c%26domain%3Dbirthdayapp.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbirthdayapp.org%252Ff2034d7b1f8a254%26relation%3Dparent.parent&color_scheme=dark&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Ffriendsalbumsapp&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=240
Frame ID: 264945CF32D811D30ED78426BD41744E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FD50C6D72D3F89C2DF061511E99F2875
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38AE4750BD4B41718660A181B5BDF1C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BirthdayAppMenu

Page URL History Show full URLs

https://mail.familyflashbackapp.com/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&ut... HTTP 302
https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&ut... Page URL
https://birthdayapp.org/birthdays/statusPublic/1?appid=&fbuid=100001481467092&friendfbuid=1154590486... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

96 %
HTTPS

64 %
IPv6

24
Domains

33
Subdomains

33
IPs

4
Countries

2691 kB
Transfer

5056 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mail.familyflashbackapp.com/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486 HTTP 302
https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486 Page URL
https://birthdayapp.org/birthdays/statusPublic/1?appid=&fbuid=100001481467092&friendfbuid=1154590486&utm_campaign=sendbirthdayappemails&utm_medium=email&utm_source=userbirthday Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://mail.familyflashbackapp.com/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486 HTTP 302
https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486

Request Chain 86

https://cdn.tailwindcss.com/ HTTP 302
https://cdn.tailwindcss.com/3.0.24

96 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

1 Show response
birthdayapp.org/birthdays/loading/statusPublic/
Redirect Chain

https://mail.familyflashbackapp.com/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486
https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486

18 KB
7 KB

368ms
145ms

Document
text/html

54.243.113.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.113.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-113-67.compute-1.amazonaws.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash: 54055e38940e9cea340da88f2bd216059be91ba539db2aee7716520df0151d0a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5824
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Jun 2022 11:33:11 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.46 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Jun 2022 11:33:11 GMT
Keep-Alive: timeout=5, max=100
Location: https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486
Server: Apache/2.4.46 (Ubuntu)

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 72ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: birthdayapp.org
URL: https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birthdayapp.org/
Origin: https://birthdayapp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 519506
cdn-cachedat: 06/01/2022 22:48:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0de32d7d10f39738883e52b573c4b050
cf-ray: 71814faccc1d9170-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 23 KB
3 KB 75ms
35ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birthdayapp.org/
Origin: https://birthdayapp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 519506
cdn-cachedat: 03/10/2022 17:30:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"ab6b02efeaf178e0247b9504051472fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8a570ddb14e9a10d93e9822efd28dba1
cf-ray: 71814faccc209170-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.4.1.slim.min.js Show response
code.jquery.com/ 69 KB
24 KB 124ms
77ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by: Host: birthdayapp.org
URL: https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Referer: https://birthdayapp.org/
Origin: https://birthdayapp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:11 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1157d"
vary: Accept-Encoding
x-hw: 1654687991.dop051.fr8.t,1654687991.cds220.fr8.hn,1654687991.cds260.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24328

GET
H/1.1 200
OK eleven.css
birthdayapp.org/css/ 19 KB
4 KB 106ms
106ms Stylesheet
text/css 54.243.113.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://birthdayapp.org/css/eleven.css
Requested by: Host: birthdayapp.org
URL: https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.113.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-113-67.compute-1.amazonaws.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash: 037ceb63aa43b91b8d8aa08d640146cc9ff4efa09496e41581c1d18769bf29bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 11:33:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Jan 2021 23:22:21 GMT
Server: Apache/2.4.46 (Ubuntu)
ETag: "4bb4-5b86bd404c284-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3472

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 84 KB
33 KB 86ms
40ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43a183ad6561e6f65983122bbcc110d22a23acb4f9abd4730f5a80e662dc4163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33684
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Jun 2022 11:33:11 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 57ms
18ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd9c1dfa97c42d530c2f127d6d42a74f1b62a2ac9c96598dd0f58b33c03ea9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: FuFcodfkoUl9jJViah3JvA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 08 Jun 2022 11:52:47 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: XzQqxtbhKXJ20jN9YD/V6BGp8Tfo2DmvHuWPWk4I75qN3JN4gLmcxRih44GB1ENUXVDGlPnT7lNw/TQJmy9oAA==
x-fb-trip-id: 686109401
x-fb-content-md5: a29d7241393287c3c40e3714efda137f
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 08 Jun 2022 11:33:11 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "df5d6b99a854691bbc3b222ce0ab663e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
55 KB 85ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2967823254413987

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e68997680f3268fbcf3aaa19ab1ddf7bcd7cfd6ab70594d19528fffaeb145d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://birthdayapp.org/
Origin: https://birthdayapp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56251
x-xss-protection: 0
server: cafe
etag: 743661329570041191
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:33:11 GMT

GET
H2 200 giphy.gif
i.giphy.com/media/krP2NRkLqnKEg/ 96 KB
96 KB 203ms
21ms Image
image/gif 199.232.198.2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.giphy.com/media/krP2NRkLqnKEg/giphy.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ee7f067cfe2d124a08d1e52d4076d60daf9b30e0d3d5a716232278ba2761b5e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15465600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
via: 1.1 varnish, 1.1 varnish
age: 120814
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 98201
x-served-by: cache-iad-kiad7000077-IAD, cache-hhn4068-HHN
last-modified: Tue, 03 Dec 2019 08:54:56 GMT
x-timer: S1654687992.112465,VS0,VE1
etag: "7bcb4852fb3d7e66add432845dde73e9"
strict-transport-security: max-age=15465600
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
56 KB 91ms
44ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d69ef6e0943932958e180b9b085921a1c2483ec6971a7225bd0ce772b8ae5756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56276
x-xss-protection: 0
server: cafe
etag: 905331783719054656
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:33:11 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 47ms
46ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://birthdayapp.org/
Origin: https://birthdayapp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 863
age: 539835
cdn-cachedat: 05/12/2022 03:05:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"5869c96cc8f19086aee625d670d741f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2fe3de3378489c605e1f632950fac8f7
cf-ray: 71814fad3d4e9170-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 75ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin

Requested by

Host: birthdayapp.org
URL: https://birthdayapp.org/css/eleven.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb5677bcd61703e98d4e275bee546ffa99a970f913b699a727398802da8d4c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 11:07:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 11:33:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 11:33:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 981 B
484 B 75ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anton

Requested by

Host: birthdayapp.org
URL: https://birthdayapp.org/css/eleven.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa404f41bb73cd8b56987b71df35705c85824ae0862b82f58412c439004d48c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 10:28:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 11:33:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Jun 2022 11:33:11 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 291 KB
83 KB 42ms
20ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e08eb210b5177778c9387f4ff36909fc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46f449d9594518853e770481f5d27725c389b7a8bc9dbe1a57dcaecbc025873f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://birthdayapp.org/
Origin: https://birthdayapp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: chUfM9SS6cK2o+Z2HWSa8A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 08 Jun 2023 10:42:05 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84672
x-fb-rlafr: 0
x-fb-debug: W5LoiT/sXW0xg1buma2ivY/Uw0XzQjoXCUPjjzerROPyI/X60YF8qlQrD+Kz2s2rLi12Qe9QVbiaxEXFMbHjjw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e2a479af1b4e2f3306be70393873b54f
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 11:33:12 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1d5c14f4270973ef40bb951d063a74fb"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 42ms
20ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26310
x-xss-protection: 0
pragma: public
x-fb-debug: QywcsLugxRNEG9ppDd/9W7LDSLe5mzqh1wp4kh/+lRtQDziM0rVW+c2Q2KZMyqTdbf0VZH7JpustPDbtsdtKHQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 08 Jun 2022 11:33:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 amplitude-8.17.0-min.gz.js Show response
cdn.amplitude.com/libs/ 92 KB
27 KB 132ms
29ms Script
application/javascript 18.66.242.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
Requested by: Host: birthdayapp.org
URL: https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-40.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6

Request headers

Referer: https://birthdayapp.org/
Origin: https://birthdayapp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 20 May 2022 18:30:19 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1616573
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27400
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 19:53:18 GMT
server: AmazonS3
etag: "e5211b7cbee53b6912f07a1cd72a4582"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Ccg-99SYtbzuPvxSvOrzKv4-VaIHs3lVtO28LFPR1HykoPSweqCXaw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 117ms
18ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://birthdayapp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 129663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 23:32:09 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/ 339 KB
120 KB 89ms
48ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2967823254413987&plah=birthdayapp.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2967823254413987

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6884435e89015330243b53d784097bda1b00e46452afaf7518811d0ea5173c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122339
x-xss-protection: 0
server: cafe
etag: 95569633553635454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:33:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220606/r20190131/ Frame C8EF 10 KB
5 KB 64ms
18ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220606/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2967823254413987

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://birthdayapp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4416
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 00:41:56 GMT
etag: 14734731752043123527
expires: Wed, 22 Jun 2022 00:41:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1418885328278741 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 145ms
145ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1418885328278741?v=2.9.61&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5dc39191460be52b413ddd2273395bae092cbec1121d5c8c447c789aaf35b5aa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 9nyCaP3UxLrrrOWBNLy2rNWr0GI2tngkLDUc1fTDj98xmAnh5GmkKND9GgaCYGQ5v7PDZaj8HDwjrn7YBuAa2w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 08 Jun 2022 11:33:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1654687992245
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 184ms
142ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=1589724364614983&input_token&origin=1&redirect_uri=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e08eb210b5177778c9387f4ff36909fc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 55Bvyt056vJnPiwCUwV1zpNP7g/M78ubP6N2ZzNUNTsM2uBV8VlmnPvr/ouqtqwUp2GenIBjHYIb+SsyZGpn0g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Wed, 08 Jun 2022 11:33:12 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://birthdayapp.org
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 61ms
19ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1589724364614983&ev=fb_page_view&dl=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&rl=&if=false&ts=1654687992119&sw=1600&sh=1200&at=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 08 Jun 2022 11:33:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 62ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 08 Jun 2022 11:33:12 GMT

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 594ms
186ms Preflight 52.25.66.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.66.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-66-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://birthdayapp.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 08 Jun 2022 11:33:12 GMT
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 191ms
190ms XHR
text/html 52.25.66.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.66.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-66-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://birthdayapp.org/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Jun 2022 11:33:12 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
648 B 75ms
28ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=birthdayapp.org&callback=_gfp_s_&client=ca-pub-2967823254413987

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2967823254413987&plah=birthdayapp.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef81337107f8f84f50c3eb714baf1e3db46df90099109372115826b04b1fdfcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 73ms
29ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=birthdayapp.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=birthdayapp.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&tn=HEADER&id=top&cls=navbar%20navbar-static-top%20top-bar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 11:33:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD0A 0
19 B 138ms
95ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2967823254413987&output=html&adk=1812271804&adf=3025194257&lmt=1654687992&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654687992048&bpp=3&bdt=295&idt=166&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2591011370009&frm=20&pv=2&ga_vid=335272524.1654687992&ga_sid=1654687992&ga_hid=1780437160&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=488072552080402&pem=421&tmod=1835066164&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=184

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://birthdayapp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 11:33:12 GMT
expires: Wed, 08 Jun 2022 11:33:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CFFE 24 KB
10 KB 216ms
181ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2967823254413987&output=html&h=280&slotname=5434470529&adk=3689417004&adf=745599300&pi=t.ma~as.5434470529&w=1200&fwrn=4&fwrnh=100&lmt=1654687992&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654687992051&bpp=2&bdt=297&idt=184&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2591011370009&frm=20&pv=1&ga_vid=335272524.1654687992&ga_sid=1654687992&ga_hid=1780437160&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=488072552080402&pem=421&tmod=1835066164&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gtPQiZF26Y&p=https%3A//birthdayapp.org&dtd=189

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0a793f841d4080f9d6f90cf90711a3fa5b3d8c2d80d3a640511702d44c4915c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://birthdayapp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9979
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 11:33:12 GMT
expires: Wed, 08 Jun 2022 11:33:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 42ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1418885328278741&ev=PageView&dl=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&rl=&if=false&ts=1654687992293&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654687992291.1917326861&it=1654687992110&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 08 Jun 2022 11:33:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 607ms
568ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156019776-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

889f9f46cb9f822538a9c2ed20fdd50eddb7121a8c97adffcdcff9a12b69f686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39815
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Jun 2022 11:33:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 76ms
38ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HGS5XFSDZF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1ba3615be9b17ea432abd23daa9fdfac598018096a5840d05ed36a9a2729527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70036
x-xss-protection: 0
expires: Wed, 08 Jun 2022 11:33:12 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 24ms
21ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1589724364614983&ev=fb_login_status_unknown&dl=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&rl=&if=false&ts=1654687992309&sw=1600&sh=1200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 08 Jun 2022 11:33:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame CFFE 3 KB
1 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2967823254413987&output=html&h=280&slotname=5434470529&adk=3689417004&adf=745599300&pi=t.ma~as.5434470529&w=1200&fwrn=4&fwrnh=100&lmt=1654687992&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654687992051&bpp=2&bdt=297&idt=184&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2591011370009&frm=20&pv=1&ga_vid=335272524.1654687992&ga_sid=1654687992&ga_hid=1780437160&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=488072552080402&pem=421&tmod=1835066164&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gtPQiZF26Y&p=https%3A//birthdayapp.org&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 11:31:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFFE 138 KB
43 KB 105ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43419
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654515382487150"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 11:33:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/ Frame CFFE 17 KB
8 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220606/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Jun 2022 11:31:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CFFE 0
0 63ms
63ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_zrz-IigYtXXEte21fAPkYmWyAzJntKxXPWR3r6xAcCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi0yOTY3ODIzMjU0NDEzOTg3oAHVttLqA8gBCakCZ2YtMWDtsT6oAwGqBI0CT9ApueIPiDgOJpvU2Q90bckyGJSsjPUI0THvyobKSR6TONnrWhNflA4fHS-iLUG9kORDRsFpWPx0T0I2R9lAoMauNEqItGQlfvorxAK6CMpyTfmrk6H5OgcX9rwlekP3-zBg0vv86Xt67rBiFUfvrlg8yQkWIXg-mmzn1rXBDe4l_91-td0fZvbCkoxIw9l_8VwpyOW-McdH7-Dss8m4fsBECsVUc3nJ2ydB-ZLz6KErfA_JN0iIMskxQisnEaNjF-C7VMfQaH7Aijrgvgg8zegayFByrwYbTcGbLvbEztS8NFEak8jYlanzQWGP4Qt7vihDABoyimVzf_IxP_G8bCkWEspiDBYbYGo2djSABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI5Njc4MjMyNTQ0MTM5ODcYAA&sigh=JAWjAUBncsc&uach_m=[UACH]&cid=CAQSGwCNIrLMkuveC-nwQDD8tin3Cq3uo7JOguEMKBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2967823254413987&output=html&h=280&slotname=5434470529&adk=3689417004&adf=745599300&pi=t.ma~as.5434470529&w=1200&fwrn=4&fwrnh=100&lmt=1654687992&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654687992051&bpp=2&bdt=297&idt=184&shv=r20220606&mjsv=m202206020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2591011370009&frm=20&pv=1&ga_vid=335272524.1654687992&ga_sid=1654687992&ga_hid=1780437160&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842&oid=2&pvsid=488072552080402&pem=421&tmod=1835066164&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gtPQiZF26Y&p=https%3A//birthdayapp.org&dtd=189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 08 Jun 2022 11:33:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Jun 2022 11:33:12 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame CFFE 0
0 191ms
35ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RLAJmAKdg2ICAgAAADtvRAzpOcJvEPiIoGJ7AOdE5bgt5-cQyQASAAA&wp=YqCI-AAEq9UIFVtXAAWEkVfV4J2smAtb5LYdPQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
server: Kestrel
server-processing-duration-in-ticks: 252478
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DE56 228 KB
61 KB 237ms
153ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YqCI-AAEq9UIFVtXAAWEkVfV4J2smAtb5LYdPQ&u=%7C7esLV1Cx0669TvVBLbd3zH4%2Bs4QBIx0%2FwCdG4ryO9JQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_26wPBVdJeSXp2mDCnysltnWfMe6jtPfB9hsEANWyV5QhwkVkqNBW8fZ4aoHTe5m8vtqZhFNeiC36Fk1Z_StRCMQSdo0T1376xVw7KD-W8gB-j3K7WlI8_IhU1WG31r9Yv7URseTqLpL9O0uT50esXRW44gHF3bv6NXYtV_e9g9QtWhDFcMxcw8WWzSfLD047Hl3tA1IH1DjSUhUYgZWbmZ-7V2W3jn31RyK1bJpD-kszaF92UMjJkOOff5Ji4Q9JsUJiO6v6LFntWI9McYrQ-nhA_g99mVnhS1iDhkkBrs5Tqn53FPAcfQn-bF_g6-LQAFMNhv5TLk6YHzolbfX5-mIFXrtS0UmweiyiYXvDxM2dy5uzluIXlQrvkPxYVWEzcOvRju708tRI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCorfS-IigYtXXEte21fAPkYmWyAzJntKxXPWR3r6xAcCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi0yOTY3ODIzMjU0NDEzOTg3oAHVttLqA8gBCakCZ2YtMWDtsT6oAwGqBJACT9ApueIPiDgOJpvU2Q90bckyGJSsjPUI0THvyobKSR6TONnrWhNflA4fHS-iLUG9kORDRsFpWPx0T0I2R9lAoMauNEqItGQlfvorxAK6CMpyTfmrk6H5OgcX9rwlekP3-zBg0vv86Xt67rBiFUfvrlg8yQkWIXg-mmzn1rXBDe4l_91-td0fZvbCkoxIw9l_8VwpyOW-McdH7-Dss8m4fsBECsVUc3nJ2ydB-ZLz6KErfA_JN0iIMskxQisnEaNjF-C7VMfQaH7Aijrgvgg8zegayFByrwYbTcGbLvbEztS8NFEak8jY16vS0-YAfRjEIjzg0CeUcmxndUQ7Eek-2OErtDjdEjoD5cCyZYvWdjGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0z_bqMiZoP0Kqr4IrqIaYJDd-J7g%26client%3Dca-pub-2967823254413987%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b79867ad6294cbb84ed46d475e9d62d369252b12b585c80d9f92a2c6708c35ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 11:33:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TISn1XcWmptGD9kYB2ZCMgAttxM5saUopap7dcMwQrqKt9UQXNktbSl6ReTOSzcJzZ-SKHdglQXXv1TYhvRM8XvoRJffPf61YcOjNNGLI93LCjNKwcxkMrHLsmb4LyAWg59m4cEkFXrzt9JKDKp1iRvf2tZgeLJqJM-DwNnYoo-_n1e0NyokolWxudtPbMQ397cwsqXtxXDHuZX48dsxOElrV5Q8--g5A8u0ERaRN7dhUzc2b4DlNg8t3jIUVKiGR9ML1g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 109270221
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame CFFE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c367648ca0410449ed46ede91f043cd80e11116641451989a514e47e99379ec5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DE56 2 KB
1 KB 114ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqCI-AAEq9UIFVtXAAWEkVfV4J2smAtb5LYdPQ&u=%7C7esLV1Cx0669TvVBLbd3zH4%2Bs4QBIx0%2FwCdG4ryO9JQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_26wPBVdJeSXp2mDCnysltnWfMe6jtPfB9hsEANWyV5QhwkVkqNBW8fZ4aoHTe5m8vtqZhFNeiC36Fk1Z_StRCMQSdo0T1376xVw7KD-W8gB-j3K7WlI8_IhU1WG31r9Yv7URseTqLpL9O0uT50esXRW44gHF3bv6NXYtV_e9g9QtWhDFcMxcw8WWzSfLD047Hl3tA1IH1DjSUhUYgZWbmZ-7V2W3jn31RyK1bJpD-kszaF92UMjJkOOff5Ji4Q9JsUJiO6v6LFntWI9McYrQ-nhA_g99mVnhS1iDhkkBrs5Tqn53FPAcfQn-bF_g6-LQAFMNhv5TLk6YHzolbfX5-mIFXrtS0UmweiyiYXvDxM2dy5uzluIXlQrvkPxYVWEzcOvRju708tRI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCorfS-IigYtXXEte21fAPkYmWyAzJntKxXPWR3r6xAcCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi0yOTY3ODIzMjU0NDEzOTg3oAHVttLqA8gBCakCZ2YtMWDtsT6oAwGqBJACT9ApueIPiDgOJpvU2Q90bckyGJSsjPUI0THvyobKSR6TONnrWhNflA4fHS-iLUG9kORDRsFpWPx0T0I2R9lAoMauNEqItGQlfvorxAK6CMpyTfmrk6H5OgcX9rwlekP3-zBg0vv86Xt67rBiFUfvrlg8yQkWIXg-mmzn1rXBDe4l_91-td0fZvbCkoxIw9l_8VwpyOW-McdH7-Dss8m4fsBECsVUc3nJ2ydB-ZLz6KErfA_JN0iIMskxQisnEaNjF-C7VMfQaH7Aijrgvgg8zegayFByrwYbTcGbLvbEztS8NFEak8jY16vS0-YAfRjEIjzg0CeUcmxndUQ7Eek-2OErtDjdEjoD5cCyZYvWdjGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0z_bqMiZoP0Kqr4IrqIaYJDd-J7g%26client%3Dca-pub-2967823254413987%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jun 2023 11:33:12 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DE56 2 KB
1 KB 112ms
35ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jun 2023 11:33:12 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DE56 308 B
636 B 112ms
35ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 03 Jun 2023 11:33:12 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame DE56 293 B
622 B 110ms
34ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 03 Jun 2023 11:33:12 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame DE56 0
689 B 222ms
135ms Image
text/plain 2600:9000:223c:4e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1654687992
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YqCI-AAEq9UIFVtXAAWEkVfV4J2smAtb5LYdPQ&u=%7C7esLV1Cx0669TvVBLbd3zH4%2Bs4QBIx0%2FwCdG4ryO9JQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANXq9ns9E1a_26wPBVdJeSXp2mDCnysltnWfMe6jtPfB9hsEANWyV5QhwkVkqNBW8fZ4aoHTe5m8vtqZhFNeiC36Fk1Z_StRCMQSdo0T1376xVw7KD-W8gB-j3K7WlI8_IhU1WG31r9Yv7URseTqLpL9O0uT50esXRW44gHF3bv6NXYtV_e9g9QtWhDFcMxcw8WWzSfLD047Hl3tA1IH1DjSUhUYgZWbmZ-7V2W3jn31RyK1bJpD-kszaF92UMjJkOOff5Ji4Q9JsUJiO6v6LFntWI9McYrQ-nhA_g99mVnhS1iDhkkBrs5Tqn53FPAcfQn-bF_g6-LQAFMNhv5TLk6YHzolbfX5-mIFXrtS0UmweiyiYXvDxM2dy5uzluIXlQrvkPxYVWEzcOvRju708tRI&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCorfS-IigYtXXEte21fAPkYmWyAzJntKxXPWR3r6xAcCNtwEQASAAYJWCgICUB4IBF2NhLXB1Yi0yOTY3ODIzMjU0NDEzOTg3oAHVttLqA8gBCakCZ2YtMWDtsT6oAwGqBJACT9ApueIPiDgOJpvU2Q90bckyGJSsjPUI0THvyobKSR6TONnrWhNflA4fHS-iLUG9kORDRsFpWPx0T0I2R9lAoMauNEqItGQlfvorxAK6CMpyTfmrk6H5OgcX9rwlekP3-zBg0vv86Xt67rBiFUfvrlg8yQkWIXg-mmzn1rXBDe4l_91-td0fZvbCkoxIw9l_8VwpyOW-McdH7-Dss8m4fsBECsVUc3nJ2ydB-ZLz6KErfA_JN0iIMskxQisnEaNjF-C7VMfQaH7Aijrgvgg8zegayFByrwYbTcGbLvbEztS8NFEak8jY16vS0-YAfRjEIjzg0CeUcmxndUQ7Eek-2OErtDjdEjoD5cCyZYvWdjGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0z_bqMiZoP0Kqr4IrqIaYJDd-J7g%26client%3Dca-pub-2967823254413987%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 11:33:12 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: U7uwo0xfT2fcAnN2QdEZzg5D9LH3SXYKbDbJOF9s2j3tH17XoUVMSA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame DE56 43 B
348 B 88ms
29ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fEK7VaIgar3PdS5R9BM-mVDRxQWcE_tydY3cZLzixgre9i9mkQVHk0Jfl-mhAJ2PZXJfPx_oYEVn2ijU8arWvIVtfQmfNeQqxzgywSOGypqxykbzFwFVMnuv5q0fonqYp22miaboNFLZjhx0jHPtwHLMmau2vypsJJBDHj9vy5xPgREX_-mRWAKtAlsC64XIPufGaA3lxNZINS3SrHOrOpPn96FbIH0mtWviS3SdHZxdz49HwFFSigoh3VEoQLJW65IAdypj3TCnIrOLFKQVLIkPK85_5Q2Yp8x5jip0z_FPoP29OWbeU7NF68iAbPqBTIZves755_VMCpSRvmQRXJZLKbbt15ECdYq9XNJC_XVF-Nalpb_IMBCyc51KmfViys_sqSG-c-ieQfLhQCledzi1OsmWBMO243c3jPye7fxK7qSaoyekM8CQRuJfhQukLBzEGw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 11:33:12 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3040762
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DE56 12 KB
6 KB 70ms
67ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jun 2023 11:33:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 7 KB
7 KB 99ms
27ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F05c244b8e1cf40f39dbba9559c8c38e9_blue.png&v=3&w=196&s=oNGP9mXfdQyD0qXhWvys9Xbc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30230047
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6722
expires: Wed, 24 May 2023 08:47:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 2 KB
2 KB 100ms
28ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2Flogodrivetech-Fahrversuch-GmbH-171567DE.gif%3Feb%3D1&v=3&w=800&s=1GTJgbcAiVvY7_ggstT1IrP4&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=973520
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1538
expires: Sun, 19 Jun 2022 17:58:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 2 KB
2 KB 162ms
91ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoSchlossparkklinik-Dirmstein-245952DE-2005201731.gif%3Feb%3D1&v=3&w=800&s=vD82OV4D8LRPcXdKYUY2fDvo&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1d6651a8895d5ae8ca296e03a1f6ddcf80e4bdf1a9466399411a64db67dd3970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=1547
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1770
expires: Wed, 08 Jun 2022 11:59:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 1 KB
2 KB 100ms
28ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDienstleistungs-Center-Halle-GmbH-DLC-Halle-153157DE.gif%3Feb%3D1&v=3&w=800&s=5ZBJ5qniP8NhN_Q2K8FX3HYz&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1062734
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1382
expires: Mon, 20 Jun 2022 18:45:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 2 KB
2 KB 121ms
50ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoAbfallverwertung-Leipzig-GmbH-AVL-170095DE.gif%3Feb%3D1&v=3&w=800&s=lShgw28vrskcASMGsdSfTnSz&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c76d2b010d9bb78402b5ec60502038bfcd059af9f852d3272482a1b5276dec62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1364272
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1984
expires: Fri, 24 Jun 2022 06:31:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 2 KB
2 KB 100ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBascom-Cameras-B-V-180642DE.gif%3Feb%3D1&v=3&w=800&s=uXdNHCw4SeuQbo-GJFQUBMYi&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

df8a117309d30c94effb77c809817e39147f8b8563c3c86a0bf5f3852dd5ae64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=627069
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1652
expires: Wed, 15 Jun 2022 17:44:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 3 KB
3 KB 28ms
27ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoEuropean-Patent-Office-EPO-149820DE.gif%3Feb%3D1&v=3&w=800&s=8dTnmdhpSaOubiyRXf-43SnP&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

150a5b41e24e38d631fbeb28349a6b6ef387733cf4e64fd8e119d2101419eb98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1632118
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2904
expires: Mon, 27 Jun 2022 08:55:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 2 KB
3 KB 32ms
31ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FV%2FlogoVivantes-Klinikum-im-Friedrichshain-83295DE.gif%3Feb%3D1&v=3&w=800&s=VZ_5RU8Yy_-h1RXVeqWa5_qb&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

23b62c9bd306043c81367161071aa27949409256cff8a85045502592a2fa4376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=287031
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2342
expires: Sat, 11 Jun 2022 19:17:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 1010 B
1 KB 28ms
28ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBurger-Kuchenmobel-GmbH-140642DE.gif%3Feb%3D1&v=3&w=800&s=dJH03GWRYvaHqi6dcr4qF0GJ&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8751d2adaa503decb206b6a3496eb43359e959976fb8c9945f9dc781a8d6372a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2260983
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1010
expires: Mon, 04 Jul 2022 15:36:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 2 KB
2 KB 40ms
39ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoB-Braun-Melsungen-AG-8500DE.gif%3Feb%3D1&v=3&w=800&s=wV1CwWmpTTrsTj4TdN1CEDFd&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

958ee7149b8d144ba083489e1a04ee172df69afcc07ca056ea9c7772f3d72d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=686617
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1610
expires: Thu, 16 Jun 2022 10:16:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 956 B
1 KB 29ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoARENIT-GmbH-167578DE.gif%3Feb%3D1&v=3&w=800&s=hZRsaJo1v-XfO1KKhsInKiAO&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e641293ff2d0dd37fa9ea4b61de61eeb4b3fd0834dd43a9f2efab7303e98afd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 956
expires: Sat, 03 Jun 2023 11:33:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 3 KB
3 KB 41ms
40ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoMEDILYS-Laborgesellschaft-mbH-114696DE-2205181745.gif%3Feb%3D1&v=3&w=800&s=KJ-l9CDJq-62gISxlS9XmD9k&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

28f0b8c25d7870ca6180372e1388ec4d4d0ab72d594f60fdb28351069c46591c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=797894
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3222
expires: Fri, 17 Jun 2022 17:11:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DE56 3 KB
3 KB 30ms
29ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJ-Schmalz-GmbH-5190DE.gif%3Feb%3D1&v=3&w=800&s=6h5seiybLTTSaLo7wV2X_wLF&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fdb70919dc8107cfceec256527b281e6042dd943d30d49b07edb5aefca293f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1356
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2622
expires: Wed, 08 Jun 2022 11:55:49 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DE56 0
128 B 93ms
28ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=TISn1XcWmptGD9kYB2ZCMgAttxM5saUopap7dcMwQrqKt9UQXNktbSl6ReTOSzcJzZ-SKHdglQXXv1TYhvRM8XvoRJffPf61YcOjNNGLI93LCjNKwcxkMrHLsmb4LyAWg59m4cEkFXrzt9JKDKp1iRvf2tZgeLJqJM-DwNnYoo-_n1e0NyokolWxudtPbMQ397cwsqXtxXDHuZX48dsxOElrV5Q8--g5A8u0ERaRN7dhUzc2b4DlNg8t3jIUVKiGR9ML1g&sds=2&rev=81696&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Jun 2022 11:33:12 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DE56 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jun 2023 11:33:12 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DE56 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:12 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 03 Jun 2023 11:33:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156019776-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7106
date: Wed, 08 Jun 2022 09:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 08 Jun 2022 11:34:46 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
171 B 81ms
38ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HGS5XFSDZF&gtm=2oe660&_p=1780437160&_z=ccd.tdB&cid=335272524.1654687992&ul=en-us&sr=1600x1200&_s=1&sid=1654687992&sct=1&seg=0&dl=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&dt=BirthdayApp&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGS5XFSDZF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 11:33:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://birthdayapp.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 193ms
193ms XHR
text/html 52.25.66.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.66.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-66-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://birthdayapp.org/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Jun 2022 11:33:13 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 186ms
186ms Preflight 52.25.66.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.66.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-66-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://birthdayapp.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 08 Jun 2022 11:33:13 GMT
strict-transport-security: max-age=15768000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 64ms
26ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1780437160&t=pageview&_s=1&dl=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&ul=en-us&de=UTF-8&dt=BirthdayApp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=907339471&gjid=2128707100&cid=335272524.1654687992&tid=UA-156019776-1&_gid=1174985131.1654687993&_r=1&gtm=2ou660&z=2072887773

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://birthdayapp.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 11:33:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://birthdayapp.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 like.php Show response
www.facebook.com/v3.2/plugins/ Frame 2649 0
21 B 112ms
112ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=1589724364614983&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1fa06b7d9b707c%26domain%3Dbirthdayapp.org%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbirthdayapp.org%252Ff2034d7b1f8a254%26relation%3Dparent.parent&color_scheme=dark&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Ffriendsalbumsapp&layout=standard&locale=en_US&sdk=joey&share=false&show_faces=true&size=large&width=240

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e08eb210b5177778c9387f4ff36909fc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://birthdayapp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Jun 2022 11:33:13 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: /JDbqmz6wMBcQ9d1XnHdKT192l7Co79eafhTkduLydkfLkKloSUycJ8FqZ9X1txb+P5TMEx4ArXQ/LheuW/Q3Q==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 75ms
34ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220606&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2e3c1087c81dadd2ccceb261a54c4edd4c264b6856d31883819ece7efa34731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Jun 2022 11:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10725
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 70ms
31ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 08 Jun 2022 11:33:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FD50 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://birthdayapp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 10:15:56 GMT
expires: Thu, 08 Jun 2023 10:15:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 38AE 783 B
1 KB 79ms
30ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5101e7d658b23e35160e67b0b63b9163985e257315719e5bf17430fd8e80e452

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-di8B03fQNCkFhWbyDC_YcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://birthdayapp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-di8B03fQNCkFhWbyDC_YcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 11:33:13 GMT
expires: Wed, 08 Jun 2022 11:33:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js Show response
pagead2.googlesyndication.com/bg/ Frame FD50 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 21:07:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13815
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Jun 2023 21:07:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 38AE 0
0 72ms
71ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220606&jk=488072552080402&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FD50 0
9 B 18ms
18ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?09FTAQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CFFE 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFKVSLl_2w5B41BO9Pcgzq7IkyqnkGttrQhhl-_eEp8iRzb1QyYwre_I4yg2AjthKkLWd3Ag8ci_q1kaCTMrj3Gw&sig=Cg0ArKJSzAOalH7GkiPREAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3689417004&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654687992242&rpt=382&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 11:33:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
71ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220606&jk=488072552080402&bg=!k5ClkNTNAAaJfvByqX47ACkAdvg8Woz0wnopuu7XrNDurlqGGfiVjuz7P84oV-G7xtGp7pEEMv6vowIAAABPUgAAAAdoAQeZAqgv1jSds04BYBbov7RtvVc_wQy4LRgvEtLrGFV_rOPE7QcP16nUFlnKyY3TukKZ-dTiVZviU5i2BxJOlcAKqBjzwwc6VhoMv3pxWxcx8uBe17jTGj7q4cGGbu5ZJoR4gU1KMWY59sR-F2Km72wbMr6dYbm5CmxUDghUSHp0W6iW_ggTnehpiCNURsevpqpiWSsk4pnWOYOwq2lPKaBy4UVRqafGbUlRYqXYE9z5K0zri3UgO7num-J_mBglL4IdDTIhMThcqGAAevLNWDCF2vkoKHuK7lrDfmt5Wr5t5ee69IN20PZew37ZwSs41nQEXKCgD1_LPbLa2-8NMMA1qLITlHOoZRLuyGDgnxWLPDAdq3O0svqvAuQwk0Mr-hBjiQv1Zub5DxVBRH7T3XeB3SuT6t6YfdWLyRBsCQr6DAXpIdvF87oAj4KGwDoAwl96AOMjVrOxfYVVSXNzqQ6hBu9YlfFL4VcKEsgEdGXTY6YnTNTME7MYSOohhye3Tb6IIc7njSUn93tHawIIBhymCCUpa0uaBj9JG9gzG3yC3u4unKHdpxmec5sZ5lqtCIe0z5ohAUZnqOg4QPcECOAKhhu6mfBjbkPDMzALv9W86Q_-6bR7cFrnuSrbRelRS38n-IYmMHpQX7sFN4J8-GOK5TIf-ryMt3MuK3v79ZRDi7ZLSyCzjfI0nmWbpwemuy7bFp0RjykgYkb5TjV4z76knkdNUNQH9AyADy_vh85EfCbT2XFgjHkJ__d1dZ8WbWhwLa5EFwHqVi8iqq88wwTXftQqYutNA3bc6lDfDXP9xCqwdoceiRGiaAlqZxH7dokQrQ2zRigG16um_xNg6RkuVXfpHVq5Dg6u3_PgiDZRE7LY-_B-fX77fzOItyzp36QH1Aq7UtWU4pxX2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 21ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1418885328278741&ev=Microdata&dl=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&rl=&if=false&ts=1654687993861&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22BirthdayApp%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654687992291.1917326861&it=1654687992110&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 08 Jun 2022 11:33:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DE56 0
127 B 30ms
29ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Jun 2022 11:33:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame DE56 0
127 B 29ms
28ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Jun 2022 11:33:13 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200
OK Primary Request 1 Show response
birthdayapp.org/birthdays/statusPublic/ 118 KB
20 KB 347ms
346ms Document
text/html 54.243.113.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://birthdayapp.org/birthdays/statusPublic/1?appid=&fbuid=100001481467092&friendfbuid=1154590486&utm_campaign=sendbirthdayappemails&utm_medium=email&utm_source=userbirthday
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.113.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-243-113-67.compute-1.amazonaws.com
Software: Apache/2.4.46 (Ubuntu) /
Resource Hash: 483c78bc19002ad6417351fb0c64d40e6c3ec5139e8de294c5a62a06cebaadfa

Request headers

Referer: https://birthdayapp.org/birthdays/loading/statusPublic/1?utm_source=userbirthday&utm_medium=email&utm_campaign=sendbirthdayappemails&fbuid=100001481467092&appid=&friendfbuid=1154590486
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 19810
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Jun 2022 11:33:14 GMT
Keep-Alive: timeout=5, max=98
Server: Apache/2.4.46 (Ubuntu)
Vary: Accept-Encoding

POST collect
www.google-analytics.com/g/ 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame CFFE 0
0

GET
H2

200

3.0.24 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/
https://cdn.tailwindcss.com/3.0.24

312 KB
94 KB

52ms
51ms

Script
text/javascript

2606:4700:20::681a:95b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.0.24

Requested by

Host: birthdayapp.org
URL: https://birthdayapp.org/birthdays/statusPublic/1?appid=&fbuid=100001481467092&friendfbuid=1154590486&utm_campaign=sendbirthdayappemails&utm_medium=email&utm_source=userbirthday

Protocol

Server

2606:4700:20::681a:95b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45231f6a81c6727865f87f871bb871ad72c22fc78ed396ca5cd20da73f5c9020

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:33:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4735824
last-modified: Thu, 14 Apr 2022 15:58:38 GMT
server: cloudflare
x-vercel-id: syd1::iad1::w2dgv-1649951916721-73600ffc41bc
x-vercel-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRhMbWHKEXcTPRY9%2FKSrcXbRE8GOYWpzwqgT2ZvMwpkL5v6S8ZaNbYovvHyEv666qVcxbYHlcfTeozkiSNkSQESFrRo%2FyYlve1I5IA7D3wJpB3u8fvS2kLc%2FNAP%2BnsDhrDWPR1hnzcSfUNFFk1VoBfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 71814fbe38c0916a-FRA

Redirect headers

date: Wed, 08 Jun 2022 11:33:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-vercel-id: syd1::iad1::mn4zt-1654687108312-c28c41be2049
age: 627
x-vercel-cache: MISS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etBo8g%2Bfd9R0MG1aja5li27zLZfaSzFHF3RweWZLTdDWcqYITs20IK4m%2Fn1ipZwa2rWabMyMvTByqe4VXASGyl09h8lAdyMbfMMmHgrlWLfkQ6RDA5WGBmjv1OaoCKGL92jwbX3h6T5jbrBR1wdkvEQ%3D"}],"group":"cf-nel","max_age":604800}
location: /3.0.24
cache-control: max-age=14400
strict-transport-security: max-age=63072000
cf-ray: 71814fbdbf82916a-FRA
content-length: 0
server: cloudflare

GET
H2 200 40x40bb.jpg
is5-ssl.mzstatic.com/image/thumb/Purple128/v4/de/5b/f4/de5bf4b5-df06-0489-5172-b1a0541aecd4/source/ 2 KB
3 KB 190ms
27ms Image
image/jpeg 2a02:26f0:1700:38d::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/Purple128/v4/de/5b/f4/de5bf4b5-df06-0489-5172-b1a0541aecd4/source/40x40bb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:38d::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

ATS/9.0.3 /

Resource Hash

46d24bdc7afa28e5bfd090dc7f18b45f1af9850933a63cd650360a222f4b16ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-apple-jingle-correlation-key: W6X4FKVVC2JVDVWN77NSM4MGVM
strict-transport-security: max-age=31536000; includeSubDomains
etag: "MSwxLjE3LjUtMjEwLDIwRTI0MSwxNjQxNjQ4NjcxMTkzLGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwMzQxLG5vRWZmZWN0"
x-b3-traceid: b7afc2aab5169351d6cdffdb267186ab
x-daiquiri-instance: daiquiri:43624002:st44p00it-hyhk15014701:7987:21RELEASE200:daiquiri-amp-processing-shared-int-001-st
x-apple-request-uuid: b7afc2aa-b516-9351-d6cd-ffdb267186ab
b3: b7afc2aab5169351d6cdffdb267186ab-695fb9c7f1d001fa
content-length: 2145
server: ATS/9.0.3
x-cache: TCP_MISS from a184-86-102-17.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
apple-tk: false
last-modified: Sat, 08 Jan 2022 13:31:11 GMT
x-cache-remote: TCP_HIT from a184-86-102-22.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
apple-seq: 0.0
date: Wed, 08 Jun 2022 11:33:14 GMT
apple-originating-system: UnknownOriginatingSystem
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control: no-transform, max-age=2325000
x-b3-spanid: 695fb9c7f1d001fa
cdnuuid: 98c93055-f54d-4b5a-ad11-4aa608f78080-2573992029

GET
H/1.1 200
OK default-birthday-card.png
api.birthdayapp.org/img/ 1 MB
1 MB 681ms
175ms Image
image/png 143.198.78.12
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.birthdayapp.org/img/default-birthday-card.png
Requested by: Host: birthdayapp.org
URL: https://birthdayapp.org/birthdays/statusPublic/1?appid=&fbuid=100001481467092&friendfbuid=1154590486&utm_campaign=sendbirthdayappemails&utm_medium=email&utm_source=userbirthday
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 143.198.78.12 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: birthdayapp.org
Software: Apache/2.4.51 (Ubuntu) /
Resource Hash: 830201ee9305eb34f99ddee2d63af41b05662a4dceeeb2a9d1d5161f9ea4a2af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://birthdayapp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 11:33:15 GMT
Last-Modified: Thu, 09 Dec 2021 04:37:06 GMT
Server: Apache/2.4.51 (Ubuntu)
ETag: "1667e2-5d2af28a452c7"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1468386

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 239 KB
72 KB 73ms
23ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: birthdayapp.org
URL: https://birthdayapp.org/birthdays/statusPublic/1?appid=&fbuid=100001481467092&friendfbuid=1154590486&utm_campaign=sendbirthdayappemails&utm_medium=email&utm_source=userbirthday
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a0402eb6fe1d3c3a771620e36cb7180c8b93490f8d510f10a92907ce1d2bbcd8

Request headers

Referer: https://birthdayapp.org/
Origin: https://birthdayapp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:05:14 GMT
content-encoding: gzip
age: 1680
x-guploader-uploadid: ADPycdtwUUruJqbE7rVJHWHDLiVoJI4XiYVhOAisEixaBCBEgLsGSHQg2uNQtDUsjJVQpivcPKkbEaBWMOlzFkXq6tkpDHpKAHeK
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73105
last-modified: Tue, 24 May 2022 14:48:27 GMT
server: UploadServer
etag: "2649f6099078ce498ff4378012ba5862"
x-goog-hash: crc32c=5bGcnA==, md5=Jkn2CZB4zkmP9DeAErpYYg==
x-goog-generation: 1653403707118994
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 73105
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 08 Jun 2022 12:05:14 GMT

GET
H2 200 amplitude-8.17.0-min.gz.js Show response
cdn.amplitude.com/libs/ 92 KB
27 KB 27ms
26ms Script
application/javascript 18.66.242.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js
Requested by: Host: birthdayapp.org
URL: https://birthdayapp.org/birthdays/statusPublic/1?appid=&fbuid=100001481467092&friendfbuid=1154590486&utm_campaign=sendbirthdayappemails&utm_medium=email&utm_source=userbirthday
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-40.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6

Request headers

Referer: https://birthdayapp.org/
Origin: https://birthdayapp.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 20 May 2022 18:30:19 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 1616575
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27400
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 19:53:18 GMT
server: AmazonS3
etag: "e5211b7cbee53b6912f07a1cd72a4582"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: wr63ICD3duh0Opi8j2KDhI34Ow38BHG0
via: 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 79-njaQgN4WVH-WF4D8EaSN3G5BIq5ho9Oxm9I_oSJVLydjAidmPHw==

POST
H2 202 page Show response
rs.fullstory.com/rec/ 52 B
259 B 362ms
126ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

b3de8e9060978852922b4983fc7e05ecfd438ab81f25e4f2a889da7880dca411

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://birthdayapp.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Jun 2022 11:33:15 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://birthdayapp.org
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 191ms
191ms XHR
text/html 52.25.66.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.66.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-66-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://birthdayapp.org/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Jun 2022 11:33:15 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 186ms
186ms Preflight 52.25.66.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.66.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-66-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://birthdayapp.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 08 Jun 2022 11:33:15 GMT
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 193ms
192ms XHR
text/html 52.25.66.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.17.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.66.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-66-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://birthdayapp.org/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 08 Jun 2022 11:33:15 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 187ms
186ms Preflight 52.25.66.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.66.184 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-66-184.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://birthdayapp.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 08 Jun 2022 11:33:15 GMT
strict-transport-security: max-age=15768000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HGS5XFSDZF&gtm=2oe660&_p=1780437160&_z=ccd.tdB&_ipe=0&cid=335272524.1654687992&ul=en-us&sr=1600x1200&_s=2&sid=1654687992&sct=1&seg=0&dl=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&dt=BirthdayApp&en=scroll&_et=2&epn.percent_scrolled=90

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HGS5XFSDZF&gtm=2oe660&_p=1780437160&_z=ccd.tdB&cid=335272524.1654687992&ul=en-us&sr=1600x1200&_s=3&sid=1654687992&sct=1&seg=0&dl=https%3A%2F%2Fbirthdayapp.org%2Fbirthdays%2Floading%2FstatusPublic%2F1%3Futm_source%3Duserbirthday%26utm_medium%3Demail%26utm_campaign%3Dsendbirthdayappemails%26fbuid%3D100001481467092%26appid%3D%26friendfbuid%3D1154590486&dt=BirthdayApp&en=user_engagement&_et=1456

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFKVSLl_2w5B41BO9Pcgzq7IkyqnkGttrQhhl-_eEp8iRzb1QyYwre_I4yg2AjthKkLWd3Ag8ci_q1kaCTMrj3Gw&sig=Cg0ArKJSzAOalH7GkiPREAE&id=lidartos&mcvt=1788&p=0,0,280,1200&mtos=1788,1788,1788,1788,1788&tos=1788,0,0,0,0&v=20220606&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3689417004&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=b&rst=1654687992242&rpt=382&ec=0&met=ie&wmsd=0

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.birthdayapp.org/	1970-01-20 05:47:43	Name: _fbp Value: fb.1.1654687992291.1917326861
.birthdayapp.org/	1970-01-20 12:59:43	Name: __gads Value: ID=a548d596f98c6a5b-22a67544a9cd00f2:T=1654687992:RT=1654687992:S=ALNI_MbeZALWTAfmg6CbPMJhLA5hzYhlnQ
.doubleclick.net/	1970-01-20 12:59:43	Name: IDE Value: AHWqTUlr1azA5Y2bRrFaP_OiK7-OnlR1MlbnysjOBUxQuOyQVryatedKA3MKMxlRhq8
.birthdayapp.org/	1970-01-20 21:09:19	Name: _ga Value: GA1.2.335272524.1654687992
.birthdayapp.org/	1970-01-20 03:39:34	Name: _gid Value: GA1.2.1174985131.1654687993
.birthdayapp.org/	1970-01-20 03:38:08	Name: _gat_gtag_UA_156019776_1 Value: 1
birthdayapp.org/	1970-01-20 03:38:15	Name: XSRF-TOKEN Value: eyJpdiI6IjlSdjN1XC9OQ0VSdEV0ZDRFTnViOHpBPT0iLCJ2YWx1ZSI6IjlPS1p6MWlWRCtGcCtQVlZ5eGZaVm1IUXdJQlFMdHA1YjVaZnhQWHZRNFNFV1wvK3NMMWxKQUdKOVdxY0RNbzcxIiwibWFjIjoiOTY3MTJkNjRjNzY0NzBkNzU1NGIxNmI3ZGYzOGE3MzM3YWRhYWFmZGE4M2VjMTkxMDVjNjA1MjNmNzhmNWNiZSJ9
birthdayapp.org/	1970-01-20 03:38:15	Name: laravel_session Value: eyJpdiI6IlYzZjVtMXBwcEVBWXdaZkphejFZUlE9PSIsInZhbHVlIjoiKzFvQndqdm5YcXZQWkI0QjlBVDFkS203TG1nWDRUa1lVUFRUNTdXNzJDYkdJdmhmTGdVdVVPXC9NWFl6Y1wvTUMwIiwibWFjIjoiM2JhM2RkMTMxYzA5NzRlZDg5MTJlN2YwNDI1YTYwMTY0YWNkY2MzODg5OTI4MjU4MTViZWM0NjdiOThhMjM3NSJ9
.birthdayapp.org/	1970-01-20 21:09:19	Name: _ga_HGS5XFSDZF Value: GS1.1.1654687992.1.0.1654687994.0
.birthdayapp.org/	1970-01-20 12:23:43	Name: amp_d073bb Value: MXRpFHop75FdTSkuR3u1H5.MTAwMDAxNDgxNDY3MDky..1g51he2b8.1g51he51c.4.0.4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
api.amplitude.com
api.birthdayapp.org
birthdayapp.org
cat.nl.eu.criteo.com
cdn.amplitude.com
cdn.tailwindcss.com
code.jquery.com
connect.facebook.net
csm.eu.criteo.net
edge.fullstory.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.giphy.com
is5-ssl.mzstatic.com
mail.familyflashbackapp.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rs.fullstory.com
rtb.nl.eu.criteo.com
secure-gl.imrworldwide.com
static.criteo.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
pagead2.googlesyndication.com
www.google-analytics.com
142.250.185.130
143.198.78.12
178.250.0.162
178.250.2.135
178.250.2.148
18.66.242.40
199.232.198.2
2001:4de0:ac18::1:a:3a
2600:9000:223c:4e00:1e:a43d:b640:93a1
2606:4700:20::681a:95b
2606:4700::6812:bcf
2a00:1450:4001:800::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:26f0:1700:38d::2a1
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.186.194.58
35.201.112.186
52.25.66.184
54.197.224.155
54.243.113.67
037ceb63aa43b91b8d8aa08d640146cc9ff4efa09496e41581c1d18769bf29bc
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0e68997680f3268fbcf3aaa19ab1ddf7bcd7cfd6ab70594d19528fffaeb145d1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
150a5b41e24e38d631fbeb28349a6b6ef387733cf4e64fd8e119d2101419eb98
1d6651a8895d5ae8ca296e03a1f6ddcf80e4bdf1a9466399411a64db67dd3970
23b62c9bd306043c81367161071aa27949409256cff8a85045502592a2fa4376
28f0b8c25d7870ca6180372e1388ec4d4d0ab72d594f60fdb28351069c46591c
43a183ad6561e6f65983122bbcc110d22a23acb4f9abd4730f5a80e662dc4163
45231f6a81c6727865f87f871bb871ad72c22fc78ed396ca5cd20da73f5c9020
46d24bdc7afa28e5bfd090dc7f18b45f1af9850933a63cd650360a222f4b16ad
46f449d9594518853e770481f5d27725c389b7a8bc9dbe1a57dcaecbc025873f
483c78bc19002ad6417351fb0c64d40e6c3ec5139e8de294c5a62a06cebaadfa
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
4ff2968fef8c191871ce7f2dab4e5f32b8c372fb605f0b210cf9015843ed859e
5101e7d658b23e35160e67b0b63b9163985e257315719e5bf17430fd8e80e452
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54055e38940e9cea340da88f2bd216059be91ba539db2aee7716520df0151d0a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5dc39191460be52b413ddd2273395bae092cbec1121d5c8c447c789aaf35b5aa
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
6884435e89015330243b53d784097bda1b00e46452afaf7518811d0ea5173c01
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7e7a2297c8371775455adc684445c2a383bcd0cee869777d45aefd8bc08456a6
830201ee9305eb34f99ddee2d63af41b05662a4dceeeb2a9d1d5161f9ea4a2af
8751d2adaa503decb206b6a3496eb43359e959976fb8c9945f9dc781a8d6372a
889f9f46cb9f822538a9c2ed20fdd50eddb7121a8c97adffcdcff9a12b69f686
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
958ee7149b8d144ba083489e1a04ee172df69afcc07ca056ea9c7772f3d72d4c
a0402eb6fe1d3c3a771620e36cb7180c8b93490f8d510f10a92907ce1d2bbcd8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa404f41bb73cd8b56987b71df35705c85824ae0862b82f58412c439004d48c0
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b3de8e9060978852922b4983fc7e05ecfd438ab81f25e4f2a889da7880dca411
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
b79867ad6294cbb84ed46d475e9d62d369252b12b585c80d9f92a2c6708c35ef
bb5677bcd61703e98d4e275bee546ffa99a970f913b699a727398802da8d4c3d
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c1ba3615be9b17ea432abd23daa9fdfac598018096a5840d05ed36a9a2729527
c367648ca0410449ed46ede91f043cd80e11116641451989a514e47e99379ec5
c76d2b010d9bb78402b5ec60502038bfcd059af9f852d3272482a1b5276dec62
d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
d69ef6e0943932958e180b9b085921a1c2483ec6971a7225bd0ce772b8ae5756
df8a117309d30c94effb77c809817e39147f8b8563c3c86a0bf5f3852dd5ae64
e2e3c1087c81dadd2ccceb261a54c4edd4c264b6856d31883819ece7efa34731
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e641293ff2d0dd37fa9ea4b61de61eeb4b3fd0834dd43a9f2efab7303e98afd2
ee7f067cfe2d124a08d1e52d4076d60daf9b30e0d3d5a716232278ba2761b5e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef81337107f8f84f50c3eb714baf1e3db46df90099109372115826b04b1fdfcb
f0a793f841d4080f9d6f90cf90711a3fa5b3d8c2d80d3a640511702d44c4915c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fd9c1dfa97c42d530c2f127d6d42a74f1b62a2ac9c96598dd0f58b33c03ea9bd
fdb70919dc8107cfceec256527b281e6042dd943d30d49b07edb5aefca293f9e

birthdayapp.org Open in urlscan Pro 54.243.113.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

96 %HTTPS

64 %IPv6

24 Domains

33 Subdomains

33 IPs

4 Countries

2691 kBTransfer

5056 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

birthdayapp.org Open in urlscan Pro
54.243.113.67 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

96 %
HTTPS

64 %
IPv6

24
Domains

33
Subdomains

33
IPs

4
Countries

2691 kB
Transfer

5056 kB
Size

10
Cookies

96 HTTP transactions
1 data transactions