studio.123greetings.com Open in urlscan Pro
75.101.158.177 Public Scan

URL:
https://studio.123greetings.com/
Submission: On July 27 via api (July 27th 2020, 1:04:03 pm UTC) from DE

Summary HTTP 65 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 65 HTTP transactions. The main IP is 75.101.158.177, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is studio.123greetings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.

This is the only time studio.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	75.101.158.177 75.101.158.177	14618 (AMAZON-AES) (AMAZON-AES)
15	8.241.82.252 8.241.82.252	3356 (LEVEL3) (LEVEL3)
1	52.217.40.150 52.217.40.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	8.241.88.124 8.241.88.124	3356 (LEVEL3) (LEVEL3)
15	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
65	13

3 75.101.158.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

studio.123greetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 8.241.82.252 (United States)

ASN3356 (LEVEL3, US)

c.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.40.150 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.241.88.124 (United States)

ASN3356 (LEVEL3, US)

x.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

87334761c27a06125ccc88e40a32c182.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com 87334761c27a06125ccc88e40a32c182.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	264 KB
16	123g.us c.123g.us x.123g.us	567 KB
9	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	94 KB
6	googletagservices.com www.googletagservices.com	152 KB
3	google.com adservice.google.com	1 KB
3	google.de adservice.google.de	1 KB
3	123greetings.com studio.123greetings.com	13 KB
2	google-analytics.com www.google-analytics.com	18 KB
1	facebook.com www.facebook.com
1	googleapis.com fonts.googleapis.com	482 B
1	amazonaws.com s3.amazonaws.com
65	11

	Domain	Requested by
15	c.123g.us	studio.123greetings.com c.123g.us
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com studio.123greetings.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net studio.123greetings.com
6	www.googletagservices.com	c.123g.us securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	adservice.google.com	www.googletagservices.com pagead2.googlesyndication.com
3	adservice.google.de	www.googletagservices.com pagead2.googlesyndication.com
3	studio.123greetings.com	studio.123greetings.com c.123g.us
2	www.google-analytics.com	studio.123greetings.com
1	87334761c27a06125ccc88e40a32c182.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	x.123g.us	c.123g.us
1	www.facebook.com	studio.123greetings.com
1	fonts.googleapis.com	studio.123greetings.com
1	s3.amazonaws.com	studio.123greetings.com
65	15

This site contains links to these domains. Also see Links.

Domain
www.123greetings.com
nl.123greetings.com
www.addthis.com
affiliates.123greetings.com
widgets.123greetings.com
info.123greetings.com
blog.123greetings.com
help.123greetings.com

Subject Issuer	Validity	Valid
*.123greetings.com Go Daddy Secure Certificate Authority - G2	`2020-04-29` - `2022-04-29`	2 years	crt.sh
*.123g.us Go Daddy Secure Certificate Authority - G2	`2019-06-21` - `2021-09-16`	2 years	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://studio.123greetings.com/
Frame ID: 52A3999841C522881A479E344C6B55D7
Requests: 34 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FSTUDIO-by-123Greetings%2F117733128270512&layout=button_count&show_faces=true&width=90&action=like&font=arial&colorscheme=light&height=21
Frame ID: 3AD1749A5BC0A9DFB8DE0DBC8FF52226
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstunbL4mEJJH6Ex8DLBEKgE72bqsNIKyB2vxn9BK7WewJH0z_nup_iNWuMHP98iHF-3liDn6vQah5O1OinqRrhk9YxWtI1UmQ4HUmg1vxLiuTrcweArGZyRLei3Nv1syLkN1HzZkP4ZiL7pSyk64hh1T-anT8opF_qbgRkxR8kLMFjJGECodQfjTZFf530Y7EVfhVMDHGUx_85regITl2AzfonawId0RetClAgnSCT2a78x1Keii63B_Y9vow7Lxx58I_XBIiv1QItTo_0TVAxHrVANOGE&sai=AMfl-YTsU5q20Lczg2eJPS-SjAjTWJ2A9a8wwktHYBBE5sTupkt-VoxA1PXf-AcRyU5QzPX61jWxziSXdPma4G_hRSwTdvCQoz1sbn-18er5Zv3fcOurouRq-PmqWIe_pL3I&sig=Cg0ArKJSzMf_1ovMqKurEAE&urlfix=1&adurl=
Frame ID: C4038F329D473DF92A98544BDCBFC26E
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTt_gdBLrFpCfEWYy9VOlzCAFPmJJg42QIyNosuLam0iRJ6dfha7_U0FpkrxeeJnh4Ogfko_o0LRD0fZmk1ENPumUckg637b7Neo42ijFtIbmCw2dIu1VuqqbtreBSjVEMh2ZpU5_6mTZZ-tAlF-PSCylD_d1drX6Je-G9bEF1v8OlJ3b0eZ6C7iEKTSLHTkBeGH3OTDajEO_n7frBHrxai6Vso4bx0n27vl5SG8Ip-pMYFeAMTNS4ilvY2x-jt_KP5n_9PG9GI1_FK86M5BsLmLyvlxaovWg&sai=AMfl-YS1jqmKFVTYOl3iaUY_44T6IjnbgEmZe54bZZernESVD_KyFpGyGCQ5gNTNDOui056q8Dr5Y8auT-h_fjpnEhlsQRc7dNJvFTHCcKSFj8-rlCdintPwQAERaCLE-Dgi&sig=Cg0ArKJSzIVADIkMTaiZEAE&urlfix=1&adurl=
Frame ID: AB1541083956413620DFEF3FC4AEB865
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/zrt_lookup.html
Frame ID: D61FDDE0DEE46B3C10FDF1965443F55B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031638&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fstudio.123greetings.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595855026640&bpp=25&bdt=62&idt=74&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=3713284627995&frm=23&ife=4&pv=2&ga_vid=2127298994.1595855026&ga_sid=1595855027&ga_hid=2145213632&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=11&biw=1600&bih=1200&isw=728&ish=90&ifk=1056315944&scr_x=0&scr_y=0&eid=21065756&oid=3&pvsid=3213678238107494&pem=107&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.6wd3dwjfxqmz&fsb=1&dtd=94
Frame ID: E6B9D636FAD4632126CD3FC6416234CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031639&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fstudio.123greetings.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595855026677&bpp=6&bdt=94&idt=117&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=3713284627995&frm=23&ife=4&pv=1&ga_vid=2127298994.1595855026&ga_sid=1595855027&ga_hid=452523837&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=687&biw=1600&bih=1200&isw=728&ish=90&ifk=3631061191&scr_x=0&scr_y=0&oid=3&pvsid=2473659000381663&pem=107&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qmjxp123wtxj&fsb=1&dtd=123
Frame ID: 80DEC3DE764BDB91B91481186F998F67
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 5CD51FCD3C5CEE061D759E51E3BCEDDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 4C749FFF7400BEE77EB8AB6BDD2DD8FF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 945F29C5F00FAFCD30E4839694CED5AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

65
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

15
Subdomains

13
IPs

3
Countries

1110 kB
Transfer

2706 kB
Size

1
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.123greetings.com/profile/
Title: Browse Artists

Search URL Search Domain Scan URL

URL: https://www.123greetings.com/terms_of_use.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.123greetings.com/privacy_policy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.123greetings.com/copyright_policy.html
Title: Copyright / IP Policy

Search URL Search Domain Scan URL

URL: https://www.123greetings.com/connect/birthdays
Title: B'day Reminders

Search URL Search Domain Scan URL

URL: https://www.123greetings.com/connect/events/
Title: Event Reminders

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/blog/
Title: Editor Bob's Blog

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/tell-a-friend
Title: Recommend Us

Search URL Search Domain Scan URL

URL: https://www.123greetings.com/sitemap.html
Title: Site Map

Search URL Search Domain Scan URL

URL: https://affiliates.123greetings.com/
Title: Affiliate Program

Search URL Search Domain Scan URL

URL: https://www.123greetings.com/connect/track
Title: Connect

Search URL Search Domain Scan URL

URL: https://widgets.123greetings.com/
Title: Widgets

Search URL Search Domain Scan URL

URL: https://www.123greetings.com/app
Title: Mobile App

Search URL Search Domain Scan URL

URL: https://www.123greetings.com/rss/
Title: RSS Feed

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/
Title: Corporate Info

Search URL Search Domain Scan URL

URL: https://blog.123greetings.com/
Title: 123Greetings Blog

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/mediakit/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/company/pressroom/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/investors/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/contact_us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.123greetings.com/cookie_policy.html
Title: Cookie Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
studio.123greetings.com/ 12 KB
12 KB 495ms
113ms Document
text/html 75.101.158.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 75.101.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c89ba4ad560cf46afb5802fafe9926f6de65bed48ce09549da99231e4f213667

Request headers

Host: studio.123greetings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 13:03:45 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Thu, 23 May 2019 06:09:12 GMT
ETag: "9c9cb-2f36-58987ebba5200"
Accept-Ranges: bytes
Content-Length: 12086
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK studio.css
c.123g.us/css/ 53 KB
12 KB 88ms
27ms Stylesheet
text/css 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/studio.css
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 806f3792acfeeeca3d554fe6bad3b2d85313b5498c68bf0b77413bb7e1df78dd

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 09 Jul 2020 07:38:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Feb 2019 08:27:07 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1574717
ETag: "24695-d257-582633d65acc0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11809
jake_test: Test_Pass

GET
H/1.1 200
OK messages.js Show response
c.123g.us/js2/ 12 KB
3 KB 88ms
26ms Script
text/javascript 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/messages.js
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 288fa56074020c983f1a411d04a184c787e15af1bfc04aad4a1ad660ad234a5e

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 26 Jul 2020 13:28:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 84910
ETag: "2c44f-31ad-54a227db65c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2604
jake_test: Test_Pass

GET
H/1.1 200
OK jquery.js Show response
c.123g.us/js2/ 92 KB
33 KB 84ms
23ms Script
text/javascript 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.js
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 02 Jul 2020 01:40:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2200971
ETag: "2c43b-16f3a-54a227db65c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33449

GET
H/1.1 200
OK jquery.blockUI.js Show response
c.123g.us/js2/ 8 KB
3 KB 87ms
25ms Script
text/javascript 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.blockUI.js
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 14:21:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 945751
ETag: "2c435-1fe9-54a227db65c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3052
jake_test: Test_Pass

GET
H/1.1 200
OK studioutils.js Show response
c.123g.us/js2/ 238 KB
34 KB 112ms
24ms Script
text/javascript 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/studioutils.js
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bb4fe9526e5efd11f6c46ca6cce494758cc56a40efc99f42fe18607473827651

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 05:11:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 May 2019 06:04:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1929112
ETag: "2c451-3b65e-58987dbfe0000"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34713
jake_test: Test_Pass

GET
H/1.1 200
OK 123g_utils_v1.js Show response
c.123g.us/js2/ 123 KB
30 KB 110ms
22ms Script
text/javascript 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_utils_v1.js
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e06cfc5798f65811aa4c38afa46c12c4ee672ace29cd56eb5a80276122d2457c

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 15 Jul 2020 04:46:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Jul 2020 10:27:11 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1066642
ETag: "1ea1d-5aa644003ddc0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30343
jake_test: Test_Pass
Expires: Wed, 15 Jul 2020 05:01:24 GMT

GET
H/1.1 403
Forbidden 9_z.js
s3.amazonaws.com/ki.js/48725/ 0
0 454ms
117ms Script
application/xml 52.217.40.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/ki.js/48725/9_z.js
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.40.150 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK 5a2c5c5d2b525359065b47314772243e2556
studio.123greetings.com/usr-bin/security_image/ 25 B
25 B 508ms
164ms Image
text/html 75.101.158.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://studio.123greetings.com/usr-bin/security_image/5a2c5c5d2b525359065b47314772243e2556
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 75.101.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 13:03:46 GMT
Cache-control: no-cache, no-store, must-revalidate
Server: Apache/2.2.15 (CentOS)
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1

GET
H2 200 css
fonts.googleapis.com/ 786 B
482 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen

Requested by

Host: studio.123greetings.com
URL: https://studio.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39ed72a8d2a323d57e0f370f573b0d9b5671169cfb27fbc6cf59c7d729c80365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Jul 2020 13:03:45 GMT
server: ESF
date: Mon, 27 Jul 2020 13:03:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Jul 2020 13:03:45 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 48 KB
16 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5e5742593fb85b25251acdb96a2f0d31ee17b2eb8b6b8c737714ea1efc56a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "583 / 176 of 1000 / last-modified: 1595801233"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 16533
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 3AD1 0
0 89ms
89ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FSTUDIO-by-123Greetings%2F117733128270512&layout=button_count&show_faces=true&width=90&action=like&font=arial&colorscheme=light&height=21

Requested by

Host: studio.123greetings.com
URL: https://studio.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FSTUDIO-by-123Greetings%2F117733128270512&layout=button_count&show_faces=true&width=90&action=like&font=arial&colorscheme=light&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://studio.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://studio.123greetings.com/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: FIQkN6H4dPWyZYivx9OCT8MHlIrk8rees0LY93ABWE/LEW7b4yAGwM38UsEhAP7CphL900DjXW2n/8xjbe9Pyg==
date: Mon, 27 Jul 2020 13:03:46 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK 123g_master_bg.png
c.123g.us/images/ 145 B
501 B 18ms
17ms Image
image/png 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_bg.png
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Referer: https://c.123g.us/css/studio.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 30 Jun 2020 05:52:02 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2358704
ETag: "91-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
jake_test: Test_Pass
Expires: Tue, 30 Jun 2020 06:07:03 GMT

GET
H/1.1 200
OK studio.png
c.123g.us/images/ 54 KB
54 KB 24ms
24ms Image
image/png 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/studio.png
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f9a8876c83dc842f51f065b19e9150068d11ec099ad54da586c98f229ee6bd3c

Request headers

Referer: https://c.123g.us/css/studio.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 04 Jul 2020 23:05:45 GMT
Last-Modified: Sat, 13 Oct 2018 05:55:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1951081
ETag: "9cf0d-d702-57815d84b1980"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55042
jake_test: Test_Pass

GET
H/1.1 200
OK master_icon_set.png
c.123g.us/images/ 93 KB
93 KB 20ms
19ms Image
image/png 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set.png
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4

Request headers

Referer: https://c.123g.us/css/studio.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 29 Jun 2020 23:28:27 GMT
Last-Modified: Wed, 03 Jan 2018 10:30:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2381719
ETag: "17326-561dcb51f9ac0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95014
jake_test: Test_Pass
Expires: Thu, 02 Jul 2020 10:17:07 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
140 KB 23ms
23ms Image
image/png 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer: https://c.123g.us/css/studio.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 02 Jul 2020 17:31:11 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2143955
ETag: "9d05a-230cb-5979e1b2b4200"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: studio.123greetings.com
URL: https://studio.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 1804
date: Mon, 27 Jul 2020 12:33:42 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 27 Jul 2020 14:33:42 GMT

GET
H/1.1 200
OK addressbook.js Show response
c.123g.us/js2/ 397 KB
75 KB 21ms
19ms Script
text/javascript 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/addressbook.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7e306d9d3db830baf2f18857d36672f645edc82ddde14244b3f477d6f6014fc4

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 21 Jul 2020 06:20:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Mar 2020 10:55:39 GMT
Server: Apache/2.2.15 (CentOS)
Age: 542592
ETag: "2c7c8-6340e-5a1d3f11e00c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76702
jake_test: Test_Pass

GET
H/1.1 404
Not Found perl_captcha.pl Show response
studio.123greetings.com/studio/library/ 318 B
498 B 237ms
114ms XHR
text/html 75.101.158.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://studio.123greetings.com/studio/library/perl_captcha.pl?_=1595855026103
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 75.101.158.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a03490339c2f4b02b16cafcc4e6f56f51494049ca0e5cc8f84851b32f14c9023

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://studio.123greetings.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 13:03:46 GMT
Server: Apache/2.2.15 (CentOS)
Connection: close
Content-Length: 318
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK studio_scroller.js Show response
x.123g.us/json/ 1 KB
943 B 766ms
647ms Script
text/javascript 8.241.88.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/studio_scroller.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.88.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.951.25 /
Resource Hash: 0cac685ef306fe1a822242b1895477d87e3e2fbfbab6cf55d9d0a67727085b7c

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 27 Jul 2020 13:03:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 08:33:56 GMT
Server: Footprint Distributor V6.1.951.25
Age: 0
ETag: "448-574a2ef8be500"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 518
Expires: Mon, 27 Jul 2020 13:18:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 36ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=studio.123greetings.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 39ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=studio.123greetings.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020072001.js Show response
securepubads.g.doubleclick.net/gpt/ 253 KB
90 KB 80ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 Jul 2020 13:10:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91349
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
98 B 13ms
13ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=316289528&t=pageview&_s=1&dl=https%3A%2F%2Fstudio.123greetings.com%2F&ul=en-us&de=UTF-8&dt=Create%2C%20Display%2C%20Promote%20123Greetings%20Studio&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1701670620&gjid=911103108&cid=2127298994.1595855026&tid=UA-5497119-1&_gid=399090169.1595855026&_r=1&z=1100078526

Requested by

Host: studio.123greetings.com
URL: https://studio.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 13:03:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 201 B
529 B 17ms
17ms Script
text/javascript 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 01 Jul 2020 16:46:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2233029
ETag: "c9-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
jake_test: Test_Pass
Expires: Wed, 01 Jul 2020 17:01:37 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 9 KB
4 KB 232ms
231ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1297059400516984&correlator=4209324508124509&output=ldjh&impl=fifs&adsid=NT&eid=21066393&vrg=2020072001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200727&iu_parts=46400095%2CDesktopWeb_Studio_LB%2CDesktopWeb_Studio_LowerLB&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C970x90%7C728x90%7C970x250&cust_params=site%3D123greetings.com%26section%3Dstudio%26page%3Dindex&cookie_enabled=1&bc=31&abxe=1&lmt=1558591752&dt=1595855026323&dlt=1595855025871&idt=433&frm=20&biw=1600&bih=1200&oid=3&adxs=560%2C311&adys=11%2C687&adks=3879911032%2C2649996543&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fstudio.123greetings.com%2F&dssz=17&icsg=2097824&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=982x970%7C980x134&msz=728x90%7C980x92&ga_vid=2127298994.1595855026&ga_sid=1595855026&ga_hid=316289528&fws=4%2C4&ohw=982%2C982

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bde4f89efb1dddcd89c93fc5c1899fd4b3029b58a630a1e172b752f3d478d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3930
x-xss-protection: 0
google-lineitem-id: 5292193851,237051975
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138302591891,99278302815
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://studio.123greetings.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
87334761c27a06125ccc88e40a32c182.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 58ms
14ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://87334761c27a06125ccc88e40a32c182.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C403 0
0 55ms
55ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstunbL4mEJJH6Ex8DLBEKgE72bqsNIKyB2vxn9BK7WewJH0z_nup_iNWuMHP98iHF-3liDn6vQah5O1OinqRrhk9YxWtI1UmQ4HUmg1vxLiuTrcweArGZyRLei3Nv1syLkN1HzZkP4ZiL7pSyk64hh1T-anT8opF_qbgRkxR8kLMFjJGECodQfjTZFf530Y7EVfhVMDHGUx_85regITl2AzfonawId0RetClAgnSCT2a78x1Keii63B_Y9vow7Lxx58I_XBIiv1QItTo_0TVAxHrVANOGE&sai=AMfl-YTsU5q20Lczg2eJPS-SjAjTWJ2A9a8wwktHYBBE5sTupkt-VoxA1PXf-AcRyU5QzPX61jWxziSXdPma4G_hRSwTdvCQoz1sbn-18er5Zv3fcOurouRq-PmqWIe_pL3I&sig=Cg0ArKJSzMf_1ovMqKurEAE&urlfix=1&adurl=

Requested by

Host: studio.123greetings.com
URL: https://studio.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame C403 87 KB
32 KB 39ms
19ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc361c20be352b0dcad42da8349d28d26509dda353c46a813671f523822c2e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32027
x-xss-protection: 0
server: cafe
etag: 984411276932087231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C403 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame AB15 0
0 55ms
54ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTt_gdBLrFpCfEWYy9VOlzCAFPmJJg42QIyNosuLam0iRJ6dfha7_U0FpkrxeeJnh4Ogfko_o0LRD0fZmk1ENPumUckg637b7Neo42ijFtIbmCw2dIu1VuqqbtreBSjVEMh2ZpU5_6mTZZ-tAlF-PSCylD_d1drX6Je-G9bEF1v8OlJ3b0eZ6C7iEKTSLHTkBeGH3OTDajEO_n7frBHrxai6Vso4bx0n27vl5SG8Ip-pMYFeAMTNS4ilvY2x-jt_KP5n_9PG9GI1_FK86M5BsLmLyvlxaovWg&sai=AMfl-YS1jqmKFVTYOl3iaUY_44T6IjnbgEmZe54bZZernESVD_KyFpGyGCQ5gNTNDOui056q8Dr5Y8auT-h_fjpnEhlsQRc7dNJvFTHCcKSFj8-rlCdintPwQAERaCLE-Dgi&sig=Cg0ArKJSzIVADIkMTaiZEAE&urlfix=1&adurl=

Requested by

Host: studio.123greetings.com
URL: https://studio.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame AB15 87 KB
31 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc361c20be352b0dcad42da8349d28d26509dda353c46a813671f523822c2e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32027
x-xss-protection: 0
server: cafe
etag: 984411276932087231
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB15 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28380
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27216
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C403 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=studio.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C403 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=studio.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/ Frame C403 221 KB
83 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84205b72580bff351eca502f9184cfac70f0f4ff4ae4456cfa8f81d34aa000d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84800
x-xss-protection: 0
server: cafe
etag: 9296453514141258119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/ Frame D61F 0
0 8ms
5ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200723/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200723/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://studio.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkh8vPbEv6rSlSLvqUcPzaCQtU_MpL8U-a-pC0maoJDYx6JyGQUQJqQKZZZ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://studio.123greetings.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 23 Jul 2020 04:24:58 GMT
expires: Thu, 06 Aug 2020 04:24:58 GMT
content-type: text/html; charset=UTF-8
etag: 1809543571055990350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4277
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 376728
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C403 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c4922b0425c92a049cdb8f4ba96e0d6f8170331ed3c2a3609f2cf60f03cb584

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame AB15 109 B
168 B 16ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=studio.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame AB15 109 B
168 B 17ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=studio.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/ Frame AB15 221 KB
83 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84205b72580bff351eca502f9184cfac70f0f4ff4ae4456cfa8f81d34aa000d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 84800
x-xss-protection: 0
server: cafe
etag: 9296453514141258119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
DATA 200
OK truncated
/ Frame AB15 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d2f3dcf8e6942c610c01736b3d0c2e3e127550436cfedb51114ec893e6a723a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame E6B9 0
0 113ms
111ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031638&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fstudio.123greetings.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595855026640&bpp=25&bdt=62&idt=74&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=3713284627995&frm=23&ife=4&pv=2&ga_vid=2127298994.1595855026&ga_sid=1595855027&ga_hid=2145213632&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=11&biw=1600&bih=1200&isw=728&ish=90&ifk=1056315944&scr_x=0&scr_y=0&eid=21065756&oid=3&pvsid=3213678238107494&pem=107&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.6wd3dwjfxqmz&fsb=1&dtd=94

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031638&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fstudio.123greetings.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595855026640&bpp=25&bdt=62&idt=74&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=3713284627995&frm=23&ife=4&pv=2&ga_vid=2127298994.1595855026&ga_sid=1595855027&ga_hid=2145213632&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=11&biw=1600&bih=1200&isw=728&ish=90&ifk=1056315944&scr_x=0&scr_y=0&eid=21065756&oid=3&pvsid=3213678238107494&pem=107&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.6wd3dwjfxqmz&fsb=1&dtd=94
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://studio.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkh8vPbEv6rSlSLvqUcPzaCQtU_MpL8U-a-pC0maoJDYx6JyGQUQJqQKZZZ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://studio.123greetings.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Jul 2020 13:03:46 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C403 72 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27216
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 80DE 0
0 328ms
327ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031639&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fstudio.123greetings.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595855026677&bpp=6&bdt=94&idt=117&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=3713284627995&frm=23&ife=4&pv=1&ga_vid=2127298994.1595855026&ga_sid=1595855027&ga_hid=452523837&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=687&biw=1600&bih=1200&isw=728&ish=90&ifk=3631061191&scr_x=0&scr_y=0&oid=3&pvsid=2473659000381663&pem=107&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qmjxp123wtxj&fsb=1&dtd=123

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031639&w=728&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fstudio.123greetings.com%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1595855026677&bpp=6&bdt=94&idt=117&shv=r20200723&cbv=r20190131&ptt=5&saldr=sa&correlator=3713284627995&frm=23&ife=4&pv=1&ga_vid=2127298994.1595855026&ga_sid=1595855027&ga_hid=452523837&ga_fc=1&iag=3&icsg=682&nhd=1&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=687&biw=1600&bih=1200&isw=728&ish=90&ifk=3631061191&scr_x=0&scr_y=0&oid=3&pvsid=2473659000381663&pem=107&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qmjxp123wtxj&fsb=1&dtd=123
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://studio.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkh8vPbEv6rSlSLvqUcPzaCQtU_MpL8U-a-pC0maoJDYx6JyGQUQJqQKZZZ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://studio.123greetings.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Jul 2020 13:03:47 GMT
server: cafe
content-length: 21076
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB15 72 KB
27 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1595419060626807"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27216
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C403 0
54 B 56ms
55ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv74Y4DhyklgbsWGQ7Cly4VQQjsOUyveX8oPkMBM6HgEcNpiBVf-xD8oHDt3xXbEvENf2ZaoKygO9hVxLA1hU6HQ1Awo3WnIia_u1p-xIJhyPLWwmH2AS_7IOmzJv0OjBTYtl6tJiuE19qvLXy4ray8h3Mh1GpXUagcYxAqCFv-yUwyN7W0CMQE0kYngqCRVqciRlXX5PTQmUXMXEomgdxzgo96nhwu3e9zOEJwi6LxHOXYsTp-hSkyTn4l2P17E5g_mKbgBe9s7Y1saQDpdvVwhgGUPjDaBQ&sai=AMfl-YRgWAb3AvJO9Gz4AkPrtlfYmFYvaD-SQ5RTwP0VMKyHIi9w2ELvO693vVlZ52pNTM7lCJaPD5xFxRb1OWs1yBB1MjKr5FmNnG-ASqgQrVveYMl22lLuwQMwiVPOhw3P&sig=Cg0ArKJSzNvNzY4Y0qJeEAE&urlfix=1&adurl=

Requested by

Host: studio.123greetings.com
URL: https://studio.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:46 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C403 7 KB
6 KB 35ms
16ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200723&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6b0cd16188f27b2b758944b074a4351b9340e6cce446a9924e47d866b7e0a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5625
x-xss-protection: 0

GET
H/1.1 200
OK scroll-1.jpg
c.123g.us/images/ 34 KB
34 KB 23ms
22ms Image
image/jpeg 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/scroll-1.jpg
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 259ff132fda64ab584c9b788a92927a74eadd0bb98b5336d5948b32a49a59b35

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 18 Jul 2020 15:14:48 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:44 GMT
Server: Apache/2.2.15 (CentOS)
Age: 769738
ETag: "9cfb1-880a-54a227b728700"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34826
jake_test: Test_Pass

GET
H/1.1 200
OK scroll-2.jpg
c.123g.us/images/ 27 KB
27 KB 23ms
23ms Image
image/jpeg 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/scroll-2.jpg
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 04329bb9e6bf2ff35b4350cba5433b674e99825fbe2bfc244157a7d7c19ef4e0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 16 Jul 2020 08:08:29 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:45 GMT
Server: Apache/2.2.15 (CentOS)
Age: 968117
ETag: "9d014-6c61-54a227b81c940"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27745
jake_test: Test_Pass

GET
H/1.1 200
OK scroll-3.jpg
c.123g.us/images/ 24 KB
25 KB 24ms
23ms Image
image/jpeg 8.241.82.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/scroll-3.jpg
Requested by: Host: studio.123greetings.com
URL: https://studio.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.241.82.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b13cff290010ff370ab20c6ee59825290735821de602712efa06a0a19005d7ab

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 05 Jul 2020 02:22:58 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:07 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1939248
ETag: "615f-54da7c7971dc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24927
jake_test: Test_Pass
Expires: Sun, 05 Jul 2020 09:35:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C403 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:46 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5CD5 0
0 7ms
6ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://studio.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://studio.123greetings.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 27 Jul 2020 11:58:24 GMT
expires: Tue, 27 Jul 2021 11:58:24 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3922
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C403 0
120 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200723&jk=3213678238107494&bg=!VlWlVU1YrbB4CZIua24CAAAASVIAAAAMmQGU9DKhJbQLox3956AgVwmzRwzv6ccpzvW8-G1ACOGzd-5FlvUyhnpTW0BFXODO_Wo8EK1kXZREX5et_FsF2eep6Qw4F5kqMOstWWz1Bnyqg8PoKz02OkbYe8EV3jkKBaMXwXqOwTx1U_lVEEmbdd3I9ygdBvfT7Xy-m_yZoiqtSz9uj1Ib0yevoFIfRdBIi9LHgzKLejdKvsc6_5hyJpkMh31Q68AeAslBfFHKnc2gOe4LLGKnLa4mNR66MTfIS13ByICXMq8oLhuwyvEOa0zJ6u2H4J4jFwOTPWhHo7FF2Fg1WxCrIOEkkm4F2y3d4cp2JHPwKDYba7oejVaYffLA4NyBKqYEyv4VV1xiP4XHTT9m8Ln3ta3rqHxnlqr4lOZTYEAOxZ_AzjZnSIKNesHeDIU4yDhqpwBp2HiY6lePlbgatpp0bm1b67V59lqOcSLbfDHxLCDxfikVnz5s0DeIzL3dFZ-9ROlBhdx0vUpqUGrLoNeGRHTmicDKTg_bGd5Ovr7MMLlSgyMzQQz6YRJ9r8gjUa4

Requested by

Host: studio.123greetings.com
URL: https://studio.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 13:03:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame AB15 0
172 B 105ms
105ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstL7EKXlZk8dLP7AK-hBKj754jOyxixIkhhj58mjYBgcP1XncFoNaAB4ZHROI_VArqb13W1b1rlllFtbH920dE-Z7TcgaePzCl7cDvrZSqv80ucJG6m0dXDd2N86iXrn1cOVe8KP1utQBkcWXGssQFalmw7VIgQxuFO7vxTXFZHAiY2IkTBZLKVIg-h-5xSFYs-ZJxCVUGk5kMG8XqO0XYHtjMe1yQIDICYSWc_4wIzmBejy_6_S32B0dHfu53q81AHBM6VuNUt2WeNk_eYmoar7TFuT-dKzwljiw&sai=AMfl-YSGZ-ssQdknX0IbfgOPdPsP4GTDya4v1xt-j6We5fM8_Iu55Ib1SQBaA-9W7RPhozyYsvs6SVruerNL8chEii2De5QydIMyGWyEmaRpiUVH-AxyCM-4ELRp9jX085j8&sig=Cg0ArKJSzNyA0IfdT_x-EAE&urlfix=1&adurl=

Requested by

Host: studio.123greetings.com
URL: https://studio.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:47 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AB15 7 KB
6 KB 16ms
16ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200723&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54fd33b1d57997d41548cbe4048d9346bd7635134ffcf844a964838b0269b8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5625
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 16ms
16ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020072001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

982f8632bd357df436147cb8784cf30678bb68e87d8a7666e15afb896e3b96a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Jul 2020 13:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5640
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AB15 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200723/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:47 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 27 Jul 2020 13:03:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 27 Jul 2020 13:03:47 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 4C74 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://studio.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://studio.123greetings.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 27 Jul 2020 11:58:24 GMT
expires: Tue, 27 Jul 2021 11:58:24 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3923
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 945F 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://studio.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://studio.123greetings.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 27 Jul 2020 11:58:24 GMT
expires: Tue, 27 Jul 2021 11:58:24 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3923
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB15 0
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200723&jk=2473659000381663&bg=!fX6lfmZYB95RHNSGNlMCAAAAkVIAAAAVmQGUjaOsPUqI8c4k-0lM28uGkZleavc4OqyMeGCrhb4EJUeO46jkIYV0qjhbCKMsmSQ1t1w01MRow0EueLw-zSHN7ZEjUhTkeAXmLjumT7hqwW1Kqry_WxBSJS-FDozT8eXujGSH_vVFStgsxoOmMuQiSG9FIyrD2oAYbVYnxyxGWLUeoy2XVffOVfV4Qnv2iIrlxsivB2BeyU9__Ub0jAe3SM6k6axrhy6WlTfMMIRK4SC1og9zkzExi1dt2NJiBxqAP5iHziBl0ZnRn9SZ3_GZ4qvKgxkBJSqtY85Dp7Jfi0lCvpsH1PeaUUFm42fFPvV1u8SYdSDROUqD_RJHMXV-4PgYPnF5c2uksREFJkWXXrPid1eEhE-Fr-SInKv80j58aVrZ4ForGry0x9cqStV8rWtuZS_51JohYs3nIIfnWnIWHs8G3kDAwCnOmiTpRtwgVjUi1wiR6YfmBE1rFknrds4IbTIq6_gJUfTgv8uzBnKY2M3gZ9Z8PkrbvdT0atjh0E4YWJULsXtzkzxzKpdfr210l6Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 13:03:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020072001&jk=1297059400516984&bg=!NDelNy9YRuQFmBIoBiACAAAAlFIAAAAZmQGO4zGzdA4ebXf8jM9iaAAlx-4pIZSl3tEU3qBceAXQ1k-546nzgv0-tI5ukbY4bbYzQGsTxa3zB63gW07P1iX_QFn3S11AAy6nY1DNv59l-Bi7NGz4v0Ybck02Cdlcwh5TKVhwVhvlZ5W7IOxYDvhxPMeeDHZSzEbczJ5AOTzjWGHG43h28mqWDC7VbMt6vugXMaLjgcncViEXLEbtR1Mtm6sOk0oNSf8QmH5UDnrtHfJz9THnsM9oRavMh5TYSwcTBNubGI1qZ1v2FwAnBwcS3JST9ZKAvGG1P1E7AwdElBI67Lik6es3X0_P_QtjRdOS-si0drKBaqE5Q8hazW-Whnn_r6s6I140dfYnVbE5yDn1ZDNlruf7Sr97JdVz2Lf9IHaZugLLrQgXq0bRhhLWO7VaNevTSoDv_k1R8_O3gHzf3MKT8KrYvarjyM-Fz6L7obFJlkz1EfJekL7neLbHh-FDm6YTwyJNXcCRwZ3tR7iwXn_7UPXbDn9jEu408atr8rggJarzNINsE82w85g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 13:03:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C403 42 B
112 B 39ms
39ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuJrdDqMH3wvHaFbBLkh6JRMyOdhEeE869tWx9uxwdTiJvya50Hk2uXJrjLgsnRGyGHWlcvZ2pr6i2nF7DqdUuWBHsnyjVJBQIiUimouE&sig=Cg0ArKJSzLFkjJmmRBfbEAE&adk=3879911032&tt=-1&bs=1600%2C1200&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&p=11,560,101,1288&mcvt=1014&rs=3&ht=0&tfs=197&tls=1210&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1595855026587&dlt&rpt=104&isd=0&msd=0&ext&xdi=0&ps=1600%2C990&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-8-10-10-0-0-0&tvt=1204&is=728%2C90&iframe_loc=https%3A%2F%2Fstudio.123greetings.com%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200722

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 13:03:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AB15 42 B
107 B 39ms
38ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMoWMcun9H-qFoeEcGc-Cv8cd3QoRIGzotQpvd-3h06bpoi4QQJ8XDXA8AsTjGvR2ADdqr2zk5RwYhLkD9IQi4hO9_x6e2md_ImYacaJQ&sig=Cg0ArKJSzPGPvQAoPpaWEAE&adk=2649996543&tt=-1&bs=1600%2C1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&p=687,436,777,1164&mcvt=1008&rs=3&ht=0&tfs=640&tls=1648&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1595855026591&dlt&rpt=103&isd=0&msd=0&ext&xdi=0&ps=1600%2C990&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-3-10-10-0-0-0&tvt=1646&is=728%2C90&iframe_loc=https%3A%2F%2Fstudio.123greetings.com%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200722

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://studio.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Jul 2020 13:03:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

516 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 11:17:38	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

87334761c27a06125ccc88e40a32c182.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
c.123g.us
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s3.amazonaws.com
securepubads.g.doubleclick.net
studio.123greetings.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
x.123g.us
172.217.16.130
2a00:1450:4001:801::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:819::2001
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::200a
2a03:2880:f11c:8183:face:b00c:0:25de
52.217.40.150
75.101.158.177
8.241.82.252
8.241.88.124
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
04329bb9e6bf2ff35b4350cba5433b674e99825fbe2bfc244157a7d7c19ef4e0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0cac685ef306fe1a822242b1895477d87e3e2fbfbab6cf55d9d0a67727085b7c
1d2f3dcf8e6942c610c01736b3d0c2e3e127550436cfedb51114ec893e6a723a
259ff132fda64ab584c9b788a92927a74eadd0bb98b5336d5948b32a49a59b35
288fa56074020c983f1a411d04a184c787e15af1bfc04aad4a1ad660ad234a5e
30d05c83e6d7dd38f40dd03a37bfae06d2cdcf943384d8ccce9e6c683cc78280
31e539be75870ad6cec377525eb196ea9fbc423ea53d68c03b2c94b96701bc47
39ed72a8d2a323d57e0f370f573b0d9b5671169cfb27fbc6cf59c7d729c80365
54fd33b1d57997d41548cbe4048d9346bd7635134ffcf844a964838b0269b8fa
6bde4f89efb1dddcd89c93fc5c1899fd4b3029b58a630a1e172b752f3d478d3f
6c4922b0425c92a049cdb8f4ba96e0d6f8170331ed3c2a3609f2cf60f03cb584
7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4
7e306d9d3db830baf2f18857d36672f645edc82ddde14244b3f477d6f6014fc4
806f3792acfeeeca3d554fe6bad3b2d85313b5498c68bf0b77413bb7e1df78dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84205b72580bff351eca502f9184cfac70f0f4ff4ae4456cfa8f81d34aa000d8
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
982f8632bd357df436147cb8784cf30678bb68e87d8a7666e15afb896e3b96a6
a03490339c2f4b02b16cafcc4e6f56f51494049ca0e5cc8f84851b32f14c9023
a5df4cbe089972488f66c3dc318c74ff2467967db69f87d00e54948ad0ca2b56
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b13cff290010ff370ab20c6ee59825290735821de602712efa06a0a19005d7ab
bb4fe9526e5efd11f6c46ca6cce494758cc56a40efc99f42fe18607473827651
bc361c20be352b0dcad42da8349d28d26509dda353c46a813671f523822c2e81
c5e5742593fb85b25251acdb96a2f0d31ee17b2eb8b6b8c737714ea1efc56a11
c6b0cd16188f27b2b758944b074a4351b9340e6cce446a9924e47d866b7e0a6a
c89ba4ad560cf46afb5802fafe9926f6de65bed48ce09549da99231e4f213667
e06cfc5798f65811aa4c38afa46c12c4ee672ace29cd56eb5a80276122d2457c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9a8876c83dc842f51f065b19e9150068d11ec099ad54da586c98f229ee6bd3c
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

studio.123greetings.com Open in urlscan Pro 75.101.158.177 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

58 %IPv6

11 Domains

15 Subdomains

13 IPs

3 Countries

1110 kBTransfer

2706 kBSize

1 Cookies

25 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

studio.123greetings.com Open in urlscan Pro
75.101.158.177 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

58 %
IPv6

11
Domains

15
Subdomains

13
IPs

3
Countries

1110 kB
Transfer

2706 kB
Size

1
Cookies

65 HTTP transactions
2 data transactions