www.123greetings.com Open in urlscan Pro
184.72.244.154 Public Scan

URL:
https://www.123greetings.com/
Submission: On July 30 via manual (July 30th 2021, 2:36:41 pm UTC) from US

Summary HTTP 346 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 45 IPs in 11 countries across 47 domains to perform 346 HTTP transactions. The main IP is 184.72.244.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.

This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	184.72.244.154 184.72.244.154	14618 (AMAZON-AES) (AMAZON-AES)
21	67.27.233.124 67.27.233.124	3356 (LEVEL3) (LEVEL3)
13	8.253.95.245 8.253.95.245	3356 (LEVEL3) (LEVEL3)
2	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1 3	52.54.0.202 52.54.0.202	14618 (AMAZON-AES) (AMAZON-AES)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
19	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
7	2600:9000:219... 2600:9000:2190:7400:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:219... 2600:9000:2190:7400:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
40	2606:4700::68... 2606:4700::6812:1cf8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:20e... 2600:9000:20eb:2600:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
27	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
3 34	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
8	2600:9000:219... 2600:9000:2190:3e00:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	13.224.96.44 13.224.96.44	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	217.66.147.166 217.66.147.166	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 4	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
4 4	213.155.156.182 213.155.156.182	1299 (TELIANET ...) (TELIANET Telia Carrier)
2 2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	54.76.217.27 54.76.217.27	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.138.120 185.86.138.120	201081 (SMARTADSE...) (SMARTADSERVER)
1	91.228.74.133 91.228.74.133	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	3.228.133.61 3.228.133.61	14618 (AMAZON-AES) (AMAZON-AES)
2	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 3	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
4 4	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	124.146.215.46 124.146.215.46	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	44.194.225.67 44.194.225.67	14618 (AMAZON-AES) (AMAZON-AES)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	35.157.168.25 35.157.168.25	16509 (AMAZON-02) (AMAZON-02)
2 2	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	35.72.120.200 35.72.120.200	16509 (AMAZON-02) (AMAZON-02)
4	34.102.219.251 34.102.219.251	15169 (GOOGLE) (GOOGLE)
7	52.42.241.136 52.42.241.136	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	52.1.142.100 52.1.142.100	14618 (AMAZON-AES) (AMAZON-AES)
2	52.1.46.74 52.1.46.74	14618 (AMAZON-AES) (AMAZON-AES)
4 4	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
2	174.129.232.188 174.129.232.188	14618 (AMAZON-AES) (AMAZON-AES)
4	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
4	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
16	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
346	45

1 184.72.244.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com

www.123greetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 67.27.233.124 (United States)

ASN3356 (LEVEL3, US)

c.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 8.253.95.245 (United States)

ASN3356 (LEVEL3, US)

i.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.54.0.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-0-202.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2190:7400:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2190:7400:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700::6812:1cf8 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.bannernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icv.bannernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:2600:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2190:3e00:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.44 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-44.zrh50.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.166 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.155.156.182 (Uppsala, Sweden) 4 redirects

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Madrid, Spain) 2 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.217.27 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.120 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Schopfheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.133.61 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.115 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.46 (Minato-ku, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.71.25 (Portsmouth, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.194.225.67 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.168.25 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.72.120.200 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-120-200.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.219.251 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 251.219.102.34.bc.googleusercontent.com

stats.bannernow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.42.241.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-241-136.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.1.142.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-142-100.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.46.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-46-74.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.13 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 174.129.232.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	doubleclick.net 3 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net pubads.g.doubleclick.net	176 KB
55	googlesyndication.com pagead2.googlesyndication.com 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	462 KB
44	bannernow.com storage.bannernow.com stats.bannernow.com icv.bannernow.com	639 KB
34	123g.us c.123g.us i.123g.us x.123g.us	793 KB
29	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com cdn1.avantisvideo.com avm.avantisvideo.com events1.avantisvideo.com	291 KB
27	2mdn.net s0.2mdn.net	501 KB
22	aniview.com play.aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	390 KB
16	googleapis.com imasdk.googleapis.com	2 MB
12	google.com adservice.google.com www.google.com	2 KB
9	googletagservices.com www.googletagservices.com	313 KB
8	adnxs.com 4 redirects secure.adnxs.com ib.adnxs.com	9 KB
4	spotxchange.com search.spotxchange.com	4 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	2 KB
4	de17a.com 4 redirects d5p.de17a.com	1 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	rfihub.com 2 redirects p.rfihub.com a.rfihub.com	3 KB
3	mts.ru 3 redirects sm.rtb.mts.ru tech.rtb.mts.ru	2 KB
3	yahoo.com 3 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	3 KB
3	trkn.us 1 redirects trkn.us	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com	977 B
2	e-volution.ai rtb2-useast.e-volution.ai	466 B
2	sonobi.com 2 redirects sync.go.sonobi.com	2 KB
2	dotomi.com dclk-match.dotomi.com	207 B
2	google.de adservice.google.de	975 B
2	google-analytics.com www.google-analytics.com	19 KB
2	ytimg.com i.ytimg.com	6 KB
1	adingo.jp cc.adingo.jp	44 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	580 B
1	1rx.io 1 redirects sync.1rx.io	695 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	565 B
1	fksnk.com 1 redirects fksnk.com	613 B
1	socdm.com 1 redirects tg.socdm.com	1 KB
1	blismedia.com tr.blismedia.com	136 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	730 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	583 B
1	quantserve.com cms.quantserve.com	463 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	456 B
1	yieldmo.com 1 redirects ads.yieldmo.com	465 B
1	simpli.fi 1 redirects um.simpli.fi	709 B
1	smaato.net 1 redirects s.ad.smaato.net	689 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	mathtag.com 1 redirects sync.mathtag.com	816 B
1	googleadservices.com partner.googleadservices.com	662 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	123greetings.com www.123greetings.com	9 KB
346	47

	Domain	Requested by
33	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
27	s0.2mdn.net	www.123greetings.com s0.2mdn.net 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com storage.bannernow.com imasdk.googleapis.com
26	pagead2.googlesyndication.com	www.123greetings.com pagead2.googlesyndication.com tpc.googlesyndication.com 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com srcdoc
24	storage.bannernow.com	4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com storage.bannernow.com
22	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
20	c.123g.us	www.123greetings.com c.123g.us
16	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
16	icv.bannernow.com	storage.bannernow.com
13	i.123g.us	www.123greetings.com c.123g.us
12	track1.aniview.com	player.aniview.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.123greetings.com
10	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
9	www.googletagservices.com	c.123g.us pagead2.googlesyndication.com securepubads.g.doubleclick.net 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
8	pubads.g.doubleclick.net	imasdk.googleapis.com
8	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
7	events1.avantisvideo.com	cdn.avantisvideo.com
7	cdn.avantisvideo.com	securepubads.g.doubleclick.net cdn.avantisvideo.com
6	4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	player.aniview.com	cdn.avantisvideo.com player.aniview.com
4	search.spotxchange.com	player.aniview.com
4	ib.adnxs.com	player.aniview.com
4	secure.adnxs.com	4 redirects
4	stats.bannernow.com	storage.bannernow.com
4	image6.pubmatic.com	4 redirects
4	d5p.de17a.com	4 redirects
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	static.avantisvideo.com	cdn.avantisvideo.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com www.123greetings.com
3	cdn1.avantisvideo.com	cdn.avantisvideo.com
3	trkn.us	1 redirects www.123greetings.com
2	sync.aniview.com	player.aniview.com
2	go1.aniview.com	player.aniview.com
2	x.bidswitch.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	a.rfihub.com	1 redirects 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
2	rtb2-useast.e-volution.ai	4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
2	sync.go.sonobi.com	2 redirects
2	s.tribalfusion.com	4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
2	a.tribalfusion.com	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	dclk-match.dotomi.com	4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.123greetings.com
2	www.google.com	tpc.googlesyndication.com 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	i.ytimg.com	www.123greetings.com
1	ade.googlesyndication.com
1	play.aniview.com	cdn.avantisvideo.com
1	cc.adingo.jp	4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	fksnk.com	1 redirects
1	tg.socdm.com	1 redirects
1	tr.blismedia.com	4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
1	p.rfihub.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
1	ssbsync.smartadserver.com	1 redirects
1	ads.yieldmo.com	1 redirects
1	um.simpli.fi	1 redirects
1	tech.rtb.mts.ru	1 redirects
1	s.ad.smaato.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	sync.mathtag.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	x.123g.us	c.123g.us
1	www.googletagmanager.com	www.123greetings.com
1	www.123greetings.com
346	73

This site contains links to these domains. Also see Links.

Domain
studio.123greetings.com
feeds.feedburner.com
nl.123greetings.com
www.addthis.com
info.123greetings.com
blog.123greetings.com
widgets.123greetings.com
help.123greetings.com

Subject Issuer	Validity	Valid
*.123greetings.com Go Daddy Secure Certificate Authority - G2	`2020-04-29` - `2022-04-29`	2 years	crt.sh
*.123g.us Go Daddy Secure Certificate Authority - G2	`2019-06-21` - `2021-09-16`	2 years	crt.sh
edgestatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2021-01-19` - `2022-02-20`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.avantisvideo.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh
stats.bannernow.com GTS CA 1D4	`2021-06-27` - `2021-09-25`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 56 frames:

Primary Page: https://www.123greetings.com/
Frame ID: E2E308685A166E5CCB5C2494F444B846
Requests: 93 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210728/r20190131/zrt_lookup.html
Frame ID: 327C54006D8A32BB75E991047FB8F980
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1627655201&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627655782297&bpp=2&bdt=436&idt=72&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1472149154083&frm=20&pv=2&ga_vid=1512183023.1627655782&ga_sid=1627655782&ga_hid=1784622142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060031%2C20211866%2C31062064&oid=3&pvsid=2429459478161788&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=88
Frame ID: BB3A7E0F1B177AED2E6E03CDF33EE9A3
Requests: 1 HTTP requests in this frame

Frame: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9034AB94464206E1AC1D5A27AD08BEDA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 24507A18F1D0AAAC0E1489EEE00545EB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 96C795AEDDCC25FA66709787D964D092
Requests: 1 HTTP requests in this frame

Frame: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9E7E393A4D4022630F7E6622F74839C2
Requests: 15 HTTP requests in this frame

Frame: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E44D75983FFD2D543D34C06FB8E3F808
Requests: 10 HTTP requests in this frame

Frame: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0BC7A974D49A2B3D391032A7F8477FD2
Requests: 9 HTTP requests in this frame

Frame: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7786E91FA323E8A2BD9A43DCDE0C1358
Requests: 10 HTTP requests in this frame

Frame: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B676D057F5360446818E5E5000C84CAB
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQpJwmaoks5p1p1VEEPgWo88NL8E5v5mZa5zZ5gFKY5WFsFiEkWJ45l9LEuyojGUyn6ddUkOOst_7DCNb_VHoGngF-DknrISNyHQwDVmuPVzfum24GO3zaqBIhkYDUWwZUUXn-25qR52G0JxQKFouVj3d9A-pcMYYY-zb3FT2ld63LUuhJPut4Y0D-CgkP-qPVa2M2jRaK9i04BP78xQJfjTGPQq6jdNvoOmxDCt9-xG45XTHetUIp6-vtFXs5WrlzFOCn4pyCANKDVn6oryBq6v1qEyp6sKW6Jiwa0K5ew0vb7ELCy4A8dA0D_nsoGSeHhJ04LYyAF5guCQ&sig=Cg0ArKJSzB9tRkHVOa6CEAE&urlfix=1&adurl=
Frame ID: 123483F1B8620CBE628EE899B1B60AE4
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWYncVnwmv7CW2XwpmSJgBphPW_d3wHYGI8sS5PJDCSVj06LJpSLPoh8ktSVVdO5CpQZe8HYj84DgZ7is3cV4Nt_Ay2l_fgdBuMWANFEAhsEMxNR7X-kN7Oj-KaFtZ_BDRYD6vZwRyxhyxJpAi59BjuL0f1Kzq8Bw_6USBl2PA2_2iAnEW15kVsFSNl2hdK5cgFepi-SXq4Tk3rjhce_f9lRs3ToCP7k3QCh88EEMJnyHuAr1NSX71W-9bd7xtD2bM-eKm3vNvIV7gCDNCVcHVb6MJck3e4VZldeZC25RsFdpKKBuArzG1NYIZwqLDN4Ma2cnRqevm1-0U1G1qf_L--oslpw&sig=Cg0ArKJSzH6NB8C4zeZAEAE&urlfix=1&adurl=
Frame ID: 411609D1771A680C28688AAD8AE08842
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGO-61JoBMAE&v=APEucNVRS3Edotn7ZRygmwLvAx3fAjQrrUces7pJ3XopEc8000zLnnV74p7vwVTl3Pwosq-fhdUGKj6RMjGHdNv0DoZSquLRSA
Frame ID: E41C0375544A2F57900DED05B2FAAF62
Requests: 4 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: DE6C15B4B708C0951439BAF15836223A
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 60901D2D58FF82933F249060F2D02A2F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 101ED051D6F96A3A3410F1C3F34610C0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A1A58F89C24962F449609EE4926E9967
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B02C5D9737F3B9CF05B9D8DCE2B28EF9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63DEFC0DF375530FB222CE4C4891E359
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/9506911/1609938328780/index.html
Frame ID: DE4942885D93452FAC4746F13B91639C
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D3F391F9E0B55E178F8B83149536B05E
Requests: 9 HTTP requests in this frame

Frame: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Frame ID: B467297E36DEA194579CD83F1489603B
Requests: 12 HTTP requests in this frame

Frame: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Frame ID: 2C62FD0A315686A0B47AE426B8A3A0A3
Requests: 12 HTTP requests in this frame

Frame: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Frame ID: 1C848F691A2EFD975B176150DD1D2680
Requests: 12 HTTP requests in this frame

Frame: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Frame ID: 3BBBC66E4BA66FD7FC41D5F5021F57B0
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B98BAD0622B5A3DB06EE6402E08A6A24
Requests: 3 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: BF105A17D4EEA544EF031B55F27E2E6E
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: 7C4409794ABFD6E22914722776F1AC2E
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: 52F9A011C6FFACB2125B8E29174CC3A5
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1627655785944-950044584672-006831-001-008598&biddername=55&key=941476052173524522
Frame ID: 0EA7A18DC80C9F1D048D282E764E939A
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1627655786029-952045205672-007338-011-002912&biddername=55&key=4765506916091213428
Frame ID: 2888D3C5258B999DCA18B460CF85B513
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 4C27BBE6FDD1DB0CCEF6C2CE67A5F572
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B510FDEF4BB9929B5C9CE82F1E4600AD
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 22C20F5D409D860F80A9A8EDEC19A8AB
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: F39AEEF577966912DB51515E38641EB6
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 294ACB7B2CFCA5016CD859C8AD708A22
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 9B14C92A02E6E80CEB084C55DFF81365
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 5B618D23B4A169AEF5860CD8CC2D44A0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: C77051AE1AE1703041C4C93C9F443FF8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 51FCE8BB2F75C4B9872631CA3C8C6CDE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EE7D3418DF3AAED82ACE2CC4F167C4C8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CAEB942820AC956CC1AF2A1620E8F6F0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0967695DFC1038DC1998EC4E6D508A2C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: F0B93E02B378AC9E4C7CBBA1ECAE2307
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 7E27441B7938F519B049FDDE8D8D4B71
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 7468DB4C8A7C7505405E0C9CC5D71DA0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 6684D3A54EBA504997B9C70331C1A324
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 62329FEAB02881535BB924393E7E8F05
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: B4D94996ECFAFA13E2542223E01EDBFD
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 69B97C57E73EF987886641E4F2A32E4A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 79AD24D146D5BD507F5048B3A32D5284
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: 569F9A510B1C984A7C9F8E30091C2111
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html
Frame ID: C57A664DCAC8F8DADA6F80394B71CC4C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 38B79F2CDF01E2500CDA5D3BB4CE9464
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2B72F1B2F89843EF934CAEEA09395495
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

346
Requests

97 %
HTTPS

36 %
IPv6

47
Domains

73
Subdomains

45
IPs

11
Countries

6111 kB
Transfer

16098 kB
Size

6
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://studio.123greetings.com/
Title: Studio

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/123greetings-daily-rss

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/blog/
Title: Editor Bob's Blog

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/company/pressroom/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://blog.123greetings.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://widgets.123greetings.com/
Title: Widgets

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/tell-a-friend
Title: Recommend Us

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/contact_us.html
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8023454095.8385315&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible HTTP 302
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8023454095.8385315&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible&ip=195.242.213.229&cuidchk=1

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnceE67ctpAt05KtdnR_BI&google_cver=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQQOZ5NNtd1IWS7i7Y7djwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnceE67ctpAt05KtdnR_BI&google_cver=1

Request Chain 144

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBjPd2Plx4qGEzeV80Hsm5s&google_cver=1&google_push=AYg5qPJ0dFNV9HEHG-n0mGwzOgx-CQpgCiiM4tEBCXnbexDiwkcMqwzqIzQwVy2z_PWQrJddOnA6HixiQWnDu2Xc8j8HnCxrcmk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ0dFNV9HEHG-n0mGwzOgx-CQpgCiiM4tEBCXnbexDiwkcMqwzqIzQwVy2z_PWQrJddOnA6HixiQWnDu2Xc8j8HnCxrcmk

Request Chain 145

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPDcl4VSLL_RsUFLG7TcdWQ&google_cver=1&google_push=AYg5qPIW36on_0SHVG0gmfhDkJntcrZ4p-uTdxIGzgnUOHK6Ft-n4DLKXTHJxA4319iUdHEm9aGkHolziRRkvpGyFBiQB-3_ib5l HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JRRzg4VkotMVAtOUdRVA==&google_push=AYg5qPIW36on_0SHVG0gmfhDkJntcrZ4p-uTdxIGzgnUOHK6Ft-n4DLKXTHJxA4319iUdHEm9aGkHolziRRkvpGyFBiQB-3_ib5l

Request Chain 146

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFRLxth6y8ZnhFI4A3_x9zM&google_cver=1&google_push=AYg5qPIVIKGwW12gZIeWmgsQrnD5L3POq3_UnihFsuLhguEtuj-tnf2pPzZhb1H7qn5p9BkAbbTRRC667R4HLYxYf_uezjmkwE4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=8da3856f6e42d73ccf0b&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPIVIKGwW12gZIeWmgsQrnD5L3POq3_UnihFsuLhguEtuj-tnf2pPzZhb1H7qn5p9BkAbbTRRC667R4HLYxYf_uezjmkwE4

Request Chain 147

https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEECZCnYZh0tFBTr3w9lj5yI&google_cver=1&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ

Request Chain 148

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBeVPtuJcpSF_xfg1oZLuBg&google_cver=1&google_push=AYg5qPJ_wiqLjflIdQgOVk8dhMac_B3TbGXTHRoXIzoQI_zArRgEXd8hNCIwfcyx4sJRnSkMCbmfTvkYYm96Y6MIzHrlb9ikjnk-mw HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBeVPtuJcpSF_xfg1oZLuBg&google_cver=1&google_push=AYg5qPJ_wiqLjflIdQgOVk8dhMac_B3TbGXTHRoXIzoQI_zArRgEXd8hNCIwfcyx4sJRnSkMCbmfTvkYYm96Y6MIzHrlb9ikjnk-mw&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CNGxQclBSRTJ1RlpUQmtpVkFvRlg1SVZwSWJqVDhIU35B&google_push=AYg5qPJ_wiqLjflIdQgOVk8dhMac_B3TbGXTHRoXIzoQI_zArRgEXd8hNCIwfcyx4sJRnSkMCbmfTvkYYm96Y6MIzHrlb9ikjnk-mw

Request Chain 149

https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEIrP3sB5fNZmpmlAyxzRueA&google_cver=1&google_push=AYg5qPIJBZLUm6BPPuuc04KdgsPfvRBTx_izYN92gTBpIG7UHH8oXucqE5xmsarJY0JXtWZu0aNOHQqUCT-n769uzD4VCoQd-RNYig HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Da2d5fc99-3d46-4f1b-b7da-e70cbcfeef55%26google_push%3DAYg5qPIJBZLUm6BPPuuc04KdgsPfvRBTx_izYN92gTBpIG7UHH8oXucqE5xmsarJY0JXtWZu0aNOHQqUCT-n769uzD4VCoQd-RNYig&ssp=googlevid&exu=CAESEIrP3sB5fNZmpmlAyxzRueA HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=a2d5fc99-3d46-4f1b-b7da-e70cbcfeef55&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Da2d5fc99-3d46-4f1b-b7da-e70cbcfeef55%26google_push%3DAYg5qPIJBZLUm6BPPuuc04KdgsPfvRBTx_izYN92gTBpIG7UHH8oXucqE5xmsarJY0JXtWZu0aNOHQqUCT-n769uzD4VCoQd-RNYig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=a2d5fc99-3d46-4f1b-b7da-e70cbcfeef55&google_push=AYg5qPIJBZLUm6BPPuuc04KdgsPfvRBTx_izYN92gTBpIG7UHH8oXucqE5xmsarJY0JXtWZu0aNOHQqUCT-n769uzD4VCoQd-RNYig

Request Chain 152

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPL46s1I_4gWliURXZTBX2DsYzkQHB1bCN1cnY2KQjPv4R--xROGpZXJvdZFm1U7YSzRrOa22574hYlnvJ40aRN5lGwwL0V2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL46s1I_4gWliURXZTBX2DsYzkQHB1bCN1cnY2KQjPv4R--xROGpZXJvdZFm1U7YSzRrOa22574hYlnvJ40aRN5lGwwL0V2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPL46s1I_4gWliURXZTBX2DsYzkQHB1bCN1cnY2KQjPv4R--xROGpZXJvdZFm1U7YSzRrOa22574hYlnvJ40aRN5lGwwL0V2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL46s1I_4gWliURXZTBX2DsYzkQHB1bCN1cnY2KQjPv4R--xROGpZXJvdZFm1U7YSzRrOa22574hYlnvJ40aRN5lGwwL0V2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 153

https://um.simpli.fi/gp_match?google_gid=CAESEKzMKXQ-hkf-Z_YUGC-gQm8&google_cver=1&google_push=AYg5qPLBrqCWQznNtzoJTyuu3NBaakQxEBxdkNgLjJyMpaH8SaWvTV98JLsy0tJSFZaVUFy9AkBUYF1AjRzCXXNGKa077mYaypI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EB5C6C4E03774486AA57A2C62801004E&google_push=AYg5qPLBrqCWQznNtzoJTyuu3NBaakQxEBxdkNgLjJyMpaH8SaWvTV98JLsy0tJSFZaVUFy9AkBUYF1AjRzCXXNGKa077mYaypI

Request Chain 154

https://d5p.de17a.com/cookies/google?google_gid=CAESEOhfTzCim2n0r6pHnUwEbL0&google_cver=1&google_push=AYg5qPK3pRF4MXFwxPzFKOC4xqysbcIAf3DglCiGjb0zNOQpezWysufb3az7OMl-nZhceovKIqTYyz6iuG6pn8yAXoldWoZJERA HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOhfTzCim2n0r6pHnUwEbL0&google_cver=1&google_push=AYg5qPK3pRF4MXFwxPzFKOC4xqysbcIAf3DglCiGjb0zNOQpezWysufb3az7OMl-nZhceovKIqTYyz6iuG6pn8yAXoldWoZJERA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK3pRF4MXFwxPzFKOC4xqysbcIAf3DglCiGjb0zNOQpezWysufb3az7OMl-nZhceovKIqTYyz6iuG6pn8yAXoldWoZJERA

Request Chain 155

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJKzuDvz72CetHvjoytcwAQAPMNAGCYS2c3aBRkCmvdkEck3LPbQ2Wv2iq44yEOINSA5KwbhBJWsCRAFgo1OW_JFz4Vz1lp%26google_hm%3D%5BUID%5D&google_gid=CAESEDreHVzEX5Ph0FFgzmPOpIo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJKzuDvz72CetHvjoytcwAQAPMNAGCYS2c3aBRkCmvdkEck3LPbQ2Wv2iq44yEOINSA5KwbhBJWsCRAFgo1OW_JFz4Vz1lp&google_hm=39337cd6-b788-4b3e-85d7-8e7bb3bf83f6

Request Chain 156

https://ads.yieldmo.com/exptsync?google_gid=CAESEHruyWM4-jg2R_-FnLCl05I&google_cver=1&google_push=AYg5qPKDB5qeJUbM3_9s1hbdNpODsYR6YDkVhxJE-OPFFfBeUZh-NZLwHK4I1ANEOVzOhIbjWd-gYZ3iqkNFH4IDa89KxTpfsFHB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPKDB5qeJUbM3_9s1hbdNpODsYR6YDkVhxJE-OPFFfBeUZh-NZLwHK4I1ANEOVzOhIbjWd-gYZ3iqkNFH4IDa89KxTpfsFHB&google_hm=ZzVmYTU0MDE1NzI1ZmIyYWYyOGQ=

Request Chain 157

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEArI2p6C3DLp3TB1XpNuOPk&google_cver=1&google_push=AYg5qPIPNiYjDzuasJXwEVjhM6SCxbCSdqHltthXVB1BCoyJKIsJCeiUA31Q7eD0kucbd14JOxUV1_CVzieN8E_ezYvjTvTolm0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIPNiYjDzuasJXwEVjhM6SCxbCSdqHltthXVB1BCoyJKIsJCeiUA31Q7eD0kucbd14JOxUV1_CVzieN8E_ezYvjTvTolm0&google_hm=NDMxOTY3MTE1MzUzMDIwMzI3NQ%3D%3D

Request Chain 160

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPJZErvY4OIguoGdZgSjNH9NHrvyUKE8TS_SjU-BAVBFE1RiQJnWEnLsUijL9g-cMWmphtppkfJiKRUnssbrQL7vNwT7EUnz&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJZErvY4OIguoGdZgSjNH9NHrvyUKE8TS_SjU-BAVBFE1RiQJnWEnLsUijL9g-cMWmphtppkfJiKRUnssbrQL7vNwT7EUnz%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPJZErvY4OIguoGdZgSjNH9NHrvyUKE8TS_SjU-BAVBFE1RiQJnWEnLsUijL9g-cMWmphtppkfJiKRUnssbrQL7vNwT7EUnz&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJZErvY4OIguoGdZgSjNH9NHrvyUKE8TS_SjU-BAVBFE1RiQJnWEnLsUijL9g-cMWmphtppkfJiKRUnssbrQL7vNwT7EUnz%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 161

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN9mkui8usH-O06xhDWUlLg&google_cver=1&google_push=AYg5qPLrOh-6lCWdy0BPq3VES_zZoLMamd-0p17XnjFADL7B24BvZya9Kmmihmzxl0VRezScs1rYKCGyJexwX7Jr3I1SyzyH5po HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5MDcyODM2MTQzMDU0NjU4NA%3D%3D&google_push=AYg5qPLrOh-6lCWdy0BPq3VES_zZoLMamd-0p17XnjFADL7B24BvZya9Kmmihmzxl0VRezScs1rYKCGyJexwX7Jr3I1SyzyH5po

Request Chain 162

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPwqE-yw7QZMK4tWmRjsRo0&google_cver=1&google_push=AYg5qPLnDuxdaQ25E3L1JP27qY0ORQeRn7J1kTgKHX4fLMrfLVjkwCo27S5ZaBbOoCeoc_yEoe4qF2KvkD7ToHoMH9EtKi0x5QFP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLnDuxdaQ25E3L1JP27qY0ORQeRn7J1kTgKHX4fLMrfLVjkwCo27S5ZaBbOoCeoc_yEoe4qF2KvkD7ToHoMH9EtKi0x5QFP&google_hm=MzI3NDM0MDIxNjc4NzE5OTc3Nw%3D%3D

Request Chain 163

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELJtBha0E0Yp4q_w2lnyreE&google_cver=1&google_push=AYg5qPIBjClHtHovUm4zEF7wY3xN2GqkwT_caAtvLuzVls3Y2JBXKCYUHzr5EV0_nYstMmk9vW1Qny8GTztnMtoY82660aer6Dva HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=OL8ZP9ZERItV0hju5gbesMPy1eU&google_push=AYg5qPIBjClHtHovUm4zEF7wY3xN2GqkwT_caAtvLuzVls3Y2JBXKCYUHzr5EV0_nYstMmk9vW1Qny8GTztnMtoY82660aer6Dva

Request Chain 164

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPI7jXJIDcWgPIrIbrhkkq9rnnbGmAJy2W2Bu1Zs7tnRJpQ_LMftKj5b7R6gftam9eEOCJZ-_Br5W1dVYpTy76SVKtAS_rtu%26google_hm%3D%5BUID%5D&google_gid=CAESEDreHVzEX5Ph0FFgzmPOpIo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPI7jXJIDcWgPIrIbrhkkq9rnnbGmAJy2W2Bu1Zs7tnRJpQ_LMftKj5b7R6gftam9eEOCJZ-_Br5W1dVYpTy76SVKtAS_rtu&google_hm=3cacb158-8401-48b7-8f98-35c68bff49f9

Request Chain 167

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEDId5CVfxEf25F5hjLwrZo8&google_cver=1&google_push=AYg5qPJ2DZuMTMKKpmBBa0PyxkGEgBkMCDzEvkdPMHJX_9ebL_G9TfDG4ot1vBtz_7rz-eMKaa_TcDc361WEsQWTu0z54-4V5kU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJ2DZuMTMKKpmBBa0PyxkGEgBkMCDzEvkdPMHJX_9ebL_G9TfDG4ot1vBtz_7rz-eMKaa_TcDc361WEsQWTu0z54-4V5kU&google_hm=ODU5NjEzNTEyNTIyNTgxMjAzMw== HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 169

https://d5p.de17a.com/cookies/google?google_gid=CAESEOhfTzCim2n0r6pHnUwEbL0&google_cver=1&google_push=AYg5qPKKqTi-FYek1HbzWGKHdVVJOvjM9tmeDH7Y1YABo8oP2bl7UqFmbxNQISIizNjLDeg7zpZjHqjqhHNP5YrF_1JSOhym-p0 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOhfTzCim2n0r6pHnUwEbL0&google_cver=1&google_push=AYg5qPKKqTi-FYek1HbzWGKHdVVJOvjM9tmeDH7Y1YABo8oP2bl7UqFmbxNQISIizNjLDeg7zpZjHqjqhHNP5YrF_1JSOhym-p0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKKqTi-FYek1HbzWGKHdVVJOvjM9tmeDH7Y1YABo8oP2bl7UqFmbxNQISIizNjLDeg7zpZjHqjqhHNP5YrF_1JSOhym-p0

Request Chain 170

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENmniPKIFOlzgj6khdikWKo&google_cver=1&google_push=AYg5qPJOsI-sUT0y2I6xKpOKsoU26lYdpcCBljWv0AsmA5BIcb3ebbTuqnQZ2eqpVPDwpT1xrhni0Wl9dZtVyW8QO32P5Wu1etQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENmniPKIFOlzgj6khdikWKo&google_cver=1&google_push=AYg5qPJOsI-sUT0y2I6xKpOKsoU26lYdpcCBljWv0AsmA5BIcb3ebbTuqnQZ2eqpVPDwpT1xrhni0Wl9dZtVyW8QO32P5Wu1etQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=h9lEPmpMReuPm4G2aVgKcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOsI-sUT0y2I6xKpOKsoU26lYdpcCBljWv0AsmA5BIcb3ebbTuqnQZ2eqpVPDwpT1xrhni0Wl9dZtVyW8QO32P5Wu1etQ

Request Chain 171

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELyTEsUW5RHaG7B9C8BFSos&google_cver=1&google_push=AYg5qPJTAOvrOn1UTCBWzLEcILaPtOaHiwDUonU8nE9FEpTyPY-pOWI7ThdgKStyyA7fOltInklc9A0nB_O3IKLal6bRjzrCyVE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPJTAOvrOn1UTCBWzLEcILaPtOaHiwDUonU8nE9FEpTyPY-pOWI7ThdgKStyyA7fOltInklc9A0nB_O3IKLal6bRjzrCyVE&google_hm=WVFRT2FNQ284WGtBQUoudDZFUUFBQUFB

Request Chain 173

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHes_xZplTuPIz2oHuqvHEs&google_cver=1&google_push=AYg5qPJtSUB9Qzr58Zju7NgZ3nW9yVf25DPVmUNP3lao4mh4zIt9WpYiW-83ubyd213qPoSoKdQfexBWuZ1S3rz7av4qlcXX3SUZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJtSUB9Qzr58Zju7NgZ3nW9yVf25DPVmUNP3lao4mh4zIt9WpYiW-83ubyd213qPoSoKdQfexBWuZ1S3rz7av4qlcXX3SUZ&google_hm=MTExMzQyODE0MDQ3ODA4MjA3Ng==

Request Chain 181

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFImLCSHY7uJvl7ai7csJ-o&google_cver=1&google_push=AYg5qPJHYsH6HbW1guh8pqL4cRO3dUXTSpxQz-3AD_X2ifx-KvyupJJbPjTopzn78umqayo5QhjsQwpmEyrWsLEWKPOkztBwTVA HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEFImLCSHY7uJvl7ai7csJ-o&google_cver=1&google_push=AYg5qPJHYsH6HbW1guh8pqL4cRO3dUXTSpxQz-3AD_X2ifx-KvyupJJbPjTopzn78umqayo5QhjsQwpmEyrWsLEWKPOkztBwTVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=IP62xzRsTu-I-AhnZYf43WEEDmg

Request Chain 182

https://fksnk.com/cs/google?google_gid=CAESELqZy_OOL9pfWCo6fxMDkk4&google_cver=1&google_push=AYg5qPKNyTLu97yKQWWjVivhGc8FqjxcZba5Ovu2iysMPBmwWngWS85w_QuUvNyJUCzyopKuGzg49mrhIpxAar3fpDkIaFZkWA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Rjg1NDY0RjkyMTE1NTkzQQ==

Request Chain 183

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEFb8dvZzs3VI6ReR3IOCYiM&google_cver=1&google_push=AYg5qPL_OAL2kECsyqGf9lkHaPLfI-TXJpyLMcqKJhTRgOAtyFmfK7vGlJQ3KlIPsICQBZkFRZLZ2PvPlm1u81dQkTUsrJGhcNo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPL_OAL2kECsyqGf9lkHaPLfI-TXJpyLMcqKJhTRgOAtyFmfK7vGlJQ3KlIPsICQBZkFRZLZ2PvPlm1u81dQkTUsrJGhcNo

Request Chain 184

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC_Sdts5Cf0FXmwWlhoHgY4&google_cver=1&google_push=AYg5qPI4Zat1cVhE65mmvDx2lAnFSHBl3UnaAS2ol7ppKVehMC_F_WMtVj_Plwg-5eoK-CLfqGs64gVebp_N6sUyU9nt0U0UpDc HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEC_Sdts5Cf0FXmwWlhoHgY4&google_cver=1&google_push=AYg5qPI4Zat1cVhE65mmvDx2lAnFSHBl3UnaAS2ol7ppKVehMC_F_WMtVj_Plwg-5eoK-CLfqGs64gVebp_N6sUyU9nt0U0UpDc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI4Zat1cVhE65mmvDx2lAnFSHBl3UnaAS2ol7ppKVehMC_F_WMtVj_Plwg-5eoK-CLfqGs64gVebp_N6sUyU9nt0U0UpDc&google_hm=flsTi_XrTPKca-bhTN5eRw==

Request Chain 185

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENmniPKIFOlzgj6khdikWKo&google_cver=1&google_push=AYg5qPJZAJDrN_GW4KA291DGd10jMclMx7x_Y4TtLzcs6pLdJ06a4dY4HPbZDy2lTB-E_Q3wcQ_s2m_9OKJWAbP-nwKE_JCOEw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENmniPKIFOlzgj6khdikWKo&google_cver=1&google_push=AYg5qPJZAJDrN_GW4KA291DGd10jMclMx7x_Y4TtLzcs6pLdJ06a4dY4HPbZDy2lTB-E_Q3wcQ_s2m_9OKJWAbP-nwKE_JCOEw&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W0DOwWgdRV-4-eZCrm_laQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJZAJDrN_GW4KA291DGd10jMclMx7x_Y4TtLzcs6pLdJ06a4dY4HPbZDy2lTB-E_Q3wcQ_s2m_9OKJWAbP-nwKE_JCOEw

Request Chain 186

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMHNNodqH_1_neJ_-FtL2dg&google_cver=1&google_push=AYg5qPK6kczhxLxJo6P80hPLHMOxEUps7EKfIlGXlcJXmX19fvbdaNMb7CGIq7GtAm7ItQ-eIlNn7oBUgA1Epj68hhhY1vO0JQ HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-2b9f819d-7811-447b-b2ee-294c77bc9d9e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK6kczhxLxJo6P80hPLHMOxEUps7EKfIlGXlcJXmX19fvbdaNMb7CGIq7GtAm7ItQ-eIlNn7oBUgA1Epj68hhhY1vO0JQ%26google_hm%3DAyufgZ14EUR7su4pTHe8nZ4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6kczhxLxJo6P80hPLHMOxEUps7EKfIlGXlcJXmX19fvbdaNMb7CGIq7GtAm7ItQ-eIlNn7oBUgA1Epj68hhhY1vO0JQ&google_hm=AyufgZ14EUR7su4pTHe8nZ4

Request Chain 271

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627655785944-950044584672-006831-001-008598%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1627655785944-950044584672-006831-001-008598%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1627655785944-950044584672-006831-001-008598&biddername=55&key=941476052173524522

Request Chain 276

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627655786029-952045205672-007338-011-002912%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1627655786029-952045205672-007338-011-002912%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1627655786029-952045205672-007338-011-002912&biddername=55&key=4765506916091213428

346 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.123greetings.com/ 35 KB
9 KB 503ms
123ms Document
text/html 184.72.244.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

b9c276d17cd99e5b75efce93d31c06708f643a69a931ff03417c5defec0774bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.123greetings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 14:28:19 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8520
Cache-Control: max-age=900
Content-Encoding: gzip
ETag: "8db9-5c85802128a40"
Last-Modified: Fri, 30 Jul 2021 14:26:41 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
X-FRAME-OPTIONS: SAMEORIGIN
Expires: Fri, 30 Jul 2021 14:43:19 GMT
Age: 482
Accept-Ranges: bytes
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

GET
H/1.1 200
OK home_R1.css
c.123g.us/css/ 15 KB
4 KB 184ms
69ms Stylesheet
text/css 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/home_R1.css
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1d44594c1739a91182d57a302cf6345f311a73a9dfd2b2a28b6a22d6488f490b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 14:40:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Aug 2019 12:56:58 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1295723
ETag: "3a7f-59104b0f07a80"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3305
jake_test: Test_Pass
Expires: Thu, 15 Jul 2021 14:56:00 GMT

GET
H/1.1 200
OK 343932_th.jpg
i.123g.us/c/ejul_nationalcheesecake_day/th/ 6 KB
7 KB 205ms
43ms Image
image/jpeg 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_nationalcheesecake_day/th/343932_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b30943412da7b8f4522bd34237726176c9803d041bfd45108d7e0126653eb5b2

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Jul 2021 15:04:23 GMT
Last-Modified: Wed, 22 Jul 2020 12:24:58 GMT
Server: Apache/2.2.15 (CentOS)
Age: 84719
ETag: "199c-5ab06d3f8ba80"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6556
jake_test: Test_Pass
Expires: Thu, 29 Jul 2021 18:53:30 GMT

GET
H/1.1 200
OK 302394_th.jpg
i.123g.us/c/eaug_friendshipday_happy/th/ 3 KB
4 KB 195ms
35ms Image
image/jpeg 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_friendshipday_happy/th/302394_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d92c23d837d0a43d259a4b2ab98f3c90c136864041dcf32cd796c9b033e1fe05

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Jul 2021 13:39:18 GMT
Last-Modified: Mon, 24 Feb 2014 08:23:57 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2249824
ETag: "d6a-4f322b15de140"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3434
jake_test: Test_Pass
Expires: Wed, 07 Jul 2021 07:55:33 GMT

GET
H/1.1 200
OK 328683_th.gif
i.123g.us/c/ejan_danceday/th/ 8 KB
8 KB 194ms
34ms Image
image/gif 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_danceday/th/328683_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4fcabe564a32362410ea257ffed7fc5402e8de23ceac61a14da3fbfa83f4c2d9

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 11:38:12 GMT
Last-Modified: Wed, 19 Apr 2017 13:09:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1738690
ETag: "1ffb-54d84bb2f14c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8187
jake_test: Test_Pass
Expires: Sat, 10 Jul 2021 11:53:12 GMT

GET
H/1.1 200
OK 118964_th.gif
i.123g.us/c/ejul_livebetterday/th/ 7 KB
8 KB 194ms
35ms Image
image/gif 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_livebetterday/th/118964_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9f30a8297674d78bd47fac36fa34aaef5931f9553bedb23f69a224c059c9466b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Jul 2021 13:42:20 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1385642
ETag: "1dac-4f323d9e65b00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7596
Expires: Wed, 14 Jul 2021 13:58:39 GMT

GET
H/1.1 200
OK 343967_th.jpg
i.123g.us/c/ejul_nationalcheesecake_day/th/ 6 KB
6 KB 198ms
37ms Image
image/jpeg 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_nationalcheesecake_day/th/343967_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: dc4a1a64707f81bcfa441704bf8ecf56c6b5829125afa38c4f25d6b2cbe99a73

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 13:43:38 GMT
Last-Modified: Sat, 25 Jul 2020 06:36:28 GMT
Server: Footprint Distributor V6.1.1162
Age: 3164
ETag: "178a-5ab3e4f299300"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6026
jake_test: Test_Pass
Expires: Fri, 30 Jul 2021 13:58:38 GMT

GET
H/1.1 200
OK 302388_th.jpg
i.123g.us/c/eaug_friendshipday_happy/th/ 3 KB
4 KB 78ms
34ms Image
image/jpeg 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_friendshipday_happy/th/302388_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b60ae1f30b4f5377d15512f826fb28e272b722060a600e8e000232344c02840d

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 04 Jul 2021 20:33:19 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:47 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2224983
ETag: "ca7-4f323d27301c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3239
jake_test: Test_Pass
Expires: Tue, 06 Jul 2021 14:14:01 GMT

GET
H/1.1 200
OK 333085_th.jpg
i.123g.us/c/birth_fun/th/ 4 KB
5 KB 34ms
33ms Image
image/jpeg 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/birth_fun/th/333085_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7646eb28d5b7374f6d7ce43923cfb7808838ede19668494186a9ceca32fce9dd

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 07 Jul 2021 08:05:49 GMT
Last-Modified: Wed, 14 Feb 2018 07:13:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2010633
ETag: "11ed-56526d918d840"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4589
jake_test: Test_Pass
Expires: Mon, 19 Jul 2021 10:18:41 GMT

GET
H/1.1 200
OK 116860_th.gif
i.123g.us/c/anniv_wedanniv_couple/th/ 8 KB
8 KB 36ms
34ms Image
image/gif 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/anniv_wedanniv_couple/th/116860_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 17304da0f1ff5292f9b4a4ab0a88c6639ba653d2128a11be10c47e5def381855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 10:21:26 GMT
Last-Modified: Mon, 24 Feb 2014 09:36:03 GMT
Server: Apache/2.2.15 (CentOS)
Age: 15296
ETag: "1fbf-4f323b33766c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8127
jake_test: Test_Pass
Expires: Fri, 30 Jul 2021 10:47:11 GMT

GET
H/1.1 200
OK 344177_th.gif
i.123g.us/c/birth_happybirthday/th/ 8 KB
8 KB 40ms
37ms Image
image/gif 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/birth_happybirthday/th/344177_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e01b853362aea176912a44877a8c29edd3bca5ef9122cb579f23db3c7056a6ad

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 19:30:40 GMT
Last-Modified: Tue, 25 Aug 2020 12:12:05 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1710342
ETag: "1e83-5adb29c806f40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7811
jake_test: Test_Pass
Expires: Tue, 13 Jul 2021 13:38:20 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/e8pv2PUJL9w/ 4 KB
4 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/e8pv2PUJL9w/default.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6cee3305c56c517e5cf163a31e946fba7b7d65c49724832ecbcae3b84d5cb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:22 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1622519405"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4007
x-xss-protection: 0
expires: Fri, 30 Jul 2021 16:36:22 GMT

GET
H/1.1 200
OK 347623_th.jpg
i.123g.us/c/gen_morning/th/ 6 KB
6 KB 38ms
33ms Image
image/jpeg 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/gen_morning/th/347623_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0c8c05bf9d6a5f3d9ba5dd3df2bd94f473f130d1fb8fe99d94cbad0bbb7194ef

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 13:28:51 GMT
Last-Modified: Fri, 30 Jul 2021 13:02:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 4051
ETag: "179b-5c856d338a200"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6043
jake_test: Test_Pass
Expires: Fri, 30 Jul 2021 13:43:51 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/pSw7ztJnpbE/ 2 KB
2 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/pSw7ztJnpbE/default.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d5cb8944f751d50e27c4ebad68c8a42b59248c85acc7cc5c4c9060c38decdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:22 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1627521827"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2407
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:41:22 GMT

GET
H/1.1 200
OK cal_block.gif
i.123g.us/images/special_block/ 21 KB
21 KB 63ms
38ms Image
image/gif 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/images/special_block/cal_block.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4545946e62b8e831756006b646fbf7e97b5fb8b85e52b625bdcc8b5d83745eb2

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 05 Jul 2021 06:25:03 GMT
Last-Modified: Mon, 05 Jul 2021 06:17:07 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2189479
ETag: "5268-5c65a41367ec0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21096
jake_test: Test_Pass
Expires: Mon, 05 Jul 2021 06:40:24 GMT

GET
H/1.1 200
OK jquery.js Show response
c.123g.us/js2/ 92 KB
33 KB 153ms
39ms Script
text/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 15:41:34 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2069687
ETag: "16f3a-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33449
jake_test: Test_Pass
Expires: Tue, 06 Jul 2021 15:56:34 GMT

GET
H/1.1 200
OK jquery.ajax_autocomplete.js Show response
c.123g.us/js2/ 32 KB
10 KB 398ms
284ms Script
text/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 03:25:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 08:18:53 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2459475
ETag: "7f11-5b19d2e943540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9770
jake_test: Test_Pass
Expires: Fri, 02 Jul 2021 07:36:50 GMT

GET
H/1.1 200
OK swfobject.js Show response
c.123g.us/js2/ 10 KB
4 KB 151ms
30ms Script
text/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/swfobject.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 07:17:57 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 371904
ETag: "261f-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3868
jake_test: Test_Pass
Expires: Mon, 26 Jul 2021 07:32:59 GMT

GET
H/1.1 200
OK 123g_utils_v1.js Show response
c.123g.us/js2/ 123 KB
30 KB 158ms
37ms Script
text/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_utils_v1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 24 Jul 2021 10:39:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Jun 2021 12:51:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 532595
ETag: "2c3d8-1ed3a-5c3f026148680"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30667
jake_test: Test_Pass

GET
H/1.1 200
OK hpmain.js Show response
c.123g.us/js2/ 4 KB
2 KB 161ms
30ms Script
text/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/hpmain.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: df593244193c3cf046b26a486cc6d9b03d94406e3ace812307bdc3d9e0e54b9d

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 09:33:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2020 13:13:26 GMT
Server: Apache/2.2.15 (CentOS)
Age: 363744
ETag: "e33-5b05f6e82c980"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1217
jake_test: Test_Pass
Expires: Mon, 26 Jul 2021 09:48:58 GMT

GET
H/1.1 200
OK rakpanel.js Show response
c.123g.us/js2/ 3 KB
2 KB 29ms
29ms Script
text/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/rakpanel.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 06 Jul 2021 15:41:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Aug 2018 13:50:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2069687
ETag: "2c3eb-d4c-57300e738b200"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1626
jake_test: Test_Pass

GET
H/1.1 200
OK jquery.bxslider_new.js Show response
c.123g.us/js2/ 20 KB
5 KB 31ms
30ms Script
text/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.bxslider_new.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 14:49:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1036029
ETag: "50ba-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5210
jake_test: Test_Pass
Expires: Sun, 18 Jul 2021 15:05:51 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
49 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d77db41dc4c7b8c130a5569ce570646d824303b3909cbfc8767a5c513b4c9140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49341
x-xss-protection: 0
server: cafe
etag: 5430280584477430018
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 14:36:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

53b20b51e8583144335e72a9e6a1fbdb9039642d40a70659e5bdb3ca1ff43982

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40465
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 30 Jul 2021 14:36:22 GMT

GET
H/1.1 200
OK styleopt_R1.css
c.123g.us/css/ 80 KB
16 KB 36ms
36ms Stylesheet
text/css 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/styleopt_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/home_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796

Request headers

Referer: https://c.123g.us/css/home_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 16 Jul 2021 04:05:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 11:38:41 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1247435
ETag: "246a9-13f87-5c36251415240"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16152
jake_test: Test_Pass

GET
H/1.1 200
OK modal_window_R1.css
c.123g.us/css/ 33 KB
7 KB 32ms
31ms Stylesheet
text/css 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/modal_window_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/home_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Referer: https://c.123g.us/css/home_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Jul 2021 07:18:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 09:39:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 631085
ETag: "8220-5a7b79d367980"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6727
jake_test: Test_Pass
Expires: Fri, 23 Jul 2021 07:33:21 GMT

GET
H/1.1 200
OK 123g_master_bg.png
c.123g.us/images/ 145 B
439 B 29ms
28ms Image
image/png 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_bg.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 18 Jul 2021 21:17:28 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:45 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1012734
ETag: "9d001-91-54a227b81c940"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
jake_test: Test_Pass

GET
H/1.1 200
OK master_img_menu.png
c.123g.us/images/ 6 KB
6 KB 31ms
30ms Image
image/png 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_img_menu.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Jul 2021 12:06:42 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 700180
ETag: "1861-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6241
jake_test: Test_Pass
Expires: Tue, 27 Jul 2021 09:26:34 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
140 KB 39ms
39ms Image
image/png 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 19 Jul 2021 14:03:59 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 952343
ETag: "9d05a-230cb-5979e1b2b4200"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass

GET
H/1.1 200
OK big_img_sprite.png
c.123g.us/images/ 134 KB
134 KB 33ms
33ms Image
image/png 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/big_img_sprite.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:33:30 GMT
Last-Modified: Wed, 11 Sep 2019 08:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2469772
ETag: "21653-59242fbe2e0c0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136787
jake_test: Test_Pass
Expires: Fri, 02 Jul 2021 00:48:41 GMT

GET
H/1.1 200
OK master_icon_set_2.png
c.123g.us/images/ 88 KB
88 KB 33ms
33ms Image
image/png 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 06:34:22 GMT
Last-Modified: Tue, 16 Feb 2021 07:04:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1756920
ETag: "9cb9c-15fce-5bb6eb68c54c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90062
jake_test: Test_Pass

GET
H/1.1 200
OK master_icon_set.png
c.123g.us/images/ 93 KB
93 KB 38ms
37ms Image
image/png 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/home_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4

Request headers

Referer: https://c.123g.us/css/home_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 15:42:35 GMT
Last-Modified: Wed, 03 Jan 2018 10:30:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1551227
ETag: "17326-561dcb51f9ac0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95014
jake_test: Test_Pass
Expires: Fri, 16 Jul 2021 12:56:50 GMT

GET
H/1.1 200
OK request.js Show response
trkn.us/info/ 2 KB
1 KB 465ms
117ms Script
application/javascript 52.54.0.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8023454095.8385315

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.0.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-0-202.compute-1.amazonaws.com

Software

Apache /

Resource Hash

64bfd4b4cf2c3da2f06ef2aca3385e95f597a1beb38c3c627b9d73794536cac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 733
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H/1.1 200
OK addressbook.js Show response
c.123g.us/js2/ 400 KB
76 KB 38ms
37ms Script
text/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/addressbook.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9ec7a2c23d14eb76c0f5bac272f9a01b2a70c489a9908efdd3e3355b2d9da0d6

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 13 Jul 2021 00:25:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Jun 2021 04:58:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1519862
ETag: "2c7db-63e59-5c553a3f122c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77163
jake_test: Test_Pass

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 70 KB
25 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae1a0191fae972853eb51cd108ad9cc0c7a4b816881cc2bc3e1ad591a6cf0c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "944 / 589 of 1000 / last-modified: 1627643476"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24682
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:22 GMT

GET
H/1.1 200
OK 123g_mantle.json Show response
x.123g.us/json/ 2 KB
3 KB 143ms
31ms XHR
application/json 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/123g_mantle.json
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c8ebd21203a56bd30a0de6311a4650f352edc0fc91264153a36b688ce77719f4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 14:16:04 GMT
Last-Modified: Fri, 30 Jul 2021 14:02:14 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1218
ETag: "97a-5c857aaa1e580"
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2426
jake_test: Test_Pass
Expires: Fri, 30 Jul 2021 14:33:49 GMT

GET
H/1.1 200
OK closeBtn_h.png
c.123g.us/images/ 1 KB
1 KB 29ms
29ms Image
image/png 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/closeBtn_h.png
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 13:29:33 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 263209
ETag: "42a-54da7c7a66000"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1066
jake_test: Test_Pass
Expires: Tue, 27 Jul 2021 13:45:11 GMT

GET
H/1.1 200
OK mantle_loader.gif
c.123g.us/images/ 2 KB
2 KB 30ms
30ms Image
image/gif 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/mantle_loader.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b91d59c4bdd90f11c17f875ae27b15c1efe83d42182702f51570fcc2063fd24

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 19:00:48 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1280134
ETag: "855-54da7c7b5a240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2133
jake_test: Test_Pass
Expires: Thu, 15 Jul 2021 19:20:10 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/ 250 KB
93 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92704f0026adca12f0fd6fca2cfcf6849d465c18126b13527cab79d4a668c9a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95279
x-xss-protection: 0
server: cafe
etag: 1002108113196412170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Jul 2021 14:36:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210728/r20190131/ Frame 327C 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210728/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210728/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Jul 2021 01:35:11 GMT
expires: Fri, 13 Aug 2021 01:35:11 GMT
content-type: text/html; charset=UTF-8
etag: 4389807852502320046
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 46871
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4678
date: Fri, 30 Jul 2021 13:18:24 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 30 Jul 2021 15:18:24 GMT

GET
H2 200 pubads_impl_2021072901.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
114 KB 109ms
40ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Jul 2021 08:44:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116135
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:22 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 414 B
844 B 102ms
37ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e91e7d4b434bf577e8f9f0fef4a45ab94c41fd0493ff9e760bcd398732f6fdc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:22 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1784622142&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2F&ul=en-us&de=UTF-8&dt=Free%20Greeting%20cards%2C%20Wishes%2C%20Ecards%2C%20Birthday%20Wishes%2C%20Funny%20Cards%20%26%20Gifs%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=69153179&gjid=1657440792&cid=1512183023.1627655782&tid=UA-5085183-1&_gid=791825691.1627655782&_r=1&gtm=2ou7s0&z=2129341544

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 201 B
528 B 30ms
30ms Script
text/javascript 67.27.233.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:39:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 244583
ETag: "c9-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
jake_test: Test_Pass
Expires: Tue, 27 Jul 2021 18:55:01 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
662 B 115ms
49ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f266d83bb90cd4612e9a79fba1c16e31a87ffb70b05a41f1951aeeee301a9db3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2F&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 34ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BB3A 0
19 B 63ms
61ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1627655201&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627655782297&bpp=2&bdt=436&idt=72&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1472149154083&frm=20&pv=2&ga_vid=1512183023.1627655782&ga_sid=1627655782&ga_hid=1784622142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060031%2C20211866%2C31062064&oid=3&pvsid=2429459478161788&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=88

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1627655201&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1627655782297&bpp=2&bdt=436&idt=72&shv=r20210728&mjsv=m202107290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1472149154083&frm=20&pv=2&ga_vid=1512183023.1627655782&ga_sid=1627655782&ga_hid=1784622142&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C31060031%2C20211866%2C31062064&oid=3&pvsid=2429459478161788&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=88
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Jul 2021 14:36:22 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Jul-2021 14:51:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Jul 2021 14:36:22 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eca48824a13b12bd6503bda806b0a66f2b0810fdc90796c0e763c3f934cee5a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472111755377"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
90 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-5085183-1&cid=1512183023.1627655782&jid=69153179&gjid=1657440792&_gid=791825691.1627655782&_u=YEBAAUAAAAAAAC~&z=519278064

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 30 Jul 2021 14:36:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK eaug_friendshipday_happy_mtl_01.jpg
i.123g.us/c/eaug_friendshipday_happy/mtl/ 25 KB
25 KB 41ms
41ms Image
image/jpeg 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_friendshipday_happy/mtl/eaug_friendshipday_happy_mtl_01.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 65364950e02af5a054532e0c6b5b188e2d1074f1b91b52de1aecdd2f8b891ae5

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 05:33:46 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:42 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1587756
ETag: "621d-4f323d226b680"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25117
jake_test: Test_Pass
Expires: Fri, 16 Jul 2021 14:47:15 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 125 KB
24 KB 927ms
891ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2429459478161788&correlator=1726113406974142&output=ldjh&impl=fifs&eid=31062030%2C31062052%2C31062077%2C20211866%2C31062064&vrg=2021072901&ptt=17&sc=1&sfv=1-0-38&ecs=20210730&iu_parts=46400095%2CDesktopWeb_Homepage_LB%2CDesktopWeb_Homepage_Mrec%2CDesktopWeb_Homepage_LMrec1%2CDesktopWeb_Homepage_LMrec2%2CDesktopWeb_Homepage_LMrec3%2CDesktopWeb_Homepage_Video%2CDesktopWeb_Homepage_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1x1%2C1x1&cust_params=site%3D123greetings.com%26section%3Dhome%26page%3Dhomepage&cookie=ID%3D0fd88b45498770ea-22eac04b7bc90083%3AT%3D1627655782%3ART%3D1627655782%3AS%3DALNI_MYDHeNqMhK4s62fhdOc7-H28TQBQA&bc=31&abxe=1&lmt=1627655201&dt=1627655782558&dlt=1627655781862&idt=658&frm=20&biw=1600&bih=1200&oid=3&adxs=560%2C970%2C332%2C650%2C968%2C310%2C310&adys=47%2C208%2C1562%2C1562%2C1562%2C2001%2C1443&adks=2032713241%2C2007386566%2C3432605083%2C3556053958%2C327677147%2C846720090%2C4041757002&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.123greetings.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90%7C320x262%7C980x301%7C980x301%7C980x301%7C983x1993%7C980x0&msz=728x90%7C300x250%7C314x264%7C314x264%7C314x264%7C980x0%7C980x0&ga_vid=1512183023.1627655782&ga_sid=1627655782&ga_hid=1784622142&ga_fc=false&fws=4%2C4%2C0%2C0%2C0%2C0%2C0&ohw=728%2C300%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8062c22768af33db3d700d0b88ecdd9491bb1be33f78b1e242560af1c018633b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24346
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,5501288042,5461263814
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,138326033967,138321279906
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9034 6 KB
3 KB 46ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 14:36:22 GMT
expires: Sat, 30 Jul 2022 14:36:22 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

/
trkn.us/info/
Redirect Chain

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8023454095.8385315&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8023454095.8385315&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible&ip=195.242.213.229&cuidchk=1

42 B
780 B

117ms
117ms

Image
image/gif

52.54.0.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8023454095.8385315&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible&ip=195.242.213.229&cuidchk=1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.0.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-0-202.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:22 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Fri, 30 Jul 2021 14:36:22 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8023454095.8385315&ref=https%3A%2F%2Fwww.123greetings.com%2F&dvis=visible&ip=195.242.213.229&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 43ms
29ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210728&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2a0de9cd500f168c39c066ce781cab396b388cc839d4ba096621e05556d1011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8563
x-xss-protection: 0

GET
H/1.1 200
OK eaug_friendshipday_happy_mtl_01.jpg
i.123g.us/c/eaug_friendshipday_happy/mtl/ 25 KB
25 KB 34ms
34ms Image
image/jpeg 8.253.95.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/eaug_friendshipday_happy/mtl/eaug_friendshipday_happy_mtl_01.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 65364950e02af5a054532e0c6b5b188e2d1074f1b91b52de1aecdd2f8b891ae5

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 05:33:46 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:42 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1587757
ETag: "621d-4f323d226b680"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25117
jake_test: Test_Pass
Expires: Fri, 16 Jul 2021 14:47:15 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:23 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2450 12 KB
5 KB 22ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 30 Jul 2021 14:03:42 GMT
expires: Sat, 30 Jul 2022 14:03:42 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 96C7 783 B
778 B 21ms
20ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5f6725d97f06942e257d6d2b4b1e4fa995125639d493272334b7029c992a016

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bmvJ10JlIcixxtkXpwAEDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

expires: Fri, 30 Jul 2021 14:36:23 GMT
date: Fri, 30 Jul 2021 14:36:23 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-bmvJ10JlIcixxtkXpwAEDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 2450 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 11:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 11:59:54 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210728&jk=2429459478161788&bg=!oqGloeXNAAals0SOpbM7ACkAdvg8WmekHUPkjIMUCuuhRIy0TnesnIIqR6JhGTKaaGDC7Z5O8uQvCQIAAABiUgAAAAxoAQcKAJZbvigFGAmdiKTOaq7pDrW3nmWq53rnmViHUusLZvoeGsxBSlD4qDfkZFJhAz71NqH9To72p3lwY9lYl3_SB8O9iuJTw_ynAadNv278PT5Pwtve601echXUhJ2YjY9vDsEX5UZXi8vr3P0Y-Vj3lrUD1Yb1APussQ6rb94lQ7Zb--IauLJXN9rWSRIlIL92yBEt6kou-ciZAnsIAlCeOgtxPII_ptHdoSpfAxV7xHqZhB5UpEzhOI4Qr29J2YHwVZKVEP-spXXTYBnA4vkh_90BLHN9rpthoZIOvm2mKUaoRiiXBij6glaZTXbU7PlsQRRfYTiVLPFgRoVrxWgbpYMw0CKGTEPEBlEQ7Y-PXfltpuWDD3PV8841BeMdIkaQQy-h-763qyxPGBsIy44OBMzr013B0dED9zDJKlYq0NdQWw8P4xjojVUA_bFrl4-xNaVgZ8LQ_XB7YHOGREvw6fk1nxbv-MMpMnJx-bOz2z-9FY06o6bdOgHGNgIO3OXluQDjpL8Lp_d246BsAdWtdR1x8phXqni6ukh2eaEIrZEM7727lEHAzGU__s3TdNmFRhZKoGZFoyA0oh4r6LGxoekLOkauYdYYgYYpZa9RFHuzeo10v_vVHIMJYz2uQ1BxYdF5CAUqJ8qOrnYngjit60Ouxgpb0fx_dckRBuTOFRj9FMV9CLbAcZcKHNwkBkGB3oiwvYLJNRZRnng9bpDxRAG0lcvA7S9j8p_DUSl-pSfBKLE9p87fGKqR-da9xraFtLJ5JRc47zNdOzMk0-CsjD1xx1IJq-buUyzpjqxJ1fkIdH1DHBD4ZFP27tHXLXW9F-IWjydKBgAyxFZEN__0O5wz5amlXLIxx9QA8tBCD-R66jeb6GScQPQrvrNYW2CzUXEhjeyX-E60_3JdxW1y_wbAooLukYYULvoXXkqnAb_PcpV8Ir_lP07SM5QXVfHnCApH5T4g7PpOmBpjd45lujStEgU8x4aFR7XEDvtr0GTvW3m09rmgzZ63tDQGxQpWfxmbyxCZtVsWI4wjhPdp8Z1b8jA0Hw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E7E 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 14:36:22 GMT
expires: Sat, 30 Jul 2022 14:36:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E44D 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 14:36:22 GMT
expires: Sat, 30 Jul 2022 14:36:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0BC7 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 14:36:22 GMT
expires: Sat, 30 Jul 2022 14:36:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7786 6 KB
3 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 14:36:22 GMT
expires: Sat, 30 Jul 2022 14:36:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B676 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 30 Jul 2021 14:36:22 GMT
expires: Sat, 30 Jul 2022 14:36:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1234 0
0 66ms
65ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQpJwmaoks5p1p1VEEPgWo88NL8E5v5mZa5zZ5gFKY5WFsFiEkWJ45l9LEuyojGUyn6ddUkOOst_7DCNb_VHoGngF-DknrISNyHQwDVmuPVzfum24GO3zaqBIhkYDUWwZUUXn-25qR52G0JxQKFouVj3d9A-pcMYYY-zb3FT2ld63LUuhJPut4Y0D-CgkP-qPVa2M2jRaK9i04BP78xQJfjTGPQq6jdNvoOmxDCt9-xG45XTHetUIp6-vtFXs5WrlzFOCn4pyCANKDVn6oryBq6v1qEyp6sKW6Jiwa0K5ew0vb7ELCy4A8dA0D_nsoGSeHhJ04LYyAF5guCQ&sig=Cg0ArKJSzB9tRkHVOa6CEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ Frame 1234 31 KB
11 KB 50ms
12ms Script
application/javascript 2600:9000:2190:7400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 42806
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
date: Fri, 30 Jul 2021 02:42:57 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: AJvtuOTp4bt0OXu-Bj3a_yniRV0ECcyoa_KSvKAPASar21yeWITRHg==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1234 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:23 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4116 0
0 69ms
68ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWYncVnwmv7CW2XwpmSJgBphPW_d3wHYGI8sS5PJDCSVj06LJpSLPoh8ktSVVdO5CpQZe8HYj84DgZ7is3cV4Nt_Ay2l_fgdBuMWANFEAhsEMxNR7X-kN7Oj-KaFtZ_BDRYD6vZwRyxhyxJpAi59BjuL0f1Kzq8Bw_6USBl2PA2_2iAnEW15kVsFSNl2hdK5cgFepi-SXq4Tk3rjhce_f9lRs3ToCP7k3QCh88EEMJnyHuAr1NSX71W-9bd7xtD2bM-eKm3vNvIV7gCDNCVcHVb6MJck3e4VZldeZC25RsFdpKKBuArzG1NYIZwqLDN4Ma2cnRqevm1-0U1G1qf_L--oslpw&sig=Cg0ArKJSzH6NB8C4zeZAEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ Frame 4116 31 KB
11 KB 13ms
12ms Script
application/javascript 2600:9000:2190:7400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 42806
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
date: Fri, 30 Jul 2021 02:42:57 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: B1l4zlpQUNG3_dTMZ-U_U4naLyr8IznLAWwGsz_UXR-dzVH2LpQDKw==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4116 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072901.js?31062077

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:23 GMT

GET
DATA 200
OK truncated
/ Frame 1234 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ca223a43320b486f8767f60e348e1450e9b85efc920b1e92ec8893ec4d4c795

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame 4116 25 KB
6 KB 43ms
14ms XHR
text/plain 2600:9000:2190:7400:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddc4cf4776ce693796a056a35fd46319510e20845e500397877494461accf18e

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jul 2021 10:21:07 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:20:25 GMT
server: AmazonS3
age: 15317
etag: W/"88c2069eb48204b33ee6e7abfa91f81b"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: TRXVQC814Z7SIylngbCBKUPWpyYRb3Yz0KbZ9lm5LTePsgD-3KQPKw==
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame 4116 25 KB
6 KB 42ms
14ms XHR
text/plain 2600:9000:2190:7400:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddc4cf4776ce693796a056a35fd46319510e20845e500397877494461accf18e

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jul 2021 10:21:07 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:20:25 GMT
server: AmazonS3
age: 15317
etag: W/"88c2069eb48204b33ee6e7abfa91f81b"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: OHF_NYblcALADS8h7g_Mp0gWmjCrMQfzq2pI1PN-IZFHZMQAo90osw==
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame 1234 25 KB
6 KB 42ms
17ms XHR
text/plain 2600:9000:2190:7400:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddc4cf4776ce693796a056a35fd46319510e20845e500397877494461accf18e

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:20:25 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"88c2069eb48204b33ee6e7abfa91f81b"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-id: YULHU_TTM049dNys92nW2lc1wcMg0qsB5xKEcNWydqin8NUiJi1jHg==
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame 1234 25 KB
6 KB 41ms
16ms XHR
text/plain 2600:9000:2190:7400:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddc4cf4776ce693796a056a35fd46319510e20845e500397877494461accf18e

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:20:25 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"88c2069eb48204b33ee6e7abfa91f81b"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-id: s6wtFTbDLMDJkZlX5sdUERd2YmokKt28hcH6l4r_1dBJ_reXHgbeWw==
via: 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)

GET
DATA 200
OK truncated
/ Frame 4116 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a85791a89d858a4a4ee8547c4c79c9b0ec2b457bdcc26957b8d9b0bca2cb6fb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4116 0
0 107ms
65ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviNONQczGtOaoglv4vPkqKLzAkVNY3fOPSnm9EP1kGZ9ztQyOPGKx3_SNP5kvFwrpP5q1hrZ_2Cns0XA6Ks47ToNSG4MlEFa9OAbQy-tUw3uO26UIp59bawt1j2vo-p6E_FP5IQ1dYNoavABC42njUIYvH0zFPNaUoHLSzfckDINDOMVVrDgZ-7Jq6FlWEeynRv3VGRVmurMlcKLIy69t48Mz1ay5cEt_5AwuGmq5RGaNjZL6MENhmzu999GXEvALojT649-F1ruHiPltkKeswshXXdmcHvIdwxWAP-zrZVppmUIwUleKJRkJ1kYcsyZy7WoWgtFRUfe2-iRxAKd2LG9cTleKf&sig=Cg0ArKJSzIHb-hh8EDoJEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Jul 2021 14:36:23 GMT

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E41C 478 B
251 B 19ms
19ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGO-61JoBMAE&v=APEucNVRS3Edotn7ZRygmwLvAx3fAjQrrUces7pJ3XopEc8000zLnnV74p7vwVTl3Pwosq-fhdUGKj6RMjGHdNv0DoZSquLRSA

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJjjZhCPtKICGO-61JoBMAE&v=APEucNVRS3Edotn7ZRygmwLvAx3fAjQrrUces7pJ3XopEc8000zLnnV74p7vwVTl3Pwosq-fhdUGKj6RMjGHdNv0DoZSquLRSA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmrf0xfJOZNXN_pV5mGNzdLIIjOezaG3wCsT-aGqzAdXUQFeY0xZUIF6t0SGOE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 30 Jul 2021 14:36:23 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9E7E 59 KB
24 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akqy_HXYi4zSPuMrn6zht2XbPzCyi2p3cbUtZ9MVM1pD9W5fP41QgaGq04rNtr97kaEwfhpV47ZDB5eov-t6IW7omKox2UmR3_sCTJDSRDguo1Wd58jwSuVN6w7HcPwlBsdrZZDByLtGp8O6SmK8RHWk24nw&dbm_d=AKAmf-ATp1JiLB4cIbIbTUjdHtPsWFNUm1AAfaO15OLm8oaq247CymkRMtjCvGTOcOE-H5JNcPRwaCp8WU2CW1OObM0HNOpo8U__gJlVVFnxvAw4l5W5-bi8ewrSAP_WAsofQKdzRslbEol7jAS9eICKildZrwclI4Qd42shHidslo_ZpUhxwy-yG6kq1ojIGee4GdGPk9uPDRmrIVjNvW3vjKNcGJRcDWRTDzkmXK9ag7NhoCSc61us1rkv7yxEfLsSGTI2hFvcdCkviX8KgaWytvR2wfFDxUz5W_R0iwgVkti9ijRUvoxSi4fE16ZDbAq2Iy8jWDuPDFO6xit9tT7lndmTnuS9dGjxAtEPR0McBsiwMoo07FQh_HGaZxTVoAZrlqNFXosGliu0fmZwwUEWGeBprvA4v3uaSZKxQBeC1F5t4bAJl1bkisP0nxa1a7JZg4xC8Rui1GHf_c0m_-ihm1xBCwYeeN4ekYys3-XDa6yMo5gTAqH-eXLm_YKK6vteX-IiLNPLCi4Z8tJ_NaLe0ZnKUpy8UQnwqs1a2TnO7ZKqr5U8kH6vVbF97grHidgSDUliX8ypD07OgUBLe4qA-pWJ9YcyZ13SbX8f25NhW1_pNpUQub1SPzK4fT4I8YoLQP7tPnlPL0Nf_aVr2lMqgNRzqOw21hOCg6l4yGkaNGXW7IQgXZkj27jfkd_Irbdz5oWW1fMRwl-0IrWAnfVIazvfuT3qeN97DxOqXcMTEMgeLuxvI8ye_RCC3MecvgGzuIfTdrNX_lIbSmOYUdRLJFd5JkS_yU6uO5ibAsJYKZIvQanjz5wML0Vdbe5TEozFlWcmaL4D6jrXRSbp7I7zKqdMThY6mz9p7HYYCsHxiqD7GF3-JSEyp-izUQbKXmx5HQBvZv620wSO_aU62Am1sHEb1J6cs6YuPxQfHCK4K1AP-gNiQtqWxz-Xevy1EKrtQWrSxjjMTyKkGfN5JwBPbZHozKuK9DU1Wr7j3SXypUN_dfvcjvNFdHZ6igsQUBo2zCJKF12BjlQpAtGx81aAbtKtuLqfqVOA2ckhXkdsruMKlrSLDdcIJtBJc2VhBVzUyEj2ONYbYHMdIBRaU7Qi3obfWzhFPtAvnQE_LJk7yb6aA5ZzrMpLDyeE-R8CRoQuiNakPnOYjz3QoegHG2oh3qTSVO9GL00h3CcmPNl2kBmQ6OCl1EFrzbCKeXtzy0sXLKJ7CYTeXv0KvxkUWO_B1E5sYSD2pXeqDwNjoZ1n0klNje_lpZu5Dj2zz3vPBl0RTJFZZda9oJ6-9h5O-f12pXSNnndkzVwptBdlNyjSRkPaLevdoj6RFhV05-qaf8aaEoOKmNWlZZG_H6Pq4ADklkOFRkKAjkwwfWR0EqjpPGfFyVWTfjdGujfb7gxmqtb0hei-P8SIZu9gI-bym_N4CGjm4jANOXzLsfLJD9tc62ZgplkmYP5KjcE87yzCjjMTt5A3kLYb8GT3p6n4e09UAJPBApMSJ-I0YW6rLH_1lz1272fADpzpc-5Oeb7rB2c4e74FggdcN-IVCuFEzEExe0SzGB1pmLhixBRekXiwS8FIwf2iDcv8EZlZOetqtKNsB9iujBYQGPDx6D5YgYULh9Fuurh0qGNmuB6D9kW-KHC1-qyL0H9jUAP5gbyuQbXtWSm-KZyd8Qtpfa51fLFW1fKlx9JAf5mN5S9PkI5Y_MV4U9ud71N0C69MCyR56AS7Tz-GqV08r2SlpiFPfgKBNI7WeDyqtNRS06qxQEKVLhFTuI0WDYW1qtNI9mOwVx1R_VPnK5fVoAsL7bHFdyU_dQv8pAwyKE-I5PCXM0Lcx4BBCSIwcCXqwQuvYJt9cLMYwQ1J-FzNxFVqh7lEOLhPy5gynykANuTUOpwMEUiFjrOzhK5t5FiCO_PL9wZRKWABx6KlZWCMicnlpKCyC3-hG2JOGKs3OPlwENxI_-rgjIZOeDoD_SrjCWKZ0kRQcxT2bTPlPGTLjiTg2aet-wJDm8CwTO-L1YFX9T6A9Vb0vXF7NBO3xNxUmzlnUKnD0WB-TmcY9zgu-bXqHkA79q4nd4PH1VKbF2tvNraEqb49LWr6RFNKBZcwdDj9pmfuAI9Twf1INyr5vJ0CO53WaM_9Uq_aop0JvZgWU7kfZS6RogHeBdeO_dxUVxpkEBhDEIk9eCiuWfPshnogeUW8lnzavrKjSfuLrDCskV_6mlY8WWCLXzzkel2fbR48Hx_rC_5pFeZR9lXxtI5wtbHuxCpGzegeeHBOvjd0KRyL5pIriASlrMYqelv5rwWF5jL0WYAw3U-uKWjvR_Egv8cJqDgrEZdragt1B61ijYjLucqzI2Xz0cH07_rqXppfESzER-jd_MOR2g4WZkTeP2Z-UbhNIKY4pdg2Eg4uYNtIDgcmuuD7ntILLp7AGbv7SJ_NSa5LRy2qpAiZRuWPh4CTrWxtbvEB3_QkfLk4qjZhsLFw2IhYCxJmbJQBBknp_NkbqzP6_Y2oPCjRnLBuYytwaZHYdvkqdmFWeNm_UKGUwmOpZlYkMPjCrIW9j0SJgSw5U7lX1fclr6dJBTzDR6Q1q2VzJOKpfuNc5ZvFvTjhnnrBjqsMIHC9QK8F57R8smpZH7ayariy0FkE6z6yhjD2ERBSW_U1KMmeh-knMAtHq9H-__w8A451Aap-7BkEemCx8kLsByNGNmU-bWHIJjzLry2EMSAS9SYmetHVhfhqA26dJGMPWt3qvmdwxuRrHwgPJAg4QaTeHPFRhyCxK0FZjahBwIQOje77peMH9FuGLIf19FB97_nAM3BB03LodQrd4GX1FZsL5Zptfj-wAJFLHUXWivdxsdM7yeZDiNLqD3Vpr7b6SRbxet2UAHEJ2_uvrnHgXqAfepG6Na-YYxm-o5qTqiZrc1P1R3iRSRTX0wyaON1jpPk5_Oub_SiRhGuoLNAOvLqAHtpEWMsvC6cginz_ufcFwswaGdElmA_R9RrwQc9YLyN7AeFOfvNByEgIuHkmwaPyvErC&cid=CAASEuRonZi3bD7eIePY1ZILzmAYeg&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c34acb0cd97e26911178912e89ce0a81b169505f7879ac67b63b6738b14a260a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24955
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E7E 42 B
63 B 45ms
45ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJ-Zh4qqkjL3gS7BGHqg1f7C23ygssQRnRQzJAclJq0XApRN6aehuNmEQdOPnHvlL4rQwjFnndU_Qkh52V8ayTpXEvnSevFIeJ3qSFeSIYTybCTYw

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 9E7E 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:34:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E7E 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 9E7E 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:35:38 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E44D 0
0 70ms
69ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLYCXZg4EYYjNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBNsBT9CGuA3XHYQiB3EZfYBUbT429cA3eE_jpZiV_Ko6U3kBjuiRk5oxcNkoT1os7XOca7H27EqaDZpgAXyq0KQLcmwO4hQKaH_0xivdE23CXbJ75hiUFCkOJF01p4Qw5s0i0W2Mt11AjVXCc6or_PZSegmrQ_vDOmv33UIffnKWlIjDxIyX9lcE0rMhMFV0Idxg_lKDIXMU12vvh3lfmzkPLuCWnO_v0-XJYxhzfZtIGUIwYCrAZjWYF8WsySsMztckkFi_rfUazdl3JMjdnsNJZeJpkBD8SZ5Bjsy4wATdk8miwwPgBAGSBQQIBBgBkgUECAUYBKAGEYAH-cLJJagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDyjmDSCAcIgGEQARgdgAoDyAsB2BMK0BUBmBYBgBcBshcaChgIABIUcHViLTQ2Mjc1MTc2ODAyNDk2NzA&sigh=lPzxrgcxLGo
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 embed.js Show response
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame E44D 5 KB
2 KB 297ms
247ms Script
text/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC1H2KZg4EYYjNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBN4BT9CGuA3XHYQiB3EZfYBUbT429cA3eE_jpZiV_Ko6U3kBjuiRk5oxcNkoT1os7XOca7H27EqaDZpgAXyq0KQLcmwO4hQKaH_0xivdE23CXbJ75hiUFCkOJF01p4Qw5s0i0W2Mt11AjVXCc6or_PZSegmrQ_vDOmv33UIffnKWlIjDxIyX9lcE0rMhMFV0Idxg_lKDIXMU12vvh3lfmzkPLuCWnO_v0-XJYxhzfZtIGUIwYCrAZjWYF8WsySsMztckkFi_rfUazdl3ZsrQDCT0ye3BPCU2_6CLEPagHUO_wATdk8miwwPgBAGgBhGAB_nCySWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBuAwB2BMK0BUBmBYBgBcB%26num%3D1%26sig%3DAOD64_1a8WMuy78_y35685gMLVSE5Yi1kQ%26client%3Dca-pub-4627517680249670%26adurl%3D&cb=1460007242
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 639f019b16d2efa6f1c2ebe3f0d334e130cc469a58130cc24ffd8879efef1642

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Jul 2021 08:03:51 GMT
server: cloudflare
x-amz-request-id: QWJ4Z7GJCPNGVG3H
etag: W/"f6c6478428160347663dd47c50aa18b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 676f51a88d36dff7-FRA
x-amz-id-2: fFQvFzE/Eb6cCqNQGwYPhUEhLzR2e77dEIzfxKvZt5lkrkNv3cGybjE5KKqKTLBaxJSStJu3FAA=

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame E44D 31 KB
12 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56e15c9e3542a7457433e608f6180bf8877083db9c231bcfb137aa4a14fb1b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12641
x-xss-protection: 0
server: cafe
etag: 13371490116692223486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 13:30:11 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame E44D 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:34:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E44D 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame E44D 14 KB
6 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:35:38 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame E44D 18 KB
7 KB 22ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:25:02 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0BC7 0
0 76ms
70ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBOP6Zg4EYYnNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBNsBT9BVq8k1e2e96gDLFA-XkG7OuFMy7C-Ro4dYa2mrM60_KXOl3Lmkx-OyaQw9cITD-yk61YdU3QxPIfi3gq5GRKk4PNUEVptJLsiqqU9d2Hab2PYuqz_IOfJGP4QTFqtaqTHxhsyBZJFzI7oGu9eCNBa1h52LXRDiNbxTvlqJTeFJAqWyfhwfopDGDDgxPVY_uAoDKHwxCzP2eR0rTJkxiAA9PuDd8dYGztmFhMp4d_uEpX4LDsV_3go0z2PK7IlqkiklKJfn8kePjd72SAhyNXXQMeBqDXDspdupwATdk8miwwPgBAGSBQQIBBgBkgUECAUYBKAGEYAH-cLJJagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBRD6i5UB0ggHCIBhEAEYHYAKA8gLAdgTCtAVAZgWAYAXAbIXGgoYCAASFHB1Yi00NjI3NTE3NjgwMjQ5Njcw&sigh=WA6lL6nlswc
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 embed.js Show response
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame 0BC7 5 KB
2 KB 286ms
245ms Script
text/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCZggCZg4EYYnNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBN4BT9BVq8k1e2e96gDLFA-XkG7OuFMy7C-Ro4dYa2mrM60_KXOl3Lmkx-OyaQw9cITD-yk61YdU3QxPIfi3gq5GRKk4PNUEVptJLsiqqU9d2Hab2PYuqz_IOfJGP4QTFqtaqTHxhsyBZJFzI7oGu9eCNBa1h52LXRDiNbxTvlqJTeFJAqWyfhwfopDGDDgxPVY_uAoDKHwxCzP2eR0rTJkxiAA9PuDd8dYGztmFhMp4d_uEpX4LDsV_3go0z2PK7IlqkiklKJfn8kePz9z72u_PmXp4ndWgu04mO-GxTVtwwATdk8miwwPgBAGgBhGAB_nCySWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBuAwB2BMK0BUBmBYBgBcB%26num%3D1%26sig%3DAOD64_1XuVYk6kKHa0K9iXJmpauNIc7i1g%26client%3Dca-pub-4627517680249670%26adurl%3D&cb=1193582478
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 639f019b16d2efa6f1c2ebe3f0d334e130cc469a58130cc24ffd8879efef1642

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Jul 2021 08:03:51 GMT
server: cloudflare
x-amz-request-id: QWJ4Z7GJCPNGVG3H
etag: W/"f6c6478428160347663dd47c50aa18b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 676f51a88d38dff7-FRA
x-amz-id-2: fFQvFzE/Eb6cCqNQGwYPhUEhLzR2e77dEIzfxKvZt5lkrkNv3cGybjE5KKqKTLBaxJSStJu3FAA=

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 0BC7 31 KB
12 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56e15c9e3542a7457433e608f6180bf8877083db9c231bcfb137aa4a14fb1b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12641
x-xss-protection: 0
server: cafe
etag: 13371490116692223486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 13:30:11 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 0BC7 2 KB
1 KB 37ms
18ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:34:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0BC7 124 KB
37 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 0BC7 14 KB
6 KB 17ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:35:38 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 0BC7 18 KB
7 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:25:02 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7786 0
0 75ms
66ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsCNpZg4EYYrNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBNsBT9CGw46EnODVhA97fkJUYoUBZOBvuaggWK5q_3PTln7zCeNM0HucnWNLRZJggyey857IDcmYjiq0AFhbOSTbtkz8-DmOMurOZBUUeHVOf2wEff82uooW-SsVxvbvmOmTpch3dcdl0ycjBqJ0PBK_zKbcm0eHLIRG-hfB3LY7Q5rtC4Z1Vm1em4Ab8H8yjCoZ3IS59Yw0KOsogwbE4cKekbDnMkr3XceKEnTq6b5TaiW261beM6Umvx4BdNUGM_VdAcSQ-TfuJ0_FYf5DYXZXlRdjGAZKQ20DDGKXwATdk8miwwPgBAGSBQQIBBgBkgUECAUYBKAGEYAH-cLJJagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBRC-oI4B0ggHCIBhEAEYHYAKA8gLAdgTCtAVAZgWAYAXAbIXGgoYCAASFHB1Yi00NjI3NTE3NjgwMjQ5Njcw&sigh=BxF4ALX0AyY
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 embed.js Show response
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame 7786 5 KB
2 KB 281ms
241ms Script
text/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCHbp6Zg4EYYrNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBN4BT9CGw46EnODVhA97fkJUYoUBZOBvuaggWK5q_3PTln7zCeNM0HucnWNLRZJggyey857IDcmYjiq0AFhbOSTbtkz8-DmOMurOZBUUeHVOf2wEff82uooW-SsVxvbvmOmTpch3dcdl0ycjBqJ0PBK_zKbcm0eHLIRG-hfB3LY7Q5rtC4Z1Vm1em4Ab8H8yjCoZ3IS59Yw0KOsogwbE4cKekbDnMkr3XceKEnTq6b5TaiW261beM6Umvx4BdNUGM_VdAcSQ-TfuJ0_FI_xO85HqORjLtDOA9VPJkliP7f9TwATdk8miwwPgBAGgBhGAB_nCySWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBuAwB2BMK0BUBmBYBgBcB%26num%3D1%26sig%3DAOD64_1lw0FtE6nuo29b_28JVHh3O7KiGw%26client%3Dca-pub-4627517680249670%26adurl%3D&cb=895977925
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 639f019b16d2efa6f1c2ebe3f0d334e130cc469a58130cc24ffd8879efef1642

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Jul 2021 08:03:51 GMT
server: cloudflare
x-amz-request-id: QWJ4Z7GJCPNGVG3H
etag: W/"f6c6478428160347663dd47c50aa18b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 676f51a88d3cdff7-FRA
x-amz-id-2: fFQvFzE/Eb6cCqNQGwYPhUEhLzR2e77dEIzfxKvZt5lkrkNv3cGybjE5KKqKTLBaxJSStJu3FAA=

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 7786 31 KB
12 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56e15c9e3542a7457433e608f6180bf8877083db9c231bcfb137aa4a14fb1b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12641
x-xss-protection: 0
server: cafe
etag: 13371490116692223486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 13:30:11 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 7786 2 KB
1 KB 40ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:34:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7786 124 KB
37 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 7786 14 KB
6 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:35:38 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7786 0
0 45ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiGeuaPj0XZKp-Z63oN8_0FRF9qjZHfqjkI7kIwiscsRnv_AvPKWQ-129Ts9M4i5z7m_NczN4cqjmp0rxzg84G37nm6w
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 7786 18 KB
7 KB 22ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:25:02 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B676 0
0 77ms
68ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CK-uFZg4EYYvNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBNsBT9DTWISvRG571DMx85WHQVVTXEC6-bA3u7bK9JO68KKB2LumxWJKwHkyap6Lfolm9XXNrlV9i2zPjZ_2yCLdDeVYN1vX3KFXwNG0PcNPR8GWWLRwDaS5qbr5UBralQ-JCbdYqzXRUBwXwWfWyjKYpdWZ8XAB7cQItZNEgRX310phT1jB_K-NKTaWM35gqHAIYaDQEoi2qmVBDBMn1lSiH26I-Dx4ix0S6LbjMQ7JiSjMmb3_0LlT5D2utZGik9Avrdj_rm110R2mPtGvg15bH9Mn3mtUeTtEkNa0wATdk8miwwPgBAGSBQQIBBgBkgUECAUYBKAGEYAH-cLJJagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC1ll3SCAcIgGEQARgdgAoDyAsB2BMK0BUBmBYBgBcBshcaChgIABIUcHViLTQ2Mjc1MTc2ODAyNDk2NzA&sigh=ZYtZwPA9ySA
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 embed.js Show response
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame B676 5 KB
2 KB 286ms
247ms Script
text/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCmq2hZg4EYYvNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBN4BT9DTWISvRG571DMx85WHQVVTXEC6-bA3u7bK9JO68KKB2LumxWJKwHkyap6Lfolm9XXNrlV9i2zPjZ_2yCLdDeVYN1vX3KFXwNG0PcNPR8GWWLRwDaS5qbr5UBralQ-JCbdYqzXRUBwXwWfWyjKYpdWZ8XAB7cQItZNEgRX310phT1jB_K-NKTaWM35gqHAIYaDQEoi2qmVBDBMn1lSiH26I-Dx4ix0S6LbjMQ7JiSjMmb3_0LlT5D2utZGik9Avrdj_rm110R2mfNOiEbnms9yPcl6ezwWODuysIzGFwATdk8miwwPgBAGgBhGAB_nCySWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBuAwB2BMK0BUBmBYBgBcB%26num%3D1%26sig%3DAOD64_3rD4vyGV5Q5oOucVVlvCSvlxvzvQ%26client%3Dca-pub-4627517680249670%26adurl%3D&cb=545669517
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 639f019b16d2efa6f1c2ebe3f0d334e130cc469a58130cc24ffd8879efef1642

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Jul 2021 08:03:51 GMT
server: cloudflare
x-amz-request-id: QWJ4Z7GJCPNGVG3H
etag: W/"f6c6478428160347663dd47c50aa18b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 676f51a88d3bdff7-FRA
x-amz-id-2: fFQvFzE/Eb6cCqNQGwYPhUEhLzR2e77dEIzfxKvZt5lkrkNv3cGybjE5KKqKTLBaxJSStJu3FAA=

GET
H3-29 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame B676 31 KB
12 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56e15c9e3542a7457433e608f6180bf8877083db9c231bcfb137aa4a14fb1b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12641
x-xss-protection: 0
server: cafe
etag: 13371490116692223486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 13:30:11 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame B676 2 KB
1 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:34:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B676 124 KB
37 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627472092244076"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38161
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame B676 14 KB
6 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:35:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:35:38 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame B676 18 KB
7 KB 19ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:25:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:25:02 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1234 0
0 85ms
69ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-nVLcSzJKbp-0cNQe1AjrWeNpx9k1ORUne3sHZdLnqjvxg0u3SxeD2a-Qu6WUFfsg1BYF6ChuZD0PkRNXVbDqNcbuLCRQoQjmDAeSHLVoUfrJTMNYo7AtuC96gyVym3YEm37qIcd-85SVMbCcUvMv-B0L9UMLEOKVhU0B1XZnrnPvBvyvhtRfnF7mQLam208IPMoDaDTrLYkQCCrOjLNlG4NCyW6tV7AHUPHmz6vIpjtpGtPEBrYKQRTFBrmqmNXT8KEdIGTwvvNaeQNIjf4lJPiv8GRdO9bj5totO3d1fq7jBjxUQaty2fzdGHby5ajPavLj2_Dt8S0jUQ2M&sig=Cg0ArKJSzIrSTfJpRT2GEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 30 Jul 2021 14:36:23 GMT

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame DE6C 42 KB
15 KB 49ms
7ms Document
text/html 2600:9000:20eb:2600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method: GET
:authority: cdn1.avantisvideo.com
:scheme: https
:path: /connect/u_d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
date: Thu, 29 Jul 2021 23:40:08 GMT
last-modified: Tue, 30 Mar 2021 10:01:49 GMT
etag: W/"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id: Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: OIXDAFZoumqX0L6N0gsO6JOHz0Z6pBvM8ZK_OkOERrQpgWpcPiuq0w==
age: 53776

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 6090 42 KB
15 KB 44ms
8ms Document
text/html 2600:9000:20eb:2600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method: GET
:authority: cdn1.avantisvideo.com
:scheme: https
:path: /connect/u_d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
date: Thu, 29 Jul 2021 23:40:08 GMT
last-modified: Tue, 30 Mar 2021 10:01:49 GMT
etag: W/"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id: Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ICEh3L-kt0VnqqkitozFeiIb_TL4mXMjJSZP8Y4Hk-zDjDSAtkwKPg==
age: 53776

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 101E 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Jul 2021 11:56:19 GMT
expires: Sat, 31 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 9604
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E44D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c65e0c2137f4623296e906bdd24c03c1d4a79cd3a6b86e35ed44caaabd21f3c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A1A5 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Jul 2021 11:56:19 GMT
expires: Sat, 31 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 9604
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0BC7 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5c4076b9051274be7b30626b66ae218ca8d82d641d30cd561c28acfc48cd2a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 9E7E 114 KB
40 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 10:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Jul 2021 10:46:05 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/ Frame 9E7E 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Akqy_HXYi4zSPuMrn6zht2XbPzCyi2p3cbUtZ9MVM1pD9W5fP41QgaGq04rNtr97kaEwfhpV47ZDB5eov-t6IW7omKox2UmR3_sCTJDSRDguo1Wd58jwSuVN6w7HcPwlBsdrZZDByLtGp8O6SmK8RHWk24nw&dbm_d=AKAmf-ATp1JiLB4cIbIbTUjdHtPsWFNUm1AAfaO15OLm8oaq247CymkRMtjCvGTOcOE-H5JNcPRwaCp8WU2CW1OObM0HNOpo8U__gJlVVFnxvAw4l5W5-bi8ewrSAP_WAsofQKdzRslbEol7jAS9eICKildZrwclI4Qd42shHidslo_ZpUhxwy-yG6kq1ojIGee4GdGPk9uPDRmrIVjNvW3vjKNcGJRcDWRTDzkmXK9ag7NhoCSc61us1rkv7yxEfLsSGTI2hFvcdCkviX8KgaWytvR2wfFDxUz5W_R0iwgVkti9ijRUvoxSi4fE16ZDbAq2Iy8jWDuPDFO6xit9tT7lndmTnuS9dGjxAtEPR0McBsiwMoo07FQh_HGaZxTVoAZrlqNFXosGliu0fmZwwUEWGeBprvA4v3uaSZKxQBeC1F5t4bAJl1bkisP0nxa1a7JZg4xC8Rui1GHf_c0m_-ihm1xBCwYeeN4ekYys3-XDa6yMo5gTAqH-eXLm_YKK6vteX-IiLNPLCi4Z8tJ_NaLe0ZnKUpy8UQnwqs1a2TnO7ZKqr5U8kH6vVbF97grHidgSDUliX8ypD07OgUBLe4qA-pWJ9YcyZ13SbX8f25NhW1_pNpUQub1SPzK4fT4I8YoLQP7tPnlPL0Nf_aVr2lMqgNRzqOw21hOCg6l4yGkaNGXW7IQgXZkj27jfkd_Irbdz5oWW1fMRwl-0IrWAnfVIazvfuT3qeN97DxOqXcMTEMgeLuxvI8ye_RCC3MecvgGzuIfTdrNX_lIbSmOYUdRLJFd5JkS_yU6uO5ibAsJYKZIvQanjz5wML0Vdbe5TEozFlWcmaL4D6jrXRSbp7I7zKqdMThY6mz9p7HYYCsHxiqD7GF3-JSEyp-izUQbKXmx5HQBvZv620wSO_aU62Am1sHEb1J6cs6YuPxQfHCK4K1AP-gNiQtqWxz-Xevy1EKrtQWrSxjjMTyKkGfN5JwBPbZHozKuK9DU1Wr7j3SXypUN_dfvcjvNFdHZ6igsQUBo2zCJKF12BjlQpAtGx81aAbtKtuLqfqVOA2ckhXkdsruMKlrSLDdcIJtBJc2VhBVzUyEj2ONYbYHMdIBRaU7Qi3obfWzhFPtAvnQE_LJk7yb6aA5ZzrMpLDyeE-R8CRoQuiNakPnOYjz3QoegHG2oh3qTSVO9GL00h3CcmPNl2kBmQ6OCl1EFrzbCKeXtzy0sXLKJ7CYTeXv0KvxkUWO_B1E5sYSD2pXeqDwNjoZ1n0klNje_lpZu5Dj2zz3vPBl0RTJFZZda9oJ6-9h5O-f12pXSNnndkzVwptBdlNyjSRkPaLevdoj6RFhV05-qaf8aaEoOKmNWlZZG_H6Pq4ADklkOFRkKAjkwwfWR0EqjpPGfFyVWTfjdGujfb7gxmqtb0hei-P8SIZu9gI-bym_N4CGjm4jANOXzLsfLJD9tc62ZgplkmYP5KjcE87yzCjjMTt5A3kLYb8GT3p6n4e09UAJPBApMSJ-I0YW6rLH_1lz1272fADpzpc-5Oeb7rB2c4e74FggdcN-IVCuFEzEExe0SzGB1pmLhixBRekXiwS8FIwf2iDcv8EZlZOetqtKNsB9iujBYQGPDx6D5YgYULh9Fuurh0qGNmuB6D9kW-KHC1-qyL0H9jUAP5gbyuQbXtWSm-KZyd8Qtpfa51fLFW1fKlx9JAf5mN5S9PkI5Y_MV4U9ud71N0C69MCyR56AS7Tz-GqV08r2SlpiFPfgKBNI7WeDyqtNRS06qxQEKVLhFTuI0WDYW1qtNI9mOwVx1R_VPnK5fVoAsL7bHFdyU_dQv8pAwyKE-I5PCXM0Lcx4BBCSIwcCXqwQuvYJt9cLMYwQ1J-FzNxFVqh7lEOLhPy5gynykANuTUOpwMEUiFjrOzhK5t5FiCO_PL9wZRKWABx6KlZWCMicnlpKCyC3-hG2JOGKs3OPlwENxI_-rgjIZOeDoD_SrjCWKZ0kRQcxT2bTPlPGTLjiTg2aet-wJDm8CwTO-L1YFX9T6A9Vb0vXF7NBO3xNxUmzlnUKnD0WB-TmcY9zgu-bXqHkA79q4nd4PH1VKbF2tvNraEqb49LWr6RFNKBZcwdDj9pmfuAI9Twf1INyr5vJ0CO53WaM_9Uq_aop0JvZgWU7kfZS6RogHeBdeO_dxUVxpkEBhDEIk9eCiuWfPshnogeUW8lnzavrKjSfuLrDCskV_6mlY8WWCLXzzkel2fbR48Hx_rC_5pFeZR9lXxtI5wtbHuxCpGzegeeHBOvjd0KRyL5pIriASlrMYqelv5rwWF5jL0WYAw3U-uKWjvR_Egv8cJqDgrEZdragt1B61ijYjLucqzI2Xz0cH07_rqXppfESzER-jd_MOR2g4WZkTeP2Z-UbhNIKY4pdg2Eg4uYNtIDgcmuuD7ntILLp7AGbv7SJ_NSa5LRy2qpAiZRuWPh4CTrWxtbvEB3_QkfLk4qjZhsLFw2IhYCxJmbJQBBknp_NkbqzP6_Y2oPCjRnLBuYytwaZHYdvkqdmFWeNm_UKGUwmOpZlYkMPjCrIW9j0SJgSw5U7lX1fclr6dJBTzDR6Q1q2VzJOKpfuNc5ZvFvTjhnnrBjqsMIHC9QK8F57R8smpZH7ayariy0FkE6z6yhjD2ERBSW_U1KMmeh-knMAtHq9H-__w8A451Aap-7BkEemCx8kLsByNGNmU-bWHIJjzLry2EMSAS9SYmetHVhfhqA26dJGMPWt3qvmdwxuRrHwgPJAg4QaTeHPFRhyCxK0FZjahBwIQOje77peMH9FuGLIf19FB97_nAM3BB03LodQrd4GX1FZsL5Zptfj-wAJFLHUXWivdxsdM7yeZDiNLqD3Vpr7b6SRbxet2UAHEJ2_uvrnHgXqAfepG6Na-YYxm-o5qTqiZrc1P1R3iRSRTX0wyaON1jpPk5_Oub_SiRhGuoLNAOvLqAHtpEWMsvC6cginz_ufcFwswaGdElmA_R9RrwQc9YLyN7AeFOfvNByEgIuHkmwaPyvErC&cid=CAASEuRonZi3bD7eIePY1ZILzmAYeg&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:36:08 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 9E7E 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:31:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9340
x-xss-protection: 0
server: cafe
etag: 14963318235020188028
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 13 Aug 2021 14:31:39 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B02C 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Jul 2021 11:56:19 GMT
expires: Sat, 31 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 9604
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7786 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a30a7c0650053629138c0048be6755c6bb5a61042aad170213c0bedcaeee686a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame E41C 170 B
523 B 106ms
39ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGO-61JoBMAE&v=APEucNVRS3Edotn7ZRygmwLvAx3fAjQrrUces7pJ3XopEc8000zLnnV74p7vwVTl3Pwosq-fhdUGKj6RMjGHdNv0DoZSquLRSA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E41C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnceE67ctpAt05KtdnR_BI&google_cver=1

43 B
1014 B

63ms
51ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnceE67ctpAt05KtdnR_BI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGO-61JoBMAE&v=APEucNVRS3Edotn7ZRygmwLvAx3fAjQrrUces7pJ3XopEc8000zLnnV74p7vwVTl3Pwosq-fhdUGKj6RMjGHdNv0DoZSquLRSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 30 Jul 2021 14:36:24 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnceE67ctpAt05KtdnR_BI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E41C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YQQOZ5NNtd1IWS7i7Y7djwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnceE67ctpAt05KtdnR_BI&google_cver=1

43 B
894 B

46ms
45ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnceE67ctpAt05KtdnR_BI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCPtKICGO-61JoBMAE&v=APEucNVRS3Edotn7ZRygmwLvAx3fAjQrrUces7pJ3XopEc8000zLnnV74p7vwVTl3Pwosq-fhdUGKj6RMjGHdNv0DoZSquLRSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 30 Jul 2021 14:36:24 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOnceE67ctpAt05KtdnR_BI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 63DE 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Jul 2021 11:56:19 GMT
expires: Sat, 31 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 9604
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B676 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31ed3f5ec4d1c1cc4d74ac1ebe9fb6569dc743fa6ba30ad59b7473ee7aebb40e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 183ms
156ms Preflight 2600:9000:2190:3e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

2600:9000:2190:3e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: dcerLqqvA79pujJHekFf7MNbRL5mF7MSmXIeyHRmSFvV7i0hiZk5JQ==

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame DE6C 116 B
871 B 160ms
159ms XHR
application/json 2600:9000:2190:3e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:3e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d81386cb76a2f803a6a7674bab45293bde918693a683a583ccd20f85619df9ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: ZRH50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 116
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Fri, 30 Jul 2021 14:36:24 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: E_Q0zrnUETzztHE1_KnyJFPjgDFvSLMES9LxYBffcy3xsoMY8Z6GJg==

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 6090 116 B
871 B 156ms
154ms XHR
application/json 2600:9000:2190:3e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:3e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d81386cb76a2f803a6a7674bab45293bde918693a683a583ccd20f85619df9ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: ZRH50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 116
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Fri, 30 Jul 2021 14:36:24 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: sYEoUffUWpcgHMm_bC7iK-dIPd_hUYDWGM7kG5Q3Jhe-mP7XZBVxgw==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 179ms
155ms Preflight 2600:9000:2190:3e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

2600:9000:2190:3e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: vBu68irfUbV0JxdSqTHC-cEmELuGgMspvbRRyV-yejl5BxlVIqbq7Q==

GET
H3-29 200 index.html Show response
s0.2mdn.net/9506911/1609938328780/ Frame DE49 166 KB
26 KB 22ms
7ms Document
text/html 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9506911/1609938328780/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

079f180cafeebed9a4762f3b2d1df57ed5745d4baee54466b6f683ed15c7c4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9506911/1609938328780/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 26351
date: Fri, 30 Jul 2021 09:10:51 GMT
expires: Sat, 31 Jul 2021 09:10:51 GMT
last-modified: Wed, 06 Jan 2021 13:05:28 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 19533
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9E7E 0
592 B 142ms
75ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstd3QUuOKWulvmHEPznBtG-OtcQt-7W_eN_K8LJqKBtuLysxMgvAq1hj3DOPuzOlRvesFud9RptlUu8Qp4DNDyT5Bh-z1g2KtHQYH5b9QroIPcLxdGr3AzmfavCoXDgmJmQexGeKRFxK2dmJ_soktqlrUiWzwxXk7xfF2bCR2e1RoE-8R01VXnIlALrXcv291ThMa-izpJ2hfu_zlBl4haWmePrSayWOhJZ1Fkbo4BeNVCeFkre9LDHoqSxxDwK2_abV_QF2Z08AXoX16h70VRx4rlrKmhdl9VYruJLObNr7CaqDDj584U548w6-tnBK-XBw8lYKFavhQ3ePjQdVFjM03ekSL-2zRr0cJna7pwmYCOXCynv8fr85XYbxQNbC8_ht3fBZPUHGVpQclr9srL8zKAJqeZcVTqhxmCzQqxbmW16W0p41hRrhR6t2bjJje3W9gVpcqRh0M36p7cppUrZgIR9yFkoSzJqg9j4zPxOlpsR7pTZ3JnW9tvgtmtPqowXyHCrzm32w9Ick-oDGuNqcjUFmySafGOtJ1ePQFdOu6v7KS8px4wdcNdcJS3tCm7hXCFdxmwH8fnQVPuLKCJqIMKYH5D2ffWcGz6Xe7NCg7tbgmikaI7UtqT7qALwGGpot4wxgyhFutGtGBtNMIRmKXAolQYvTcI8BQLQcqhYq8ysT0k9S3r00oYBGZRTKi0kogbkUzpo38tmf8dg67kCDNIdeMJOisslGnICVBDM7kbf1lHZlsEQYs85gX2eB5WyUAqkAgPeV04BY0qAFJ8bS4yp8TqyLrdcwu2vHuP8pRsCVOta-tqHAZwbLjMAoaxVuxSrO44OQz4xTJaDg_8aL3SIVfMUhvrgPjCOj2xMaC0GwkkAS6Q7mEfM_Iy25p9lwnWGmzd83SGwfvW-dK4OVu4uGUs1mS6EoPtssTelF1od4SKOk3c2kdYYle_IFTZRmJCI3PUQv2wdksKC4pYz9k_21rat9ku9GbChfO7ccUmDOo3fd9cVo08X2LGa17T4coghiDSNZOAGaNeSbQw817ALKzYXebKX8e85hzTsa3pCNHnLcsB0B863ssFufvBaaoOni85gdDCoSCl8JJ1j37LLVdFnfX_H-ExRWa47gdWKIohoRWfYDzNbQHZqvAHe0yG2nSgV14zJkz-aDyuHGg-Qnx0BCBtz0uGVTLOUNTaMGs7tulMP2dqw_8-WVvq0Zw-_JSpzobRRUx0&sai=AMfl-YQRDOE0jRO7whjArvJOzdXMeZshMphz64S29fJY0f5f4pQU0wcu_xLZRSoiZhP2yk3MggaiD5mdIEdmYrSe65NnACoM2DdLSwoQ0_vn2PXXcI6BNJrqsHs8fg7D4InD-bI3SglW9BEErgOIm94HNjJox6TyG7CLWwfZWiwGG7zeNXV1To2B2w&sig=Cg0ArKJSzFtduk9p4DvPEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=138&cbvp=1&cstd=135&cisv=r20210728.64855&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 30 Jul 2021 14:36:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9E7E 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 08:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Jul 2022 08:25:03 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D3F3 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Jul 2021 11:56:19 GMT
expires: Sat, 31 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 9605
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9E7E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8010f7028e2c56b453642b6816394b163da28534c012edef128f31e14e99044

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 101E 0
104 B 97ms
61ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIgEwPq2bvPqO_8818jSPF8&google_cver=1&google_push=AYg5qPJnc3uXaJVon1bCKo6C6nIpP0CvZr0bsXq4esq7-abXRWNMK1JNExzXdRh6_owyOva-P_tTEyTWMIwf1u7wlKu58E9s--cF
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 101E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEBjPd2Plx4qGEzeV80Hsm5s&google_cver=1&google_push=AYg5qPJ0dFNV9HEHG-n0mGwzOgx-CQpgCiiM4tEBCXnbexDiwkcMqwzqIzQwVy2z_PWQrJddOnA6HixiQWnDu2Xc...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ0dFNV9HEHG-n0mGwzOgx-CQpgCiiM4tEBCXnbexDiwkcMqwzqIzQwVy2z_PWQrJddOnA6HixiQWnDu2Xc8j8HnCxrcmk

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ0dFNV9HEHG-n0mGwzOgx-CQpgCiiM4tEBCXnbexDiwkcMqwzqIzQwVy2z_PWQrJddOnA6HixiQWnDu2Xc8j8HnCxrcmk

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jul 2021 14:36:12 GMT
Server: MT3 3810 5cb7d7e master zrh-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ0dFNV9HEHG-n0mGwzOgx-CQpgCiiM4tEBCXnbexDiwkcMqwzqIzQwVy2z_PWQrJddOnA6HixiQWnDu2Xc8j8HnCxrcmk
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 30 Jul 2021 14:36:11 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 101E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPDcl4VSLL_RsUFLG7TcdWQ&google_cver=1&google_push=AYg5qPIW36on_0SHVG0gmfhDkJntcrZ4p-uTdxIGzgnUOHK6Ft-n4DLKXTHJxA4319iUdHEm9aG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JRRzg4VkotMVAtOUdRVA==&google_push=AYg5qPIW36on_0SHVG0gmfhDkJntcrZ4p-uTdxIGzgnUOHK6Ft-n4DLKXTHJxA4319iUdHEm9aGkHolziRRkvpGyFBiQB-3_ib5l

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JRRzg4VkotMVAtOUdRVA==&google_push=AYg5qPIW36on_0SHVG0gmfhDkJntcrZ4p-uTdxIGzgnUOHK6Ft-n4DLKXTHJxA4319iUdHEm9aGkHolziRRkvpGyFBiQB-3_ib5l

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JRRzg4VkotMVAtOUdRVA==&google_push=AYg5qPIW36on_0SHVG0gmfhDkJntcrZ4p-uTdxIGzgnUOHK6Ft-n4DLKXTHJxA4319iUdHEm9aGkHolziRRkvpGyFBiQB-3_ib5l
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 101E
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFRLxth6y8ZnhFI4A3_x9zM&google_cver=1&google_push=AYg5qPIVIKGwW12gZIeWmgsQrnD5L3POq3_UnihFsuLhguEtuj-tnf2pPzZhb1H7qn5p9BkAbbTRRC667R4HLYxY...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=8da3856f6e42d73ccf0b&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPIVIKGwW12gZIeWmgsQrnD5L3POq3_U...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=8da3856f6e42d73ccf0b&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPIVIKGwW12gZIeWmgsQrnD5L3POq3_UnihFsuLhguEtuj-tnf2pPzZhb1H7qn5p9BkAbbTRRC667R4HLYxYf_uezjmkwE4

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=8da3856f6e42d73ccf0b&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AYg5qPIVIKGwW12gZIeWmgsQrnD5L3POq3_UnihFsuLhguEtuj-tnf2pPzZhb1H7qn5p9BkAbbTRRC667R4HLYxYf_uezjmkwE4
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: CcZXFBR7pFQ4VnnG8mIb9ZXxSxSBZX_8OtPySZK0F352ePcTZwqqMg==

GET

pixel
cm.g.doubleclick.net/ Frame 101E
Redirect Chain

https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEECZCnYZh0tFBTr3w9lj5yI&google_cver=1&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23v...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPt...

0
0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 101E
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBeVPtuJcpSF_xfg1oZLuBg&google_cver=1&google_push=AYg5qPJ_wiqLjflIdQgOVk8dhMac_B3TbGXTHRoXIzoQI_zArRgEXd8hNCIwfcyx4sJRnSkMCb...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEBeVPtuJcpSF_xfg1oZLuBg&google_cver=1&google_push=AYg5qPJ_wiqLjflIdQgOVk8dhMac_B3TbGXTHRoXIzoQI_zArRgEXd8hNCIwfcyx4sJRnSkMCb...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CNGxQclBSRTJ1RlpUQmtpVkFvRlg1SVZwSWJqVDhIU35B&google_push=AYg5qPJ_wiqLjflIdQgOVk8dhMac_B3TbGXTHRoXIzoQI_zArRgEXd8hN...

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CNGxQclBSRTJ1RlpUQmtpVkFvRlg1SVZwSWJqVDhIU35B&google_push=AYg5qPJ_wiqLjflIdQgOVk8dhMac_B3TbGXTHRoXIzoQI_zArRgEXd8hNCIwfcyx4sJRnSkMCbmfTvkYYm96Y6MIzHrlb9ikjnk-mw

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1CNGxQclBSRTJ1RlpUQmtpVkFvRlg1SVZwSWJqVDhIU35B&google_push=AYg5qPJ_wiqLjflIdQgOVk8dhMac_B3TbGXTHRoXIzoQI_zArRgEXd8hNCIwfcyx4sJRnSkMCbmfTvkYYm96Y6MIzHrlb9ikjnk-mw
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 101E
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=googlevid&pm=1&google_gid=CAESEIrP3sB5fNZmpmlAyxzRueA&google_cver=1&google_push=AYg5qPIJBZLUm6BPPuuc04KdgsPfvRBTx_izYN92gTBpIG7UHH8oXucqE5xmsarJY0JXtWZu0aNOHQqUCT-n769uz...
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Da2d5fc99-3d46-4f1b-b7da-e70cbcfeef55%26google_push%3DAYg5qPIJBZLUm6BPPuuc04KdgsPfv...
https://tech.rtb.mts.ru/?dsp_uid=a2d5fc99-3d46-4f1b-b7da-e70cbcfeef55&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc_2%26id%3Da2d5fc99-3d46-4f1b-b7da-e70cbcfeef55%2...
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=a2d5fc99-3d46-4f1b-b7da-e70cbcfeef55&google_push=AYg5qPIJBZLUm6BPPuuc04KdgsPfvRBTx_izYN92gTBpIG7UHH8oXucqE5xmsarJY0JXtWZu0aNOHQqUCT-n76...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=a2d5fc99-3d46-4f1b-b7da-e70cbcfeef55&google_push=AYg5qPIJBZLUm6BPPuuc04KdgsPfvRBTx_izYN92gTBpIG7UHH8oXucqE5xmsarJY0JXtWZu0aNOHQqUCT-n769uzD4VCoQd-RNYig

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=stream_llc_2&id=a2d5fc99-3d46-4f1b-b7da-e70cbcfeef55&google_push=AYg5qPIJBZLUm6BPPuuc04KdgsPfvRBTx_izYN92gTBpIG7UHH8oXucqE5xmsarJY0JXtWZu0aNOHQqUCT-n769uzD4VCoQd-RNYig
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 101E 0
12 B 74ms
36ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_gEHKZBlPM6BY4jlLOeFaz7SuCZ-9AudEriCEEcel09LY-KwzXTGziLZcl7N0JnNp87x-IvE

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame A1A5 0
103 B 93ms
61ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIgEwPq2bvPqO_8818jSPF8&google_cver=1&google_push=AYg5qPL5Od2pXzhpLFrYcVpQEypAQbUsMQUrsSpK1kNBKt8L0PpanRrBiohEYujJ0D9AKa5W8boI4w7OdfQoNWPWxMIap82UgFi9
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A1A5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPL46s1I_4gWliURXZTBX2DsYzkQHB1bCN1cnY2KQjPv4R--xROGpZXJvdZFm1U7YSzRrOa22574hYlnvJ40aRN5lGwwL0V2&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPL46s1I_4gWliURXZTBX2DsYzkQHB1bCN1cnY2KQjPv4R--xROGpZXJvdZFm1U7YSzRrOa22574hYlnvJ40aRN5lGwwL0V...

43 B
415 B

172ms
171ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPL46s1I_4gWliURXZTBX2DsYzkQHB1bCN1cnY2KQjPv4R--xROGpZXJvdZFm1U7YSzRrOa22574hYlnvJ40aRN5lGwwL0V2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL46s1I_4gWliURXZTBX2DsYzkQHB1bCN1cnY2KQjPv4R--xROGpZXJvdZFm1U7YSzRrOa22574hYlnvJ40aRN5lGwwL0V2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 676f51abce920eab-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 6432
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 676f51aa9be90eab-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPL46s1I_4gWliURXZTBX2DsYzkQHB1bCN1cnY2KQjPv4R--xROGpZXJvdZFm1U7YSzRrOa22574hYlnvJ40aRN5lGwwL0V2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPL46s1I_4gWliURXZTBX2DsYzkQHB1bCN1cnY2KQjPv4R--xROGpZXJvdZFm1U7YSzRrOa22574hYlnvJ40aRN5lGwwL0V2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A1A5
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKzMKXQ-hkf-Z_YUGC-gQm8&google_cver=1&google_push=AYg5qPLBrqCWQznNtzoJTyuu3NBaakQxEBxdkNgLjJyMpaH8SaWvTV98JLsy0tJSFZaVUFy9AkBUYF1AjRzCXXNGKa077mYaypI
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EB5C6C4E03774486AA57A2C62801004E&google_push=AYg5qPLBrqCWQznNtzoJTyuu3NBaakQxEBxdkNgLjJyMpaH8SaWvTV98JLsy0tJSFZaVUFy9AkBUYF1AjRzCXXN...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EB5C6C4E03774486AA57A2C62801004E&google_push=AYg5qPLBrqCWQznNtzoJTyuu3NBaakQxEBxdkNgLjJyMpaH8SaWvTV98JLsy0tJSFZaVUFy9AkBUYF1AjRzCXXNGKa077mYaypI

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Jul 2021 14:36:24 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EB5C6C4E03774486AA57A2C62801004E&google_push=AYg5qPLBrqCWQznNtzoJTyuu3NBaakQxEBxdkNgLjJyMpaH8SaWvTV98JLsy0tJSFZaVUFy9AkBUYF1AjRzCXXNGKa077mYaypI
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 29 Jul 2021 14:36:24 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A1A5
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOhfTzCim2n0r6pHnUwEbL0&google_cver=1&google_push=AYg5qPK3pRF4MXFwxPzFKOC4xqysbcIAf3DglCiGjb0zNOQpezWysufb3az7OMl-nZhceovKIqTYyz6iuG6pn8yAXoldWoZ...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOhfTzCim2n0r6pHnUwEbL0&google_cver=1&google_push=AYg5qPK3pRF4MXFwxPzFKOC4xqysbcIAf3DglCiGjb0zNOQpezWysufb3az7OMl-nZhceovKIqTYyz6iuG6pn8yAXoldW...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK3pRF4MXFwxPzFKOC4xqysbcIAf3DglCiGjb0zNOQpezWysufb3az7OMl-nZhceovKIqTYyz6iuG6pn8yAXoldWoZJERA

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK3pRF4MXFwxPzFKOC4xqysbcIAf3DglCiGjb0zNOQpezWysufb3az7OMl-nZhceovKIqTYyz6iuG6pn8yAXoldWoZJERA

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPK3pRF4MXFwxPzFKOC4xqysbcIAf3DglCiGjb0zNOQpezWysufb3az7OMl-nZhceovKIqTYyz6iuG6pn8yAXoldWoZJERA
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A1A5
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPJKzuDvz72CetHvjoytcwAQAPMNAGCYS2c3aBRkCmvdkEck3LPbQ2Wv2iq44yEOINSA5KwbhBJWsC...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJKzuDvz72CetHvjoytcwAQAPMNAGCYS2c3aBRkCmvdkEck3LPbQ2Wv2iq44yEOINSA5KwbhBJWsCRAFgo1OW_JFz4Vz1lp&google_hm=39337cd6-b788-4b3e-85...

170 B
188 B

38ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJKzuDvz72CetHvjoytcwAQAPMNAGCYS2c3aBRkCmvdkEck3LPbQ2Wv2iq44yEOINSA5KwbhBJWsCRAFgo1OW_JFz4Vz1lp&google_hm=39337cd6-b788-4b3e-85d7-8e7bb3bf83f6

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPJKzuDvz72CetHvjoytcwAQAPMNAGCYS2c3aBRkCmvdkEck3LPbQ2Wv2iq44yEOINSA5KwbhBJWsCRAFgo1OW_JFz4Vz1lp&google_hm=39337cd6-b788-4b3e-85d7-8e7bb3bf83f6
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A1A5
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEHruyWM4-jg2R_-FnLCl05I&google_cver=1&google_push=AYg5qPKDB5qeJUbM3_9s1hbdNpODsYR6YDkVhxJE-OPFFfBeUZh-NZLwHK4I1ANEOVzOhIbjWd-gYZ3iqkNFH4IDa89KxTpfsFHB
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPKDB5qeJUbM3_9s1hbdNpODsYR6YDkVhxJE-OPFFfBeUZh-NZLwHK4I1ANEOVzOhIbjWd-gYZ3iqkNFH4IDa89KxTpfsFHB&google_hm=ZzVmYTU0MDE1NzI1ZmIy...

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPKDB5qeJUbM3_9s1hbdNpODsYR6YDkVhxJE-OPFFfBeUZh-NZLwHK4I1ANEOVzOhIbjWd-gYZ3iqkNFH4IDa89KxTpfsFHB&google_hm=ZzVmYTU0MDE1NzI1ZmIyYWYyOGQ=

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AYg5qPKDB5qeJUbM3_9s1hbdNpODsYR6YDkVhxJE-OPFFfBeUZh-NZLwHK4I1ANEOVzOhIbjWd-gYZ3iqkNFH4IDa89KxTpfsFHB&google_hm=ZzVmYTU0MDE1NzI1ZmIyYWYyOGQ=
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A1A5
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEArI2p6C3DLp3TB1XpNuOPk&google_cver=1&google_push=AYg5qPIPNiYjDzuasJXwEVjhM6SCxbCSdqHltthXVB1BCoyJKIsJCeiUA31Q7eD0kucbd14JOxUV1_...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIPNiYjDzuasJXwEVjhM6SCxbCSdqHltthXVB1BCoyJKIsJCeiUA31Q7eD0kucbd14JOxUV1_CVzieN8E_ezYvjTvTolm0&google_hm=NDMxOTY3MTE...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIPNiYjDzuasJXwEVjhM6SCxbCSdqHltthXVB1BCoyJKIsJCeiUA31Q7eD0kucbd14JOxUV1_CVzieN8E_ezYvjTvTolm0&google_hm=NDMxOTY3MTE1MzUzMDIwMzI3NQ%3D%3D

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIPNiYjDzuasJXwEVjhM6SCxbCSdqHltthXVB1BCoyJKIsJCeiUA31Q7eD0kucbd14JOxUV1_CVzieN8E_ezYvjTvTolm0&google_hm=NDMxOTY3MTE1MzUzMDIwMzI3NQ%3D%3D
date: Fri, 30 Jul 2021 14:36:23 GMT
content-length: 0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame A1A5 0
12 B 66ms
35ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KzjpPn0PyiMwj9RHhL4C6UKxHXYBDf909GI_sM49gIL3koxT2g_9lWEFiHnvrw8o2euJBV

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame B02C 35 B
463 B 649ms
32ms Image
image/gif 91.228.74.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEARIUn3Nbj4Ea1ocUnDnad8&google_cver=1&google_push=AYg5qPILOCa9giwmp1oSIaG9ueUMB-mM30zax2SkLxi0wlehsEIUN9mC3EIU2zlKgloxWxyac_e2m2y8uwID9tIsLVThy9K2ab1p

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.133 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B02C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPJZErvY4OIguoGdZgSjNH9NHrvyUKE8TS_SjU-BAVBFE1RiQJnWEnLsUijL9g-cMWmphtppkfJiKRUnssbrQL7vNwT7EUnz&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPJZErvY4OIguoGdZgSjNH9NHrvyUKE8TS_SjU-BAVBFE1RiQJnWEnLsUijL9g-cMWmphtppkfJiKRUnssbrQL7vNwT7EUn...

43 B
396 B

177ms
175ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPJZErvY4OIguoGdZgSjNH9NHrvyUKE8TS_SjU-BAVBFE1RiQJnWEnLsUijL9g-cMWmphtppkfJiKRUnssbrQL7vNwT7EUnz&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJZErvY4OIguoGdZgSjNH9NHrvyUKE8TS_SjU-BAVBFE1RiQJnWEnLsUijL9g-cMWmphtppkfJiKRUnssbrQL7vNwT7EUnz%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 676f51abce7d0eab-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 405
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 676f51aa9bec0eab-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJD5MiG7T-Eo4hz-zBa1cg0&google_cver=1&google_push=AYg5qPJZErvY4OIguoGdZgSjNH9NHrvyUKE8TS_SjU-BAVBFE1RiQJnWEnLsUijL9g-cMWmphtppkfJiKRUnssbrQL7vNwT7EUnz&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJZErvY4OIguoGdZgSjNH9NHrvyUKE8TS_SjU-BAVBFE1RiQJnWEnLsUijL9g-cMWmphtppkfJiKRUnssbrQL7vNwT7EUnz%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B02C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEN9mkui8usH-O06xhDWUlLg&google_cver=1&google_push=AYg5qPLrOh-6lCWdy0BPq3VES_zZoLMamd-0p17XnjFADL7B24BvZya9Kmmihmzxl0VRezScs1rYKCGyJexwX7...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5MDcyODM2MTQzMDU0NjU4NA%3D%3D&google_push=AYg5qPLrOh-6lCWdy0BPq3VES_zZoLMamd-0p17XnjFADL7B24BvZya9Kmmihmzxl0VRezScs1rYKCGyJexwX7Jr3I...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5MDcyODM2MTQzMDU0NjU4NA%3D%3D&google_push=AYg5qPLrOh-6lCWdy0BPq3VES_zZoLMamd-0p17XnjFADL7B24BvZya9Kmmihmzxl0VRezScs1rYKCGyJexwX7Jr3I1SyzyH5po

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk5MDcyODM2MTQzMDU0NjU4NA%3D%3D&google_push=AYg5qPLrOh-6lCWdy0BPq3VES_zZoLMamd-0p17XnjFADL7B24BvZya9Kmmihmzxl0VRezScs1rYKCGyJexwX7Jr3I1SyzyH5po
Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B02C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPwqE-yw7QZMK4tWmRjsRo0&google_cver=1&google_push=AYg5qPLnDuxdaQ25E3L1JP27qY0ORQeRn7J1kTgKHX4fLMrfLVjkwCo27S5ZaBbOoCeoc_yEoe4qF2KvkD7ToHoMH9EtKi0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLnDuxdaQ25E3L1JP27qY0ORQeRn7J1kTgKHX4fLMrfLVjkwCo27S5ZaBbOoCeoc_yEoe4qF2KvkD7ToHoMH9EtKi0x5QFP&google_hm=MzI3NDM0MDIxNjc4NzE5OT...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLnDuxdaQ25E3L1JP27qY0ORQeRn7J1kTgKHX4fLMrfLVjkwCo27S5ZaBbOoCeoc_yEoe4qF2KvkD7ToHoMH9EtKi0x5QFP&google_hm=MzI3NDM0MDIxNjc4NzE5OTc3Nw%3D%3D

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Jul 2021 14:36:24 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLnDuxdaQ25E3L1JP27qY0ORQeRn7J1kTgKHX4fLMrfLVjkwCo27S5ZaBbOoCeoc_yEoe4qF2KvkD7ToHoMH9EtKi0x5QFP&google_hm=MzI3NDM0MDIxNjc4NzE5OTc3Nw%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B02C
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELJtBha0E0Yp4q_w2lnyreE&google_cver=1&google_push=AYg5qPIBjClHtHovUm4zEF7wY3xN2GqkwT_caAtvLuzVls3Y2JBXKCYUHzr5EV0_nYstMmk9vW1Qny8GTztnMto...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=OL8ZP9ZERItV0hju5gbesMPy1eU&google_push=AYg5qPIBjClHtHovUm4zEF7wY3xN2GqkwT_caAtvLuzVls3Y2JBXKCYUHzr5EV0_nYstMmk9vW1Qny8GTztnMt...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=OL8ZP9ZERItV0hju5gbesMPy1eU&google_push=AYg5qPIBjClHtHovUm4zEF7wY3xN2GqkwT_caAtvLuzVls3Y2JBXKCYUHzr5EV0_nYstMmk9vW1Qny8GTztnMtoY82660aer6Dva

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=OL8ZP9ZERItV0hju5gbesMPy1eU&google_push=AYg5qPIBjClHtHovUm4zEF7wY3xN2GqkwT_caAtvLuzVls3Y2JBXKCYUHzr5EV0_nYstMmk9vW1Qny8GTztnMtoY82660aer6Dva
Date: Fri, 30 Jul 2021 14:36:24 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B02C
Redirect Chain

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPI7jXJIDcWgPIrIbrhkkq9rnnbGmAJy2W2Bu1Zs7tnRJpQ_LMftKj5b7R6gftam9eEOCJZ-_Br5W1...
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPI7jXJIDcWgPIrIbrhkkq9rnnbGmAJy2W2Bu1Zs7tnRJpQ_LMftKj5b7R6gftam9eEOCJZ-_Br5W1dVYpTy76SVKtAS_rtu&google_hm=3cacb158-8401-48b7-8f...

170 B
188 B

40ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPI7jXJIDcWgPIrIbrhkkq9rnnbGmAJy2W2Bu1Zs7tnRJpQ_LMftKj5b7R6gftam9eEOCJZ-_Br5W1dVYpTy76SVKtAS_rtu&google_hm=3cacb158-8401-48b7-8f98-35c68bff49f9

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPI7jXJIDcWgPIrIbrhkkq9rnnbGmAJy2W2Bu1Zs7tnRJpQ_LMftKj5b7R6gftam9eEOCJZ-_Br5W1dVYpTy76SVKtAS_rtu&google_hm=3cacb158-8401-48b7-8f98-35c68bff49f9
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame B02C 42 B
233 B 379ms
129ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEGGIbFPwCDBGSJk9JMUQtt0&google_cver=1&google_push=AYg5qPJ_BjXvkfVp-qG9VNYr3pzdvrF9LRKjjoEvoFn-I48Op3RYWDH6ZDSbh1F3stYZGkeK1kPtNvqyCKQSblHC7O8JAz86pyYLgw
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame B02C 0
12 B 56ms
36ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkBF1WD6K-KxpHWl7ZYluBwkrxPg76rLbRh9XBGyms3026zL2LCPp_6qPauEBpRpFAyNldTA

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 63DE
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEDId5CVfxEf25F5hjLwrZo8&google_cver=1&google_push=AYg5qPJ2DZuMTMKKpmBBa0PyxkGEgBkMCDzEvkdPMHJX_9ebL_G9TfDG4ot1vBtz_7rz-eMKaa_TcDc361WEsQWTu0z54-4...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJ2DZuMTMKKpmBBa0PyxkGEgBkMCDzEvkdPMHJX_9ebL_G9TfDG4ot1vBtz_7rz-eMKaa_TcDc361WEsQWTu0z54-4V5kU&google_hm=ODU5NjEzNTEy...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
816 B

44ms
44ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 14:36:24 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 63DE 0
136 B 93ms
36ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDAnZZfzv7rvdnrKXZDBAD0&google_cver=1&google_push=AYg5qPJ-5Ldyyh-XzPuqaaW7yBPJYGaaMCSXoulG736Ssp2G1hd9n1eG1rvmuGix7lKBdw6S9RjjEeVC5W_HWCMhTGRkjB1W-uQ
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 google
alt-svc: clear

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 63DE
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEOhfTzCim2n0r6pHnUwEbL0&google_cver=1&google_push=AYg5qPKKqTi-FYek1HbzWGKHdVVJOvjM9tmeDH7Y1YABo8oP2bl7UqFmbxNQISIizNjLDeg7zpZjHqjqhHNP5YrF_1JSOhy...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEOhfTzCim2n0r6pHnUwEbL0&google_cver=1&google_push=AYg5qPKKqTi-FYek1HbzWGKHdVVJOvjM9tmeDH7Y1YABo8oP2bl7UqFmbxNQISIizNjLDeg7zpZjHqjqhHNP5YrF_1JSO...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKKqTi-FYek1HbzWGKHdVVJOvjM9tmeDH7Y1YABo8oP2bl7UqFmbxNQISIizNjLDeg7zpZjHqjqhHNP5YrF_1JSOhym-p0

170 B
188 B

40ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKKqTi-FYek1HbzWGKHdVVJOvjM9tmeDH7Y1YABo8oP2bl7UqFmbxNQISIizNjLDeg7zpZjHqjqhHNP5YrF_1JSOhym-p0

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKKqTi-FYek1HbzWGKHdVVJOvjM9tmeDH7Y1YABo8oP2bl7UqFmbxNQISIizNjLDeg7zpZjHqjqhHNP5YrF_1JSOhym-p0
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 63DE
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=h9lEPmpMReuPm4G2aVgKcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

37ms
37ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=h9lEPmpMReuPm4G2aVgKcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOsI-sUT0y2I6xKpOKsoU26lYdpcCBljWv0AsmA5BIcb3ebbTuqnQZ2eqpVPDwpT1xrhni0Wl9dZtVyW8QO32P5Wu1etQ

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=h9lEPmpMReuPm4G2aVgKcQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJOsI-sUT0y2I6xKpOKsoU26lYdpcCBljWv0AsmA5BIcb3ebbTuqnQZ2eqpVPDwpT1xrhni0Wl9dZtVyW8QO32P5Wu1etQ
date: Fri, 30 Jul 2021 14:36:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 63DE
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESELyTEsUW5RHaG7B9C8BFSos&google_cver=1&google_push=AYg5qPJTAOvrOn1UTCBWzLEcILaPtOaHiwDUonU8nE9FEpTyPY-pOWI7ThdgKStyyA7fOltInklc9...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPJTAOvrOn1UTCBWzLEcILaPtOaHiwDUonU8nE9FEpTyPY-pOWI7ThdgKStyyA7fOltInklc9A0nB_O3IKLal6bRjzrCyVE&google_hm=WVFRT2FNQ284...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPJTAOvrOn1UTCBWzLEcILaPtOaHiwDUonU8nE9FEpTyPY-pOWI7ThdgKStyyA7fOltInklc9A0nB_O3IKLal6bRjzrCyVE&google_hm=WVFRT2FNQ284WGtBQUoudDZFUUFBQUFB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 21
Date: Fri, 30 Jul 2021 14:36:24 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESELyTEsUW5RHaG7B9C8BFSos&google_cver=1&google_push=AYg5qPJTAOvrOn1UTCBWzLEcILaPtOaHiwDUonU8nE9FEpTyPY-pOWI7ThdgKStyyA7fOltInklc9A0nB_O3IKLal6bRjzrCyVE","cluster_id":21,"gdpr":false,"ipv4":"195.242.213.229","key":"YQQOaMCo8XkAAJ.t6EQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40195"}
X-SO-Ads-Time: 3
X-SO-Key: YQQOaMCo8XkAAJ.t6EQAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40195
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AYg5qPJTAOvrOn1UTCBWzLEcILaPtOaHiwDUonU8nE9FEpTyPY-pOWI7ThdgKStyyA7fOltInklc9A0nB_O3IKLal6bRjzrCyVE&google_hm=WVFRT2FNQ284WGtBQUoudDZFUUFBQUFB
Cache-Control: private
X-SO-HostName: a-ad40195.dc2p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: m-tgng21.dc4p.scaleout.jp
X-SO-IP: 195.242.213.229

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 63DE 42 B
233 B 365ms
116ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEGGIbFPwCDBGSJk9JMUQtt0&google_cver=1&google_push=AYg5qPLXzCmuyA42eYEAZgCRxf4yyAA0RULeTZA5rSX_hhkUTLG8k2q9DrOroCdYpQl6hrP3AmWWUs1EwVIkDWAu6_q7YJbKv7gt
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 63DE
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHes_xZplTuPIz2oHuqvHEs&google_cver=1&google_push=AYg5qPJtSUB9Qzr58Zju7NgZ3nW9yVf25DPVmUNP3lao4mh4zIt9WpYiW-83ubyd213qPoSoKdQfexBWuZ1S3rz7av4qlcX...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJtSUB9Qzr58Zju7NgZ3nW9yVf25DPVmUNP3lao4mh4zIt9WpYiW-83ubyd213qPoSoKdQfexBWuZ1S3rz7av4qlcXX3SUZ&google_hm=MTExMzQyODE...

170 B
188 B

40ms
39ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJtSUB9Qzr58Zju7NgZ3nW9yVf25DPVmUNP3lao4mh4zIt9WpYiW-83ubyd213qPoSoKdQfexBWuZ1S3rz7av4qlcXX3SUZ&google_hm=MTExMzQyODE0MDQ3ODA4MjA3Ng==

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPJtSUB9Qzr58Zju7NgZ3nW9yVf25DPVmUNP3lao4mh4zIt9WpYiW-83ubyd213qPoSoKdQfexBWuZ1S3rz7av4qlcXX3SUZ&google_hm=MTExMzQyODE0MDQ3ODA4MjA3Ng==
Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 63DE 0
12 B 55ms
36ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IluZp0ZCiLusTxbC_9u2QmX1O-S2n-PDrZUYAeqewHBRttufSSS-60PyRHGwFLBJ2Ogg-AhbM

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index.html Show response
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame B467 15 KB
4 KB 241ms
230ms Document
text/html 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCHbp6Zg4EYYrNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBN4BT9CGw46EnODVhA97fkJUYoUBZOBvuaggWK5q_3PTln7zCeNM0HucnWNLRZJggyey857IDcmYjiq0AFhbOSTbtkz8-DmOMurOZBUUeHVOf2wEff82uooW-SsVxvbvmOmTpch3dcdl0ycjBqJ0PBK_zKbcm0eHLIRG-hfB3LY7Q5rtC4Z1Vm1em4Ab8H8yjCoZ3IS59Yw0KOsogwbE4cKekbDnMkr3XceKEnTq6b5TaiW261beM6Umvx4BdNUGM_VdAcSQ-TfuJ0_FI_xO85HqORjLtDOA9VPJkliP7f9TwATdk8miwwPgBAGgBhGAB_nCySWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBuAwB2BMK0BUBmBYBgBcB%26num%3D1%26sig%3DAOD64_1lw0FtE6nuo29b_28JVHh3O7KiGw%26client%3Dca-pub-4627517680249670%26adurl%3D&cb=895977925
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f9424c9efc7e93c3d65b907a63a53aba61ee0e8c837d2bc6cd452ce850e9aa

Request headers

:method: GET
:authority: storage.bannernow.com
:scheme: https
:path: /d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-type: text/html
x-amz-id-2: 9jmOm7sbCbihe8lTwYA1T5MvtRD+HAaXSLqUmjR37UhFZI/ZjKNh5PnfkCW0UjBrwRfwRjzV6iI=
x-amz-request-id: 19G2VGXZ01KCDZ4N
cache-control: public, max-age=0, s-maxage=1200
last-modified: Tue, 06 Jul 2021 08:03:50 GMT
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 676f51aa983adff7-FRA
content-encoding: gzip

GET
H2 200 index.html Show response
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame 2C62 15 KB
4 KB 211ms
209ms Document
text/html 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCZggCZg4EYYnNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBN4BT9BVq8k1e2e96gDLFA-XkG7OuFMy7C-Ro4dYa2mrM60_KXOl3Lmkx-OyaQw9cITD-yk61YdU3QxPIfi3gq5GRKk4PNUEVptJLsiqqU9d2Hab2PYuqz_IOfJGP4QTFqtaqTHxhsyBZJFzI7oGu9eCNBa1h52LXRDiNbxTvlqJTeFJAqWyfhwfopDGDDgxPVY_uAoDKHwxCzP2eR0rTJkxiAA9PuDd8dYGztmFhMp4d_uEpX4LDsV_3go0z2PK7IlqkiklKJfn8kePz9z72u_PmXp4ndWgu04mO-GxTVtwwATdk8miwwPgBAGgBhGAB_nCySWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBuAwB2BMK0BUBmBYBgBcB%26num%3D1%26sig%3DAOD64_1XuVYk6kKHa0K9iXJmpauNIc7i1g%26client%3Dca-pub-4627517680249670%26adurl%3D&cb=1193582478
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f9424c9efc7e93c3d65b907a63a53aba61ee0e8c837d2bc6cd452ce850e9aa

Request headers

:method: GET
:authority: storage.bannernow.com
:scheme: https
:path: /d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-type: text/html
x-amz-id-2: 9jmOm7sbCbihe8lTwYA1T5MvtRD+HAaXSLqUmjR37UhFZI/ZjKNh5PnfkCW0UjBrwRfwRjzV6iI=
x-amz-request-id: 19G2VGXZ01KCDZ4N
cache-control: public, max-age=0, s-maxage=1200
last-modified: Tue, 06 Jul 2021 08:03:50 GMT
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 676f51aa983ddff7-FRA
content-encoding: gzip

GET
H2 200 index.html Show response
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame 1C84 15 KB
4 KB 230ms
228ms Document
text/html 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DC1H2KZg4EYYjNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBN4BT9CGuA3XHYQiB3EZfYBUbT429cA3eE_jpZiV_Ko6U3kBjuiRk5oxcNkoT1os7XOca7H27EqaDZpgAXyq0KQLcmwO4hQKaH_0xivdE23CXbJ75hiUFCkOJF01p4Qw5s0i0W2Mt11AjVXCc6or_PZSegmrQ_vDOmv33UIffnKWlIjDxIyX9lcE0rMhMFV0Idxg_lKDIXMU12vvh3lfmzkPLuCWnO_v0-XJYxhzfZtIGUIwYCrAZjWYF8WsySsMztckkFi_rfUazdl3ZsrQDCT0ye3BPCU2_6CLEPagHUO_wATdk8miwwPgBAGgBhGAB_nCySWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBuAwB2BMK0BUBmBYBgBcB%26num%3D1%26sig%3DAOD64_1a8WMuy78_y35685gMLVSE5Yi1kQ%26client%3Dca-pub-4627517680249670%26adurl%3D&cb=1460007242
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f9424c9efc7e93c3d65b907a63a53aba61ee0e8c837d2bc6cd452ce850e9aa

Request headers

:method: GET
:authority: storage.bannernow.com
:scheme: https
:path: /d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-type: text/html
x-amz-id-2: 9jmOm7sbCbihe8lTwYA1T5MvtRD+HAaXSLqUmjR37UhFZI/ZjKNh5PnfkCW0UjBrwRfwRjzV6iI=
x-amz-request-id: 19G2VGXZ01KCDZ4N
cache-control: public, max-age=0, s-maxage=1200
last-modified: Tue, 06 Jul 2021 08:03:50 GMT
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 676f51aa983edff7-FRA
content-encoding: gzip

GET
H2 200 index.html Show response
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame 3BBB 15 KB
4 KB 218ms
218ms Document
text/html 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/embed.js?responsive=0&bnTag=https://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DCmq2hZg4EYYvNJ-KS7_UPvfaemAe3kMvIY_iI7cDkDeiqtpWLAxABIO_2kCFg9ZXOgeAEoAHvvLbaA8gBCakCz-kzGhWKsj7gAgCoAwGqBN4BT9DTWISvRG571DMx85WHQVVTXEC6-bA3u7bK9JO68KKB2LumxWJKwHkyap6Lfolm9XXNrlV9i2zPjZ_2yCLdDeVYN1vX3KFXwNG0PcNPR8GWWLRwDaS5qbr5UBralQ-JCbdYqzXRUBwXwWfWyjKYpdWZ8XAB7cQItZNEgRX310phT1jB_K-NKTaWM35gqHAIYaDQEoi2qmVBDBMn1lSiH26I-Dx4ix0S6LbjMQ7JiSjMmb3_0LlT5D2utZGik9Avrdj_rm110R2mfNOiEbnms9yPcl6ezwWODuysIzGFwATdk8miwwPgBAGgBhGAB_nCySWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgGEQARgdgAoDmAsByAsBgAwBuAwB2BMK0BUBmBYBgBcB%26num%3D1%26sig%3DAOD64_3rD4vyGV5Q5oOucVVlvCSvlxvzvQ%26client%3Dca-pub-4627517680249670%26adurl%3D&cb=545669517
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f9424c9efc7e93c3d65b907a63a53aba61ee0e8c837d2bc6cd452ce850e9aa

Request headers

:method: GET
:authority: storage.bannernow.com
:scheme: https
:path: /d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-type: text/html
x-amz-id-2: 9jmOm7sbCbihe8lTwYA1T5MvtRD+HAaXSLqUmjR37UhFZI/ZjKNh5PnfkCW0UjBrwRfwRjzV6iI=
x-amz-request-id: 19G2VGXZ01KCDZ4N
cache-control: public, max-age=0, s-maxage=1200
last-modified: Tue, 06 Jul 2021 08:03:50 GMT
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 676f51aa983fdff7-FRA
content-encoding: gzip

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B98B 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Thu, 29 Jul 2021 08:25:04 GMT
expires: Fri, 29 Jul 2022 08:25:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 108680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame DE49 28 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1609938328780/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 12:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Jul 2021 12:29:18 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D3F3
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFImLCSHY7uJvl7ai7csJ-o&google_cver=1&google_push=AYg5qPJHYsH6HbW1guh8pqL4cRO3dUXTSpxQz-3AD_X2ifx-KvyupJJbPjTopzn78umqayo5QhjsQwp...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEFImLCSHY7uJvl7ai7csJ-o&google_cver=1&google_push=AYg5qPJHYsH6HbW1guh8pqL4cRO3dUXTSpxQz-3AD_X2ifx-KvyupJJbPjTopzn78umqa...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=IP62xzRsTu-I-AhnZYf43WEEDmg

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=IP62xzRsTu-I-AhnZYf43WEEDmg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:23 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=IP62xzRsTu-I-AhnZYf43WEEDmg
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D3F3
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESELqZy_OOL9pfWCo6fxMDkk4&google_cver=1&google_push=AYg5qPKNyTLu97yKQWWjVivhGc8FqjxcZba5Ovu2iysMPBmwWngWS85w_QuUvNyJUCzyopKuGzg49mrhIpxAar3fpDkIaFZkWA
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Rjg1NDY0RjkyMTE1NTkzQQ==

170 B
188 B

39ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Rjg1NDY0RjkyMTE1NTkzQQ==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=Rjg1NDY0RjkyMTE1NTkzQQ==
date: Fri, 30 Jul 2021 14:36:24 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D3F3
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEFb8dvZzs3VI6ReR3IOCYiM&google_cver=1&google_push=AYg5qPL_OAL2kECsyqGf9lkHaPLfI-TXJpyLMcqKJhTRgOAtyFmfK7vGlJQ3KlIPsICQBZkFRZLZ2PvPlm1...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPL_OAL2kECsyqGf9lkHaPLfI-TXJpyLMcqKJhTRgOAtyFmfK7vGlJQ3KlIPsICQBZkFRZLZ2PvPlm1u81dQkTUsrJGhcNo

170 B
188 B

41ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPL_OAL2kECsyqGf9lkHaPLfI-TXJpyLMcqKJhTRgOAtyFmfK7vGlJQ3KlIPsICQBZkFRZLZ2PvPlm1u81dQkTUsrJGhcNo

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AYg5qPL_OAL2kECsyqGf9lkHaPLfI-TXJpyLMcqKJhTRgOAtyFmfK7vGlJQ3KlIPsICQBZkFRZLZ2PvPlm1u81dQkTUsrJGhcNo
Date: Fri, 30 Jul 2021 14:36:24 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D3F3
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC_Sdts5Cf0FXmwWlhoHgY4&google_cver=1&google_push=AYg5qPI4Zat1cVhE65mmvDx2lAnFSHBl3UnaAS2ol7ppKVehMC_F_WMtVj_Plwg-5eoK-CLfqGs64gVebp_N6sUyU9nt...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEC_Sdts5Cf0FXmwWlhoHgY4&google_cver=1&google_push=AYg5qPI4Zat1cVhE65mmvDx2lAnFSHBl3UnaAS2ol7ppKVehMC_F_WMtVj_Plwg-5eoK-CLfqGs64gVebp_N6s...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI4Zat1cVhE65mmvDx2lAnFSHBl3UnaAS2ol7ppKVehMC_F_WMtVj_Plwg-5eoK-CLfqGs64gVebp_N6sUyU9nt0U0UpDc&google_hm=flsTi_XrTPKca-bhTN5eRw==

170 B
188 B

41ms
40ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI4Zat1cVhE65mmvDx2lAnFSHBl3UnaAS2ol7ppKVehMC_F_WMtVj_Plwg-5eoK-CLfqGs64gVebp_N6sUyU9nt0U0UpDc&google_hm=flsTi_XrTPKca-bhTN5eRw==

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI4Zat1cVhE65mmvDx2lAnFSHBl3UnaAS2ol7ppKVehMC_F_WMtVj_Plwg-5eoK-CLfqGs64gVebp_N6sUyU9nt0U0UpDc&google_hm=flsTi_XrTPKca-bhTN5eRw==
date: Fri, 30 Jul 2021 14:36:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D3F3
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W0DOwWgdRV-4-eZCrm_laQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W0DOwWgdRV-4-eZCrm_laQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJZAJDrN_GW4KA291DGd10jMclMx7x_Y4TtLzcs6pLdJ06a4dY4HPbZDy2lTB-E_Q3wcQ_s2m_9OKJWAbP-nwKE_JCOEw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=W0DOwWgdRV-4-eZCrm_laQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJZAJDrN_GW4KA291DGd10jMclMx7x_Y4TtLzcs6pLdJ06a4dY4HPbZDy2lTB-E_Q3wcQ_s2m_9OKJWAbP-nwKE_JCOEw
date: Fri, 30 Jul 2021 14:36:23 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame D3F3
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
https://sync.targeting.unrulymedia.com/csync/RX-2b9f819d-7811-447b-b2ee-294c77bc9d9e-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPK6kczhxLxJo6P80hPLH...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6kczhxLxJo6P80hPLHMOxEUps7EKfIlGXlcJXmX19fvbdaNMb7CGIq7GtAm7ItQ-eIlNn7oBUgA1Epj68hhhY1vO0JQ&google_hm=AyufgZ14EUR7su4pTHe8nZ4

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6kczhxLxJo6P80hPLHMOxEUps7EKfIlGXlcJXmX19fvbdaNMb7CGIq7GtAm7ItQ-eIlNn7oBUgA1Epj68hhhY1vO0JQ&google_hm=AyufgZ14EUR7su4pTHe8nZ4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPK6kczhxLxJo6P80hPLHMOxEUps7EKfIlGXlcJXmX19fvbdaNMb7CGIq7GtAm7ItQ-eIlNn7oBUgA1Epj68hhhY1vO0JQ&google_hm=AyufgZ14EUR7su4pTHe8nZ4
date: Fri, 30 Jul 2021 14:36:24 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX2b9f819d7811447bb2ee294c77bc9d9e003
content-type: text/html

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame D3F3 0
44 B 1047ms
264ms Image
text/plain 35.72.120.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEA6wjcWsSFoiEoSz3s3K7SI&google_cver=1&google_push=AYg5qPJmL8Rux0djCl_N3QRMJY7r_8QOtdgrXz8Io7mOZLA1S3pRks_xAyzcc0M9kPbuZ-xU5ygOkt3dDAC6AnevPp4jID0cQw
Requested by: Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.72.120.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-72-120-200.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:25 GMT
server: awselb/2.0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame D3F3 0
12 B 40ms
37ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBtzWnvC5H6CNofzJC2HL059L3Bn3OSh4j5KKvceBw8QOBVjtzATH8zYnUUErIwUB2A4zc

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 CoopCondBd.woff
s0.2mdn.net/9506911/1609938328780/ Frame DE49 29 KB
29 KB 9ms
9ms Font
font/woff 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9506911/1609938328780/CoopCondBd.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1609938328780/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b176462a62d19e5a2af4cc0a845119d0389aae23ef15decd83efd182c91c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 09:10:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:29 GMT
server: sffe
age: 19563
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29944
x-xss-protection: 0
expires: Sat, 31 Jul 2021 09:10:21 GMT

GET
H3-29 200 CoopBd.woff
s0.2mdn.net/9506911/1609938328780/ Frame DE49 32 KB
32 KB 12ms
11ms Font
font/woff 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9506911/1609938328780/CoopBd.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9506911/1609938328780/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

660dafdc78011b6e915b39cbfd9546c82a36aa6c20bfc6a75e144bc700a290a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 05:18:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:28 GMT
server: sffe
age: 33495
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32612
x-xss-protection: 0
expires: Sat, 31 Jul 2021 05:18:09 GMT

GET
H3-29 200 Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js Show response
pagead2.googlesyndication.com/bg/ Frame B98B 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 11:59:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 95790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13367
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Jul 2022 11:59:54 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9E7E 0
23 B 102ms
66ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Kontrast-300.png
s0.2mdn.net/9506911/1609938328780/ Frame DE49 31 KB
31 KB 9ms
8ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9506911/1609938328780/Kontrast-300.png

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96e96292bf35ab4cfa60cf8f26578f55bacf27297ed4d97f7110a70e29229e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 05:18:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:29 GMT
server: sffe
age: 33495
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31808
x-xss-protection: 0
expires: Sat, 31 Jul 2021 05:18:09 GMT

GET
H3-29 200 Eier-90_1.png
s0.2mdn.net/9506911/1609938328780/ Frame DE49 5 KB
5 KB 12ms
10ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9506911/1609938328780/Eier-90_1.png

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48a989caa0e4be8c09df7aae34ca650aa4b0973825d092f3b500252f9df01ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 05:18:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:29 GMT
server: sffe
age: 33495
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4892
x-xss-protection: 0
expires: Sat, 31 Jul 2021 05:18:09 GMT

GET
H3-29 200 spaghetti-160_1.png
s0.2mdn.net/9506911/1609938328780/ Frame DE49 7 KB
7 KB 16ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9506911/1609938328780/spaghetti-160_1.png

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db20203d2e3d3c689bae6647f1977fb9bb644c2b07408b0aedcad5005b428586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 09:10:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:29 GMT
server: sffe
age: 19562
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6832
x-xss-protection: 0
expires: Sat, 31 Jul 2021 09:10:22 GMT

GET
H3-29 200 Apfel-140_1.png
s0.2mdn.net/9506911/1609938328780/ Frame DE49 7 KB
7 KB 15ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9506911/1609938328780/Apfel-140_1.png

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

940bdc70144188b863d137858d188c5bc8f06fb824ce9f8a6a146bae52e7b56f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 05:18:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:29 GMT
server: sffe
age: 33495
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6896
x-xss-protection: 0
expires: Sat, 31 Jul 2021 05:18:09 GMT

GET
H3-29 200 johannisberg-150_1.png
s0.2mdn.net/9506911/1609938328780/ Frame DE49 6 KB
6 KB 15ms
13ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9506911/1609938328780/johannisberg-150_1.png

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78a69854cfec0c81eb2984ec5479bdcd88f9502879e78e34518113eda582856a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 09:10:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:29 GMT
server: sffe
age: 19562
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6388
x-xss-protection: 0
expires: Sat, 31 Jul 2021 09:10:22 GMT

GET
H3-29 200 Rectangle_31-150_1.png
s0.2mdn.net/9506911/1609938328780/ Frame DE49 7 KB
7 KB 14ms
12ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9506911/1609938328780/Rectangle_31-150_1.png

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d11d75780091a50f5ff6f06a98e7deec983dd51413d915368dc4460c41268e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 09:10:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:28 GMT
server: sffe
age: 19562
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7541
x-xss-protection: 0
expires: Sat, 31 Jul 2021 09:10:22 GMT

GET
H3-29 200 hakle-140_1.png
s0.2mdn.net/9506911/1609938328780/ Frame DE49 12 KB
12 KB 14ms
12ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9506911/1609938328780/hakle-140_1.png

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e21db5f5131558eb01e4241849ed66cf6ce8f0832773fff68d3f80f3c908d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 05:18:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:28 GMT
server: sffe
age: 33495
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12670
x-xss-protection: 0
expires: Sat, 31 Jul 2021 05:18:09 GMT

GET
H3-29 200 Kontrast-300-Henkel.png
s0.2mdn.net/9506911/1609938328780/ Frame DE49 3 KB
3 KB 13ms
11ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9506911/1609938328780/Kontrast-300-Henkel.png

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cbb58dea630e6854e6c5912004d1ec97ad9829d50725234801b850bc811d3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 09:10:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:28 GMT
server: sffe
age: 19562
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2632
x-xss-protection: 0
expires: Sat, 31 Jul 2021 09:10:22 GMT

GET
H3-29 200 coop.jpg
s0.2mdn.net/9506911/1609938328780/ Frame DE49 7 KB
7 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9506911/1609938328780/coop.jpg

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc88881c267493814ada96b0cb57897aa9ff44610d2da1a67656c3cbcc0a874a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 05:18:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:28 GMT
server: sffe
age: 33495
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7509
x-xss-protection: 0
expires: Sat, 31 Jul 2021 05:18:09 GMT

GET
H3-29 200 Coop-Icon.png
s0.2mdn.net/9506911/1609938328780/ Frame DE49 4 KB
4 KB 11ms
10ms Image
image/png 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9506911/1609938328780/Coop-Icon.png

Requested by

Host: 4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
URL: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75519df306ca3d5504dc66f8e3398dc30f976a5859725309b90a0f2a3fdea6ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9506911/1609938328780/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 05:18:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:05:28 GMT
server: sffe
age: 33495
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3753
x-xss-protection: 0
expires: Sat, 31 Jul 2021 05:18:09 GMT

GET
H2 200 fallback.gif
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame 2C62 39 KB
39 KB 248ms
248ms Image
image/gif 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/fallback.gif
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ac003be34fcbf3129f1ebd4153e8f42c9eea954f3cc556b3c646fa8a6226de

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Jul 2021 08:03:53 GMT
server: cloudflare
x-amz-request-id: ZZWPZ2HJ1XZ6AXGM
etag: "232cc42453b4b42dcc82023b77709ffb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=0, s-maxage=1200
accept-ranges: bytes
cf-ray: 676f51abfa32dff7-FRA
content-length: 39757
x-amz-id-2: 0zchsH0fZZmCxAzienZH0DNLw806hq/xMc9EdwsBJLEzytOPN8ES3QEHuokdRNXBy+lMuZW7J9E=

GET
H3-29 200 tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2C62 108 KB
36 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36734
x-xss-protection: 0
last-modified: Fri, 03 Jun 2016 20:37:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jul 2021 14:36:24 GMT

GET
H2 200 bn_1.0.0.min.js Show response
storage.bannernow.com/resources/lib/ Frame 2C62 88 KB
25 KB 18ms
17ms Script
application/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d8f47ba3fc9f8abe199256c4a10e740350824da156811d038a795186e03985b

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 11:14:47 GMT
server: cloudflare
age: 649
etag: W/"8169d9965ac945c36744c4e170e8cc59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 676f51ac0a3edff7-FRA
x-amz-request-id: G9S67KPWNYMS94N4
x-amz-id-2: Ko808/0AHlhV5Jg/JxUcxgos3srCmvYTx+sKaQPcXuLxqBVFg1/TiGlUqYFhs8azwJp5CJu6pvs=

GET
H2 200 fallback.gif
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame 3BBB 39 KB
39 KB 254ms
252ms Image
image/gif 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/fallback.gif
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ac003be34fcbf3129f1ebd4153e8f42c9eea954f3cc556b3c646fa8a6226de

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Jul 2021 08:03:53 GMT
server: cloudflare
x-amz-request-id: ZZWPZ2HJ1XZ6AXGM
etag: "232cc42453b4b42dcc82023b77709ffb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=0, s-maxage=1200
accept-ranges: bytes
cf-ray: 676f51ac1a64dff7-FRA
content-length: 39757
x-amz-id-2: 0zchsH0fZZmCxAzienZH0DNLw806hq/xMc9EdwsBJLEzytOPN8ES3QEHuokdRNXBy+lMuZW7J9E=

GET
H3-29 200 tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3BBB 108 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36734
x-xss-protection: 0
last-modified: Fri, 03 Jun 2016 20:37:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jul 2021 14:36:24 GMT

GET
H2 200 bn_1.0.0.min.js Show response
storage.bannernow.com/resources/lib/ Frame 3BBB 88 KB
25 KB 29ms
28ms Script
application/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d8f47ba3fc9f8abe199256c4a10e740350824da156811d038a795186e03985b

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 11:14:47 GMT
server: cloudflare
age: 649
etag: W/"8169d9965ac945c36744c4e170e8cc59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 676f51ac1a68dff7-FRA
x-amz-request-id: G9S67KPWNYMS94N4
x-amz-id-2: Ko808/0AHlhV5Jg/JxUcxgos3srCmvYTx+sKaQPcXuLxqBVFg1/TiGlUqYFhs8azwJp5CJu6pvs=

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ Frame 1234 131 KB
39 KB 13ms
13ms Script
application/javascript 2600:9000:2190:7400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd1a968632f27995087d32ae53e4d1d8a8369ad6ef0661d1ee9b7136efaaa952

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P2KlG88DFyfr6cspDnOEIqME2MFlQuIv
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 10:44:37 GMT
server: AmazonS3
age: 13901
etag: W/"44e0a7be1bafab69786ffe71431ac2a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
date: Fri, 30 Jul 2021 10:44:43 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: QxbOoaXA-EjAYSnwWaxZwyknlyNzLrMJKcTBio5vhGnFch_B8t08DQ==

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ Frame 4116 131 KB
39 KB 18ms
17ms Script
application/javascript 2600:9000:2190:7400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a19415bca7d20948dc84ed1c81824ad3545eb71ed53b8b5e46e14c4067e7b6f8

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HyL8A7aIi5b6S8805xIeNdhn3FBzo1IW
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 08:30:07 GMT
server: AmazonS3
age: 56865
etag: W/"806b21a25178130056c02edefeabd9f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
date: Thu, 29 Jul 2021 22:48:40 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: JEEtoYuAR6cn29wN9TGpZsuA4ZaOwVGxfLywmgWd6ar6zgpCcQLOmw==

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ Frame 4116 131 KB
39 KB 14ms
13ms Script
application/javascript 2600:9000:2190:7400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd1a968632f27995087d32ae53e4d1d8a8369ad6ef0661d1ee9b7136efaaa952

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P2KlG88DFyfr6cspDnOEIqME2MFlQuIv
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 10:44:37 GMT
server: AmazonS3
age: 13901
etag: W/"44e0a7be1bafab69786ffe71431ac2a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
date: Fri, 30 Jul 2021 10:44:43 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: uPBvA98eiU_JBh2C8jutMqbHa0VG5xCBAVpXqc_u5cnpJ0Ez2cf7_w==

GET
H2 200 fallback.gif
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame 1C84 39 KB
39 KB 224ms
223ms Image
image/gif 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/fallback.gif
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ac003be34fcbf3129f1ebd4153e8f42c9eea954f3cc556b3c646fa8a6226de

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Jul 2021 08:03:53 GMT
server: cloudflare
x-amz-request-id: ZZWPZ2HJ1XZ6AXGM
etag: "232cc42453b4b42dcc82023b77709ffb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=0, s-maxage=1200
accept-ranges: bytes
cf-ray: 676f51ac3a88dff7-FRA
content-length: 39757
x-amz-id-2: 0zchsH0fZZmCxAzienZH0DNLw806hq/xMc9EdwsBJLEzytOPN8ES3QEHuokdRNXBy+lMuZW7J9E=

GET
H3-29 200 tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1C84 108 KB
36 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36734
x-xss-protection: 0
last-modified: Fri, 03 Jun 2016 20:37:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jul 2021 14:36:24 GMT

GET
H2 200 bn_1.0.0.min.js Show response
storage.bannernow.com/resources/lib/ Frame 1C84 88 KB
25 KB 16ms
14ms Script
application/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d8f47ba3fc9f8abe199256c4a10e740350824da156811d038a795186e03985b

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 11:14:47 GMT
server: cloudflare
age: 649
etag: W/"8169d9965ac945c36744c4e170e8cc59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 676f51ac3a91dff7-FRA
x-amz-request-id: G9S67KPWNYMS94N4
x-amz-id-2: Ko808/0AHlhV5Jg/JxUcxgos3srCmvYTx+sKaQPcXuLxqBVFg1/TiGlUqYFhs8azwJp5CJu6pvs=

GET
H2 200 fallback.gif
storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/ Frame B467 39 KB
39 KB 220ms
218ms Image
image/gif 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/fallback.gif
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ac003be34fcbf3129f1ebd4153e8f42c9eea954f3cc556b3c646fa8a6226de

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 06 Jul 2021 08:03:53 GMT
server: cloudflare
x-amz-request-id: ZZWPZ2HJ1XZ6AXGM
etag: "232cc42453b4b42dcc82023b77709ffb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=0, s-maxage=1200
accept-ranges: bytes
cf-ray: 676f51ac3a93dff7-FRA
content-length: 39757
x-amz-id-2: 0zchsH0fZZmCxAzienZH0DNLw806hq/xMc9EdwsBJLEzytOPN8ES3QEHuokdRNXBy+lMuZW7J9E=

GET
H3-29 200 tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B467 108 KB
36 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js

Requested by

Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36734
x-xss-protection: 0
last-modified: Fri, 03 Jun 2016 20:37:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jul 2021 14:36:24 GMT

GET
H2 200 bn_1.0.0.min.js Show response
storage.bannernow.com/resources/lib/ Frame B467 88 KB
25 KB 22ms
22ms Script
application/javascript 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d8f47ba3fc9f8abe199256c4a10e740350824da156811d038a795186e03985b

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 11:14:47 GMT
server: cloudflare
age: 649
etag: W/"8169d9965ac945c36744c4e170e8cc59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 676f51ac3a97dff7-FRA
x-amz-request-id: G9S67KPWNYMS94N4
x-amz-id-2: Ko808/0AHlhV5Jg/JxUcxgos3srCmvYTx+sKaQPcXuLxqBVFg1/TiGlUqYFhs8azwJp5CJu6pvs=

GET
H2 200 pixel.png Show response
stats.bannernow.com/ Frame 2C62 95 B
252 B 259ms
161ms XHR
image/png 34.102.219.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.bannernow.com/pixel.png?user_id=usr_cjty5v088000uj6npz2pi4d8r&banner_id=bnr_ckqkvd2ne00h090mq3k0d4llh&bannerset_id=fdr_ckqkvd2is005b90mqcxyf5wy2&project_id=prj_cjty5v0d50014j6npiwwrfrw8&domain=www.123greetings.com
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.219.251 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 251.219.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
x-guploader-uploadid: ADPycdt1bdTReD3jCZEjRe6m7xGqR-XwaD3nJjTl3QwnfIIVr9SUT7ijqUA62fNoZWF_jNYiHpM6BBvBE34ZCM5bPbODef5MaA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
x-goog-meta-expires: 0
alt-svc: clear
content-length: 95
x-goog-meta-pixel-region: US
last-modified: Sun, 04 Feb 2018 01:22:19 GMT
server: UploadServer
cache-control: no-cache, no-store, must-revalidate
etag: "9591c410148e6883727c5339fd1c02cd"
x-goog-hash: crc32c=vJqQig==, md5=lZHEEBSOaINyfFM5/RwCzQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1517707340066543
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-meta-pragma: no-cache
x-goog-stored-content-length: 95
accept-ranges: bytes
content-type: image/png
expires: Sat, 30 Jul 2022 14:36:24 GMT

GET
H2 200 pixel.png Show response
stats.bannernow.com/ Frame 3BBB 95 B
252 B 218ms
146ms XHR
image/png 34.102.219.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.bannernow.com/pixel.png?user_id=usr_cjty5v088000uj6npz2pi4d8r&banner_id=bnr_ckqkvd2ne00h090mq3k0d4llh&bannerset_id=fdr_ckqkvd2is005b90mqcxyf5wy2&project_id=prj_cjty5v0d50014j6npiwwrfrw8&domain=www.123greetings.com
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.219.251 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 251.219.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
x-guploader-uploadid: ADPycduFyw3hm6MlBbXi36R4AtH2T9w3rRXMba1RAi4rRIxgaCQ_iGRmqi1fHxIfSP2DyNK_G64MYWG46TcRL4jAIJxx0-EZWA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
x-goog-meta-expires: 0
alt-svc: clear
content-length: 95
x-goog-meta-pixel-region: US
last-modified: Sun, 04 Feb 2018 01:22:19 GMT
server: UploadServer
cache-control: no-cache, no-store, must-revalidate
etag: "9591c410148e6883727c5339fd1c02cd"
x-goog-hash: crc32c=vJqQig==, md5=lZHEEBSOaINyfFM5/RwCzQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1517707340066543
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-meta-pragma: no-cache
x-goog-stored-content-length: 95
accept-ranges: bytes
content-type: image/png
expires: Sat, 30 Jul 2022 14:36:24 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B98B 0
20 B 48ms
45ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWW0SZw4EYZeRLIOlrASjwpGIDgAAAAA4AeAEAg&bg=!QUKlQgbNAAals0SOpbM7ACkAdvg8Wmq3uttWislEVAGhS_UQKeZ3NB4yEVO8f-mgra__tdC02-BL6wIAAACNUgAAADNoAQeZAsl2nZLEZS-9vVqc_gS6tYCEGKzycSPHcHwt0E-hfBoXs0461xf54RRwWwP7vWeUnGFBwdBIRwTLe32_EXOVQ1EY97tmyNQOdN6d-18Js5ey7fanU9WTn0HF3OfKJWlMrZUrSsk_l_X8RrL7dizqNVptOOBZ2D0eDQrOAbxEla17GUdIq57nLWgIv5qvgpuQSdghiIEuaGrnFJSu48ugIzWwpiqa_k9LjwCqf59TIGqj207LB7Dvw_jUITd9swzfMh8OYbQ1Tl0CId8B-djMh49ObbWVjtpL3tSw68aNNyg3op-cLcnY7cz6evh2OjzmNoEDlhzuUR2uwJknHvvDVyR2J4f7N5IyA5hLR2sFinzNCGwFepSDbEufIXOTGItAkfHoGbdJa5LQbPIW6d671FhOuETTLz1ekzIAfpsg49LTt9XqdGpsiDwsJCX9OWW1RYujCNEWjLuuSUfTUMqow9lEw2011hv0Cm-nvzk-nr8YbOkPAi5hbtDQtvzf7r7QE6SUwt-fxBl7YLpdsXDjJ5f4cCQWLbh_-rQQpCc8ETcTA-gsZvjHvc_qGsUa8ojsyvh6bwd739vCcKhVkSG_dRcTqfJuhDX3C6TBA5CdgQFjvTk328mDWAk7WMTSLCPsPp0aN7QtWxV0Bmybl3ly4KIJNPA5tG6eHI5Gdlinh6TVjiCTa76jCl4xSdQCcLZIlfP9YCUjin8Rng7yUOsQIn4Be7fn81nsX5_QP2XXmRdxnMZ9hX9wnxGwtQuuhp7uDMeHyPcaAG1Oq8YYEEPQnAHKxWcRuDSlRcjU3DwlwxF3PR-jMFvwhkYCXSfMVbVkt0wrNiq3MQ7WDKRECWL5IQzrbs7HCmBlI0-ctH4f-fpIEwmkRilvHW4IRT1TJxVMW-DFq_4uR0W47ew6sQE-KvFkYH3d_DAsWrsxFy3QkdoIoDM4dSS21Xs0wA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.png Show response
stats.bannernow.com/ Frame 1C84 95 B
252 B 204ms
157ms XHR
image/png 34.102.219.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.bannernow.com/pixel.png?user_id=usr_cjty5v088000uj6npz2pi4d8r&banner_id=bnr_ckqkvd2ne00h090mq3k0d4llh&bannerset_id=fdr_ckqkvd2is005b90mqcxyf5wy2&project_id=prj_cjty5v0d50014j6npiwwrfrw8&domain=www.123greetings.com
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.219.251 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 251.219.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
x-guploader-uploadid: ADPycduQZhxOfV1Ey1JI6UWfb4NeqKetWzThvwMZyDvuPCAuX__sulV0dPR-vsP3_LL4QB0YD_Y53vzh9Vt8JGEB_vdcFN3Qjw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
x-goog-meta-expires: 0
alt-svc: clear
content-length: 95
x-goog-meta-pixel-region: US
last-modified: Sun, 04 Feb 2018 01:22:19 GMT
server: UploadServer
cache-control: no-cache, no-store, must-revalidate
etag: "9591c410148e6883727c5339fd1c02cd"
x-goog-hash: crc32c=vJqQig==, md5=lZHEEBSOaINyfFM5/RwCzQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1517707340066543
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-meta-pragma: no-cache
x-goog-stored-content-length: 95
accept-ranges: bytes
content-type: image/png
expires: Sat, 30 Jul 2022 14:36:24 GMT

GET
H2 200 pixel.png Show response
stats.bannernow.com/ Frame B467 95 B
738 B 185ms
146ms XHR
image/png 34.102.219.251
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.bannernow.com/pixel.png?user_id=usr_cjty5v088000uj6npz2pi4d8r&banner_id=bnr_ckqkvd2ne00h090mq3k0d4llh&bannerset_id=fdr_ckqkvd2is005b90mqcxyf5wy2&project_id=prj_cjty5v0d50014j6npiwwrfrw8&domain=www.123greetings.com
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.219.251 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 251.219.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
x-guploader-uploadid: ADPycduTZ7QXMn-LDYcDcSaCnXTP9XGYt1r-GZVsmNyidFc9WPh3F3PnWwa0VrnoNJEFD53VDBY5x5NATvNgtvEOpP0IVwsiDA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
x-goog-meta-expires: 0
alt-svc: clear
content-length: 95
x-goog-meta-pixel-region: US
last-modified: Sun, 04 Feb 2018 01:22:19 GMT
server: UploadServer
cache-control: no-cache, no-store, must-revalidate
etag: "9591c410148e6883727c5339fd1c02cd"
x-goog-hash: crc32c=vJqQig==, md5=lZHEEBSOaINyfFM5/RwCzQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1517707340066543
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-meta-pragma: no-cache
x-goog-stored-content-length: 95
accept-ranges: bytes
content-type: image/png
expires: Sat, 30 Jul 2022 14:36:24 GMT

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ 131 KB
39 KB 12ms
12ms Script
application/javascript 2600:9000:2190:7400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd1a968632f27995087d32ae53e4d1d8a8369ad6ef0661d1ee9b7136efaaa952

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P2KlG88DFyfr6cspDnOEIqME2MFlQuIv
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 10:44:37 GMT
server: AmazonS3
age: 13901
etag: W/"44e0a7be1bafab69786ffe71431ac2a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
date: Fri, 30 Jul 2021 10:44:43 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: TxHXGkZdo8HJ2G5ypcDocRY7Cc8p9WykXKmSnxDAfKtZJhYVGiBlug==

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 131 KB
39 KB 13ms
12ms Script
application/javascript 2600:9000:2190:7400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:7400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a19415bca7d20948dc84ed1c81824ad3545eb71ed53b8b5e46e14c4067e7b6f8

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: HyL8A7aIi5b6S8805xIeNdhn3FBzo1IW
content-encoding: gzip
last-modified: Mon, 12 Jul 2021 08:30:07 GMT
server: AmazonS3
age: 56865
etag: W/"806b21a25178130056c02edefeabd9f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a70d280cd058ea89c08954ea0ad67199.cloudfront.net (CloudFront)
date: Thu, 29 Jul 2021 22:48:40 GMT
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 2t4KYr_0u4IVXx3Kvk3Snkm7lyHgi6Vz6US6_EwmbRQFYKnQHvprmw==

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame BF10 42 KB
15 KB 7ms
7ms Document
text/html 2600:9000:20eb:2600:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method: GET
:authority: cdn1.avantisvideo.com
:scheme: https
:path: /connect/u_d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
date: Thu, 29 Jul 2021 23:40:08 GMT
last-modified: Tue, 30 Mar 2021 10:01:49 GMT
etag: W/"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id: Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: GiNycYKxzJqdFDdpGWsYu8vakrN1qYlkEP4H587BBtXy2-VZEH8nYw==
age: 53777

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame BF10 116 B
870 B 156ms
156ms XHR
application/json 2600:9000:2190:3e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:3e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

d81386cb76a2f803a6a7674bab45293bde918693a683a583ccd20f85619df9ef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: ZRH50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 116
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Fri, 30 Jul 2021 14:36:24 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: uGC2twqLtO9YOleUPxXVvGH1Zx6erkbARbxZuwIsca8X4V59rlTkKA==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 158ms
158ms Preflight 2600:9000:2190:3e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

2600:9000:2190:3e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: vkekaJHKyqaxdulQnzIgWOXq116Xt14vIyiGhOWKL2A8DHCVNyGL7g==

GET
DATA 200
OK truncated
/ Frame 2C62 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 font.css
storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/ Frame 2C62 236 B
376 B 19ms
14ms Stylesheet
text/css 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00daf38246395dac4de02103182f82b848f680566d454fbec929b609a43bb08a

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Mar 2021 10:44:50 GMT
server: cloudflare
age: 1269193
etag: W/"827a1cd8e968936932229e0dbef7fa00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 676f51ad9c78dff7-FRA
x-amz-request-id: XVVVT2XEG65D7MB2
x-amz-id-2: PgffwqmNknB4fX2QWTwkZa/VnvRh5DiHNe/tkpMaFk/eU4G/5GIlzHo04S5DBiwIRhJpyq2Hxq4=

GET
H2 200 /
icv.bannernow.com/ Frame 2C62 16 KB
17 KB 43ms
30ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=633&h=326&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxlw002kzhue9aolhttc.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4900457595acfaab2ecb280f061084399ba695896d2373f27a8ab05e451c9d

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385119
x-amzn-requestid: 95517a28-b7eb-4bb5-ad90-629dfc3606d3
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHjEGloAMFdYA=
content-length: 16800
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-6c41a5b00842bb9e75c3e936;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51adac8fdff7-FRA
x-amz-cf-id: 2DgI7cSOrVgKVowFwpNKeO-i1aTz6cCalABAc5M8VB4cxrDa7FSrZg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 2C62 1 KB
1 KB 43ms
31ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=88&h=51&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxm3002uzhuedqqrvg42.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa6a865c6b9eb9502e735c6fffd0be3a9ae561404e45ef83c3768fffde6ffb8

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385118
x-amzn-requestid: 335122e0-6850-4a1a-bf08-fb8dfa426677
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHlHk2oAMF9Hw=
content-length: 1330
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-22136e9715cd97eb64f70415;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51adac8ddff7-FRA
x-amz-cf-id: sx81fJj0cs10pI7v52AazdmRrEX466JyydJnmUWtU35uQfZ6C0uJHg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
DATA 200
OK truncated
/ Frame 1C84 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 font.css
storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/ Frame 1C84 236 B
214 B 26ms
25ms Stylesheet
text/css 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00daf38246395dac4de02103182f82b848f680566d454fbec929b609a43bb08a

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Mar 2021 10:44:50 GMT
server: cloudflare
age: 1269193
etag: W/"827a1cd8e968936932229e0dbef7fa00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 676f51adac87dff7-FRA
x-amz-request-id: XVVVT2XEG65D7MB2
x-amz-id-2: PgffwqmNknB4fX2QWTwkZa/VnvRh5DiHNe/tkpMaFk/eU4G/5GIlzHo04S5DBiwIRhJpyq2Hxq4=

GET
H2 200 /
icv.bannernow.com/ Frame 1C84 16 KB
17 KB 27ms
22ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=633&h=326&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxlw002kzhue9aolhttc.jpg
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4900457595acfaab2ecb280f061084399ba695896d2373f27a8ab05e451c9d

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385119
x-amzn-requestid: 95517a28-b7eb-4bb5-ad90-629dfc3606d3
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHjEGloAMFdYA=
content-length: 16800
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-6c41a5b00842bb9e75c3e936;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51adac90dff7-FRA
x-amz-cf-id: 2DgI7cSOrVgKVowFwpNKeO-i1aTz6cCalABAc5M8VB4cxrDa7FSrZg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 1C84 1 KB
1 KB 44ms
39ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=88&h=51&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxm3002uzhuedqqrvg42.png
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa6a865c6b9eb9502e735c6fffd0be3a9ae561404e45ef83c3768fffde6ffb8

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385118
x-amzn-requestid: 335122e0-6850-4a1a-bf08-fb8dfa426677
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHlHk2oAMF9Hw=
content-length: 1330
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-22136e9715cd97eb64f70415;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51adac91dff7-FRA
x-amz-cf-id: sx81fJj0cs10pI7v52AazdmRrEX466JyydJnmUWtU35uQfZ6C0uJHg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
DATA 200
OK truncated
/ Frame B467 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 font.css
storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/ Frame B467 236 B
214 B 18ms
17ms Stylesheet
text/css 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00daf38246395dac4de02103182f82b848f680566d454fbec929b609a43bb08a

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Mar 2021 10:44:50 GMT
server: cloudflare
age: 1269193
etag: W/"827a1cd8e968936932229e0dbef7fa00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 676f51adbc9bdff7-FRA
x-amz-request-id: XVVVT2XEG65D7MB2
x-amz-id-2: PgffwqmNknB4fX2QWTwkZa/VnvRh5DiHNe/tkpMaFk/eU4G/5GIlzHo04S5DBiwIRhJpyq2Hxq4=

GET
H2 200 /
icv.bannernow.com/ Frame B467 16 KB
16 KB 36ms
35ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=633&h=326&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxlw002kzhue9aolhttc.jpg
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4900457595acfaab2ecb280f061084399ba695896d2373f27a8ab05e451c9d

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385119
x-amzn-requestid: 95517a28-b7eb-4bb5-ad90-629dfc3606d3
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHjEGloAMFdYA=
content-length: 16800
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-6c41a5b00842bb9e75c3e936;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51adbc9ddff7-FRA
x-amz-cf-id: 2DgI7cSOrVgKVowFwpNKeO-i1aTz6cCalABAc5M8VB4cxrDa7FSrZg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame B467 1 KB
2 KB 25ms
25ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=88&h=51&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxm3002uzhuedqqrvg42.png
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa6a865c6b9eb9502e735c6fffd0be3a9ae561404e45ef83c3768fffde6ffb8

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385118
x-amzn-requestid: 335122e0-6850-4a1a-bf08-fb8dfa426677
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHlHk2oAMF9Hw=
content-length: 1330
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-22136e9715cd97eb64f70415;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51adbcb7dff7-FRA
x-amz-cf-id: sx81fJj0cs10pI7v52AazdmRrEX466JyydJnmUWtU35uQfZ6C0uJHg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
DATA 200
OK truncated
/ Frame 3BBB 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 font.css
storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/ Frame 3BBB 236 B
218 B 28ms
27ms Stylesheet
text/css 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00daf38246395dac4de02103182f82b848f680566d454fbec929b609a43bb08a

Request headers

Referer: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Mar 2021 10:44:50 GMT
server: cloudflare
age: 1269193
etag: W/"827a1cd8e968936932229e0dbef7fa00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 676f51addcd1dff7-FRA
x-amz-request-id: XVVVT2XEG65D7MB2
x-amz-id-2: PgffwqmNknB4fX2QWTwkZa/VnvRh5DiHNe/tkpMaFk/eU4G/5GIlzHo04S5DBiwIRhJpyq2Hxq4=

GET
H2 200 /
icv.bannernow.com/ Frame 3BBB 16 KB
16 KB 31ms
30ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=633&h=326&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxlw002kzhue9aolhttc.jpg
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4900457595acfaab2ecb280f061084399ba695896d2373f27a8ab05e451c9d

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385119
x-amzn-requestid: 95517a28-b7eb-4bb5-ad90-629dfc3606d3
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHjEGloAMFdYA=
content-length: 16800
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-6c41a5b00842bb9e75c3e936;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51addcdddff7-FRA
x-amz-cf-id: 2DgI7cSOrVgKVowFwpNKeO-i1aTz6cCalABAc5M8VB4cxrDa7FSrZg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 3BBB 1 KB
1 KB 21ms
21ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=88&h=51&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxm3002uzhuedqqrvg42.png
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa6a865c6b9eb9502e735c6fffd0be3a9ae561404e45ef83c3768fffde6ffb8

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385118
x-amzn-requestid: 335122e0-6850-4a1a-bf08-fb8dfa426677
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHlHk2oAMF9Hw=
content-length: 1330
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-22136e9715cd97eb64f70415;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51addce1dff7-FRA
x-amz-cf-id: sx81fJj0cs10pI7v52AazdmRrEX466JyydJnmUWtU35uQfZ6C0uJHg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 font.woff2
storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/ Frame 2C62 54 KB
54 KB 19ms
16ms Font
application/font-woff2 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.woff2
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bd60b36c7295f8f8d39a88d81426950abf34371bc84b3833cb6ae8462361e1

Request headers

Origin: https://storage.bannernow.com
Referer: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 2187319
cf-ray: 676f51adece7dff7-FRA
content-length: 54792
x-amz-id-2: SONJ/umRX1Dtoxui1zdgCPTlwUjVYUZZ8YtzuSXjLEbA0mUWmEbnaUzzoxjgglD/JOWVhS98Wvk=
last-modified: Tue, 23 Mar 2021 10:44:50 GMT
server: cloudflare
etag: "b0a6726502c513769c2825ff9db527db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: 4MNZ672S5CHTVBC1
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/font-woff2

GET
H2 200 font.woff2
storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/ Frame 1C84 54 KB
54 KB 15ms
13ms Font
application/font-woff2 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.woff2
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bd60b36c7295f8f8d39a88d81426950abf34371bc84b3833cb6ae8462361e1

Request headers

Origin: https://storage.bannernow.com
Referer: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 2187319
cf-ray: 676f51adece8dff7-FRA
content-length: 54792
x-amz-id-2: SONJ/umRX1Dtoxui1zdgCPTlwUjVYUZZ8YtzuSXjLEbA0mUWmEbnaUzzoxjgglD/JOWVhS98Wvk=
last-modified: Tue, 23 Mar 2021 10:44:50 GMT
server: cloudflare
etag: "b0a6726502c513769c2825ff9db527db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: 4MNZ672S5CHTVBC1
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/font-woff2

GET
H2 200 font.woff2
storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/ Frame B467 54 KB
54 KB 23ms
21ms Font
application/font-woff2 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.woff2
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bd60b36c7295f8f8d39a88d81426950abf34371bc84b3833cb6ae8462361e1

Request headers

Origin: https://storage.bannernow.com
Referer: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 2187319
cf-ray: 676f51adececdff7-FRA
content-length: 54792
x-amz-id-2: SONJ/umRX1Dtoxui1zdgCPTlwUjVYUZZ8YtzuSXjLEbA0mUWmEbnaUzzoxjgglD/JOWVhS98Wvk=
last-modified: Tue, 23 Mar 2021 10:44:50 GMT
server: cloudflare
etag: "b0a6726502c513769c2825ff9db527db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: 4MNZ672S5CHTVBC1
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/font-woff2

GET
H2 200 /
icv.bannernow.com/ Frame 1C84 16 KB
16 KB 23ms
23ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=633&h=326&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxlw002kzhue9aolhttc.jpg
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4900457595acfaab2ecb280f061084399ba695896d2373f27a8ab05e451c9d

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385119
x-amzn-requestid: 95517a28-b7eb-4bb5-ad90-629dfc3606d3
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHjEGloAMFdYA=
content-length: 16800
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-6c41a5b00842bb9e75c3e936;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51ae1d2fdff7-FRA
x-amz-cf-id: 2DgI7cSOrVgKVowFwpNKeO-i1aTz6cCalABAc5M8VB4cxrDa7FSrZg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 1C84 1 KB
1 KB 13ms
12ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=88&h=51&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxm3002uzhuedqqrvg42.png
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa6a865c6b9eb9502e735c6fffd0be3a9ae561404e45ef83c3768fffde6ffb8

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385118
x-amzn-requestid: 335122e0-6850-4a1a-bf08-fb8dfa426677
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHlHk2oAMF9Hw=
content-length: 1330
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-22136e9715cd97eb64f70415;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51ae1d36dff7-FRA
x-amz-cf-id: sx81fJj0cs10pI7v52AazdmRrEX466JyydJnmUWtU35uQfZ6C0uJHg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 2C62 16 KB
16 KB 40ms
40ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=633&h=326&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxlw002kzhue9aolhttc.jpg
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4900457595acfaab2ecb280f061084399ba695896d2373f27a8ab05e451c9d

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385119
x-amzn-requestid: 95517a28-b7eb-4bb5-ad90-629dfc3606d3
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHjEGloAMFdYA=
content-length: 16800
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-6c41a5b00842bb9e75c3e936;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51ae2d4ddff7-FRA
x-amz-cf-id: 2DgI7cSOrVgKVowFwpNKeO-i1aTz6cCalABAc5M8VB4cxrDa7FSrZg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 2C62 1 KB
1 KB 13ms
13ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=88&h=51&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxm3002uzhuedqqrvg42.png
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa6a865c6b9eb9502e735c6fffd0be3a9ae561404e45ef83c3768fffde6ffb8

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385118
x-amzn-requestid: 335122e0-6850-4a1a-bf08-fb8dfa426677
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHlHk2oAMF9Hw=
content-length: 1330
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-22136e9715cd97eb64f70415;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51ae2d50dff7-FRA
x-amz-cf-id: sx81fJj0cs10pI7v52AazdmRrEX466JyydJnmUWtU35uQfZ6C0uJHg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 font.woff2
storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/ Frame 3BBB 54 KB
54 KB 17ms
16ms Font
application/font-woff2 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.woff2
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bd60b36c7295f8f8d39a88d81426950abf34371bc84b3833cb6ae8462361e1

Request headers

Origin: https://storage.bannernow.com
Referer: https://storage.bannernow.com/fonts/cft_ckmlw5hts000kocp9n234417h/font.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 2187319
cf-ray: 676f51ae4d72dff7-FRA
content-length: 54792
x-amz-id-2: SONJ/umRX1Dtoxui1zdgCPTlwUjVYUZZ8YtzuSXjLEbA0mUWmEbnaUzzoxjgglD/JOWVhS98Wvk=
last-modified: Tue, 23 Mar 2021 10:44:50 GMT
server: cloudflare
etag: "b0a6726502c513769c2825ff9db527db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: 4MNZ672S5CHTVBC1
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: application/font-woff2

GET
H2 200 /
icv.bannernow.com/ Frame B467 16 KB
16 KB 14ms
13ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=633&h=326&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxlw002kzhue9aolhttc.jpg
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4900457595acfaab2ecb280f061084399ba695896d2373f27a8ab05e451c9d

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385119
x-amzn-requestid: 95517a28-b7eb-4bb5-ad90-629dfc3606d3
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHjEGloAMFdYA=
content-length: 16800
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-6c41a5b00842bb9e75c3e936;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51ae4d75dff7-FRA
x-amz-cf-id: 2DgI7cSOrVgKVowFwpNKeO-i1aTz6cCalABAc5M8VB4cxrDa7FSrZg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame B467 1 KB
1 KB 13ms
13ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=88&h=51&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxm3002uzhuedqqrvg42.png
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa6a865c6b9eb9502e735c6fffd0be3a9ae561404e45ef83c3768fffde6ffb8

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385118
x-amzn-requestid: 335122e0-6850-4a1a-bf08-fb8dfa426677
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHlHk2oAMF9Hw=
content-length: 1330
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-22136e9715cd97eb64f70415;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51ae4d81dff7-FRA
x-amz-cf-id: sx81fJj0cs10pI7v52AazdmRrEX466JyydJnmUWtU35uQfZ6C0uJHg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 3BBB 16 KB
16 KB 14ms
14ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=633&h=326&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxlw002kzhue9aolhttc.jpg
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf4900457595acfaab2ecb280f061084399ba695896d2373f27a8ab05e451c9d

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385119
x-amzn-requestid: 95517a28-b7eb-4bb5-ad90-629dfc3606d3
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHjEGloAMFdYA=
content-length: 16800
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-6c41a5b00842bb9e75c3e936;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51ae6da6dff7-FRA
x-amz-cf-id: 2DgI7cSOrVgKVowFwpNKeO-i1aTz6cCalABAc5M8VB4cxrDa7FSrZg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

GET
H2 200 /
icv.bannernow.com/ Frame 3BBB 1 KB
1 KB 18ms
18ms Image
image/webp 2606:4700::6812:1cf8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icv.bannernow.com/?m=contain&w=88&h=51&x=center&y=center&q=100&type=webp&u=https%3A%2F%2Fstorage.bannernow.com%2Fd92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd%2Fckqrrmxm3002uzhuedqqrvg42.png
Requested by: Host: storage.bannernow.com
URL: https://storage.bannernow.com/d92mqX30rPODGjoD2BRn7WagKQ6YZvkJdfEIMsAPbd/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cf8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fa6a865c6b9eb9502e735c6fffd0be3a9ae561404e45ef83c3768fffde6ffb8

Request headers

Referer: https://storage.bannernow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
via: 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 1385118
x-amzn-requestid: 335122e0-6850-4a1a-bf08-fb8dfa426677
x-thumbnailer-version: 1.2.23
x-cache: Miss from cloudfront
x-amz-apigw-id: CdnHlHk2oAMF9Hw=
content-length: 1330
server: cloudflare
x-amzn-trace-id: Root=1-60eeebc9-22136e9715cd97eb64f70415;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 676f51ae6daadff7-FRA
x-amz-cf-id: sx81fJj0cs10pI7v52AazdmRrEX466JyydJnmUWtU35uQfZ6C0uJHg==
expires: Sun, 17 Jan 2038 19:14:07 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 633ms
210ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Jul 2021 14:36:25 GMT

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ 2 KB
3 KB 302ms
302ms XHR
text/plain 2600:9000:2190:3e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2F&eu=true&country=DE&hour=16

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:3e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5010abc38d335ee8205f1ebf7d7c29fbc266076903263054feb2a070a16a4633

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: ZRH50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 2439
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Fri, 30 Jul 2021 14:36:25 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-amz-cf-id: kGevnMKgwE-uF5vzUJ1j1L0MpFkQ0nwSlwW17UANpkbgwYPw5nQFMw==

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame 0
0 157ms
157ms Preflight 2600:9000:2190:3e00:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

2600:9000:2190:3e00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 30 Jul 2021 14:36:24 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: XnOP3AaJI9i-jfQpXtNNlnbsa2iYWYkIWUfMhWURa2LepF-uUVnXKg==

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9E7E 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstC9GJQUWSgQsXreJe5cXyaYPYb1xUnXgrKT9vkAkrtoplteeBjEmpmAZvWIc-2sKJbaxAIr2nSeEb1S9h03laJJKI6_u9lSjD_GPFtXu5L_Sy0FiiysnDWrpc&sai=AMfl-YQmme12553am1ufNi4PoI5ziWjdCjxQ0kzegaKYHwEIkF5nis7X2t0DBK6y8qM_-CnJg8-TvMnlH7dsUOm5PdbQ5Rf5axo6VXMso6UuaO1gXU5YjVuJHYGURzk&sig=Cg0ArKJSzBb_4x467HDyEAE&cid=CAASEuRonZi3bD7eIePY1ZILzmAYeg&id=lidar2&mcvt=1031&p=47,560,137,1288&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20210728&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2032713241&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627655783508&dlt=104&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
739 B 28ms
7ms Script
text/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 30 Jul 2021 14:36:25 GMT
X-GUploader-UploadID: ABg5-UzuRsLKTUnE2j8TsFca2KTLvRt8NxnctG4I2-AHPJ54zUAh9bpPAQfezSx8RQX9PoHELvXaxJL-R91NukoaSB8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 30 Jul 2021 15:06:25 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ 25 KB
10 KB 20ms
6ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5b2a765691b3e18c0d36da2361a9ee5023df284a154d55cb963550f841134955

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdt5klPYAn7c5O_3VMPOUpNtsB73ukaabahtxKyVztfdOeHOBE7CkycTBuX7UzBzlCOwUGrRnSaL_txe4On3Xew
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9181
last-modified: Tue, 27 Jul 2021 06:27:01 GMT
server: UploadServer
etag: "98251cf5d6a33132ed8549be9c286003"
vary: Accept-Encoding
x-goog-hash: crc32c=+ebB6w==, md5=mCUc9dajMTLthUm+nChgAw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1627367221020033
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9181
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 30 Jul 2021 14:41:25 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 7C44 344 KB
98 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5743ed63aae3df0518af28d321d5b89d3e2c18186e95ed881e76a827ca11897e

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu-4pV_JDsaI0xqmT62r7Kc7Ji-HAu_4OFY0mI0SDPDZ3vKqBlLLI1XCo82ICZ8Zf9uq4H46HckKwb9xqDi2VA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99409
last-modified: Tue, 27 Jul 2021 06:26:18 GMT
server: UploadServer
etag: "ee4ab5c688352d70090399407599398d"
vary: Accept-Encoding
x-goog-hash: crc32c=pUgJKA==, md5=7kq1xog1LXAJA5lAdZk5jQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1627367178090991
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99409
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 30 Jul 2021 14:41:25 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 52F9 344 KB
98 KB 11ms
11ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5743ed63aae3df0518af28d321d5b89d3e2c18186e95ed881e76a827ca11897e

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:25 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu-4pV_JDsaI0xqmT62r7Kc7Ji-HAu_4OFY0mI0SDPDZ3vKqBlLLI1XCo82ICZ8Zf9uq4H46HckKwb9xqDi2VA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99409
last-modified: Tue, 27 Jul 2021 06:26:18 GMT
server: UploadServer
etag: "ee4ab5c688352d70090399407599398d"
vary: Accept-Encoding
x-goog-hash: crc32c=pUgJKA==, md5=7kq1xog1LXAJA5lAdZk5jQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1627367178090991
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99409
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 30 Jul 2021 14:41:25 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 372ms
121ms Image
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5e5bd1f528a0610dd725f7d8&stagid=&stplid=&e=inventory&vi=100&cb=1627655785622
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 366ms
121ms Image
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=4&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5ec3e3871f5e5c792c20f9f7&stagid=&stplid=&e=inventory&vi=0&cb=1627655785628
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E44D 42 B
64 B 51ms
50ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRcS2NPbT5BBoDFS7tf8uSwpXKzBc_G9S1x7Eoo1b0eWhEVghIYnpxa5YOKVRyuW1j9emXQKSDkFCX28m7kw3XV3BeLa-_4Ok8wz9RefGA1lZPgAbhgyObopc&sai=AMfl-YScnu4VsSc-172W25EaZlRcw4wCF7vkWqouiAr-2fyA9IfWI34p_UCr7LPkkDnsExZLYnb5w0XD7UUby05UKO38DoGCoP4D6kbmexgyETQgE63velTSCVsgmnk&sig=Cg0ArKJSzNi_kEdEGXElEAE&cid=CAASFeRoganx__yHTtvSPaOyPPj2KsSXUg&id=lidar2&mcvt=1046&p=208,970,458,1270&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20210728&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2007386566&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627655783598&dlt=17&rpt=5&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 7 KB
2 KB 377ms
131ms XHR
application/json 52.1.46.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=785621&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1627655785644
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.46.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-46-74.compute-1.amazonaws.com
Software: /
Resource Hash: 1819d7ec971102dfa41ef75ea583953d1f5c1feb5be74cfc2502fed5027af1c0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:25 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Mon, 19 Jul 2021 00:49:45 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 209ms
209ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Jul 2021 14:36:25 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/4/ 7 KB
2 KB 465ms
225ms XHR
application/json 52.1.46.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/4/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2F&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5ec3e3871f5e5c792c20f9f7&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=785628&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1627655785650
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.46.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-46-74.compute-1.amazonaws.com
Software: /
Resource Hash: bf44f1594bcce8319544c66daf90f4acc536e867d1df6dd1248f3a06a7483c67

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Mon, 19 Jul 2021 00:49:46 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 232ms
232ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Jul 2021 14:36:25 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 0EA7
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627655785944-950044584672-006831-001-008598%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1627655785944-950044584672-006831-001-008598%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1627655785944-950044584672-006831-001-008598&biddername=55&key=941476052173524522

0
214 B

362ms
117ms

Document
text/plain

174.129.232.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1627655785944-950044584672-006831-001-008598&biddername=55&key=941476052173524522
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.232.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1627655785944-950044584672-006831-001-008598&biddername=55&key=941476052173524522
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1627655786029-952045205672-007338-011-002912
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-length: 0
set-cookie: 2_C_55=941476052173524522; Path=/; Domain=aniview.com; Expires=Sat, 31 Jul 2021 14:36:26 GMT; Secure; SameSite=None 2_C_55=941476052173524522; Path=/; Expires=Sat, 31 Jul 2021 14:36:26 GMT; Secure; SameSite=None

Redirect headers

Server: nginx/1.17.9
Date: Fri, 30 Jul 2021 14:36:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1627655785944-950044584672-006831-001-008598&biddername=55&key=941476052173524522
AN-X-Request-Uuid: 3ab0c6a8-f709-414e-9a1e-50c0864f2e31
Set-Cookie: uuid2=941476052173524522; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 28-Oct-2021 14:36:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 195.242.213.229; 195.242.213.229; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 112ms
47ms XHR
application/xml 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2F&us_privacy=1---&cbb=7655786029&imp_id=69d537f7-f4aa-49fc-9c37-c605915fc4bf

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:26 GMT
X-Proxy-Origin: 195.242.213.229; 195.242.213.229; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 54874ead-9c54-4bf1-a4a1-5ffa3d33c0c8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 7C44 282 KB
89 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: fe376626e35270fa60cf647c476851387d93440816777c74fce6437e273ef612

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduR0KptIsdJujIwG0-7B0hn4igSKYLIwdjdRKtC87ENdZnd7_XLaQ1Oro6od1QDYnS6F5zVd8vnymdnc6RgPmM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 90379
last-modified: Tue, 27 Jul 2021 06:24:45 GMT
server: UploadServer
etag: "460a8d9b2ac1f262d3e719c11b8a6e16"
vary: Accept-Encoding
x-goog-hash: crc32c=4pmTbA==, md5=RgqNmyrB8mLT5xnBG4puFg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1627367085871012
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 90379
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 30 Jul 2021 14:41:26 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
121ms Image
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=39182&t=1627655785&cip=195.242.213.229&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1627655785944-950044584672-006831-001-008598&cha=0.7&stagid=&stplid=&cb=96304947951&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1627655786033&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24%2C5e9030afdc817965520eb855%2C608e90cf34acc10fb7767e4a&ofpr=%2C%2C%2C0.52&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 191ms
55ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Jul 2021 14:36:26 GMT
X-SpotX-Timing-Transform: 0.000294
X-SpotX-Timing-SpotMarket: 0.002353
X-SpotX-Timing-Page-Mux: 0.001957
X-SpotX-Timing-Page-Require: 0.000498
X-fe: 105
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000025
X-SpotX-Timing-Page: 0.007989
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000409
Last-Modified: Fri, 30 Jul 2021 14:36:26 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.002353
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.002438
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 2888
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1627655786029-952045205672-007338-011-002912%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1627655786029-952045205672-007338-011-002912%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1627655786029-952045205672-007338-011-002912&biddername=55&key=4765506916091213428

0
215 B

354ms
117ms

Document
text/plain

174.129.232.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1627655786029-952045205672-007338-011-002912&biddername=55&key=4765506916091213428
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.232.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1627655786029-952045205672-007338-011-002912&biddername=55&key=4765506916091213428
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1627655786029-952045205672-007338-011-002912
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-length: 0
set-cookie: 2_C_55=4765506916091213428; Path=/; Domain=aniview.com; Expires=Sat, 31 Jul 2021 14:36:26 GMT; Secure; SameSite=None 2_C_55=4765506916091213428; Path=/; Expires=Sat, 31 Jul 2021 14:36:26 GMT; Secure; SameSite=None

Redirect headers

Server: nginx/1.17.9
Date: Fri, 30 Jul 2021 14:36:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1627655786029-952045205672-007338-011-002912&biddername=55&key=4765506916091213428
AN-X-Request-Uuid: 7f2e0e2a-31a2-4999-8871-30131c02f49f
Set-Cookie: uuid2=4765506916091213428; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 28-Oct-2021 14:36:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 195.242.213.229; 195.242.213.229; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 78ms
56ms XHR
application/xml 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2F&us_privacy=1---&cbb=7655786121&imp_id=fd6dba16-4aac-447b-b519-fe437b39b3a8

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:26 GMT
X-Proxy-Origin: 195.242.213.229; 195.242.213.229; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cbad12db-bbb3-430f-ae0a-4e29ed2ede41
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 52F9 282 KB
89 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: fe376626e35270fa60cf647c476851387d93440816777c74fce6437e273ef612

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduR0KptIsdJujIwG0-7B0hn4igSKYLIwdjdRKtC87ENdZnd7_XLaQ1Oro6od1QDYnS6F5zVd8vnymdnc6RgPmM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 90379
last-modified: Tue, 27 Jul 2021 06:24:45 GMT
server: UploadServer
etag: "460a8d9b2ac1f262d3e719c11b8a6e16"
vary: Accept-Encoding
x-goog-hash: crc32c=4pmTbA==, md5=RgqNmyrB8mLT5xnBG4puFg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1627367085871012
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 90379
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 30 Jul 2021 14:41:26 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 121ms
121ms Image
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=30312&t=1627655786&cip=195.242.213.229&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1627655786029-952045205672-007338-011-002912&cha=0.7&stagid=&stplid=&cb=48461428488&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1627655786122&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24%2C5e9030afdc817965520eb855%2C608e90cf34acc10fb7767e4a&ofpr=%2C%2C%2C0.52&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 148ms
43ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Jul 2021 14:36:26 GMT
X-SpotX-Timing-Transform: 0.000363
X-SpotX-Timing-SpotMarket: 0.001945
X-SpotX-Timing-Page-Mux: 0.000890
X-SpotX-Timing-Page-Require: 0.000311
X-fe: 049
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000026
X-SpotX-Timing-Page: 0.006369
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000293
Last-Modified: Fri, 30 Jul 2021 14:36:26 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.001945
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.002528
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
122ms Image
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=39182&t=1627655785&cip=195.242.213.229&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1627655785944-950044584672-006831-001-008598&cha=0.7&stagid=&stplid=&cb=96304947951&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1627655786266&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4C27 340 KB
117 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119640
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:26 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B510 340 KB
117 KB 42ms
23ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119640
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:26 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
122ms Image
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=30312&t=1627655786&cip=195.242.213.229&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1627655786029-952045205672-007338-011-002912&cha=0.7&stagid=&stplid=&cb=48461428488&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1627655786299&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 22C2 340 KB
117 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119640
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:26 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F39A 340 KB
117 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119640
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:26 GMT

GET
H3-29 200 bridge3.473.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 294A 578 KB
190 KB 22ms
8ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.473.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194074
date: Thu, 29 Jul 2021 08:18:39 GMT
expires: Fri, 29 Jul 2022 08:18:39 GMT
last-modified: Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 109067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 4C27 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:26 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4C27 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.473.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9B14 578 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.473.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194074
date: Thu, 29 Jul 2021 08:18:39 GMT
expires: Fri, 29 Jul 2022 08:18:39 GMT
last-modified: Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 109067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B510 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:26 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame B510 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.473.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5B61 578 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.473.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194074
date: Thu, 29 Jul 2021 08:18:39 GMT
expires: Fri, 29 Jul 2022 08:18:39 GMT
last-modified: Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 109067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 22C2 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:26 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 22C2 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.473.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C770 578 KB
190 KB 6ms
5ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.473.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194074
date: Thu, 29 Jul 2021 08:18:39 GMT
expires: Fri, 29 Jul 2022 08:18:39 GMT
last-modified: Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 109067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame F39A 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:26 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame F39A 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 51FC 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Jul 2021 14:40:19 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EE7D 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Jul 2021 14:40:19 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CAEB 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Jul 2021 14:40:19 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0967 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Jul 2021 14:40:19 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 294A 156 B
185 B 263ms
261ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3556846851618268&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=4122312502&sdk_apis=2%2C8&sid=97208389-3CA1-454B-BB91-D1464D617457&eid=44737473%2C44745938&url=https%3A%2F%2Fwww.123greetings.com%2F&dt=1627655786734&cookie=ID%3D0fd88b45498770ea%3AT%3D1627655782%3AS%3DALNI_Mb_vbF2CIZoSUqigmOMAJofLmrRuQ&scor=1973812303910954&ged=ve4_td1_tt1_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9B14 156 B
185 B 289ms
289ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3746043726686434&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3601226093&sdk_apis=2%2C8&sid=1E4E804F-E0E9-42F4-B79C-B1C03141F442&eid=44736284&url=https%3A%2F%2Fwww.123greetings.com%2F&dt=1627655786738&cookie=ID%3D0fd88b45498770ea%3AT%3D1627655782%3AS%3DALNI_Mb_vbF2CIZoSUqigmOMAJofLmrRuQ&scor=1745043003563154&ged=ve4_td1_tt1_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5B61 156 B
523 B 194ms
193ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2273909081277432&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3258722799&sdk_apis=2%2C8&sid=D11772AF-53D8-412D-A55E-D6F4FB5FA440&eid=40819804%2C44725356%2C44737473&url=https%3A%2F%2Fwww.123greetings.com%2F&dt=1627655786740&cookie=ID%3D0fd88b45498770ea%3AT%3D1627655782%3AS%3DALNI_Mb_vbF2CIZoSUqigmOMAJofLmrRuQ&scor=1707622664723286&ged=ve4_td1_tt0_pd1_la1000_er1443.310.1595.610_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C770 156 B
185 B 207ms
207ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4225992215379724&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3640575345&sdk_apis=2%2C8&sid=260DD382-7850-4F6F-8EC5-08942D84F454&eid=44732022&url=https%3A%2F%2Fwww.123greetings.com%2F&dt=1627655786743&cookie=ID%3D0fd88b45498770ea%3AT%3D1627655782%3AS%3DALNI_Mb_vbF2CIZoSUqigmOMAJofLmrRuQ&scor=3095543557016838&ged=ve4_td1_tt0_pd1_la1000_er1443.310.1595.610_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 213ms
213ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 50ms
50ms XHR
application/xml 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2F&us_privacy=1---&cbb=7655786997&imp_id=0b20c315-f63b-4aff-8a7c-70f2e15a7ea7

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:27 GMT
X-Proxy-Origin: 195.242.213.229; 195.242.213.229; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 27262865-142d-46f8-9483-a30020a2289f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 123ms
122ms Image
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=30312&t=1627655786&cip=195.242.213.229&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1627655786029-952045205672-007338-011-002912&cha=0.7&stagid=&stplid=&cb=48461428488&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1627655786998&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24%2C5e9030afdc817965520eb855%2C608e90cf34acc10fb7767e4a&ofpr=%2C%2C%2C0.52&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 44ms
44ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Jul 2021 14:36:27 GMT
X-SpotX-Timing-Transform: 0.000301
X-SpotX-Timing-SpotMarket: 0.001743
X-SpotX-Timing-Page-Mux: 0.001754
X-SpotX-Timing-Page-Require: 0.000421
X-fe: 120
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000020
X-SpotX-Timing-Page: 0.007864
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000394
Last-Modified: Fri, 30 Jul 2021 14:36:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.001743
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.003215
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 210ms
210ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
1 KB 55ms
55ms XHR
application/xml 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2F&us_privacy=1---&cbb=7655787045&imp_id=5ade9cc7-3733-4ff9-adac-1c9140a2d49e

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Jul 2021 14:36:27 GMT
X-Proxy-Origin: 195.242.213.229; 195.242.213.229; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e34b0d54-2c12-4af5-883a-ceffe10fb9e3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
122ms Image
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=39182&t=1627655785&cip=195.242.213.229&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1627655785944-950044584672-006831-001-008598&cha=0.7&stagid=&stplid=&cb=96304947951&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1627655787046&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24%2C5e9030afdc817965520eb855%2C608e90cf34acc10fb7767e4a&ofpr=%2C%2C%2C0.52&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 47ms
47ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 30 Jul 2021 14:36:27 GMT
X-SpotX-Timing-Transform: 0.000373
X-SpotX-Timing-SpotMarket: 0.002766
X-SpotX-Timing-Page-Mux: 0.001152
X-SpotX-Timing-Page-Require: 0.000573
X-fe: 069
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000040
X-SpotX-Timing-Page: 0.008234
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000347
Last-Modified: Fri, 30 Jul 2021 14:36:27 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.002766
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.002970
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 122ms
122ms Image
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=30312&t=1627655786&cip=195.242.213.229&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1627655786029-952045205672-007338-011-002912&cha=0.7&stagid=&stplid=&cb=48461428488&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1627655787051&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F0B9 340 KB
117 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119640
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:27 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7E27 340 KB
117 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119640
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:27 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 123ms
123ms Image
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=39182&t=1627655785&cip=195.242.213.229&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1627655785944-950044584672-006831-001-008598&cha=0.7&stagid=&stplid=&cb=96304947951&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1627655787114&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 bridge3.473.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7468 578 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.473.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194074
date: Thu, 29 Jul 2021 08:18:39 GMT
expires: Fri, 29 Jul 2022 08:18:39 GMT
last-modified: Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 109068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame F0B9 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:27 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame F0B9 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.473.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6684 578 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.473.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194074
date: Thu, 29 Jul 2021 08:18:39 GMT
expires: Fri, 29 Jul 2022 08:18:39 GMT
last-modified: Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 109068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7E27 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:27 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7E27 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6232 340 KB
117 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119640
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:27 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B4D9 340 KB
117 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119640
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:27 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 69B9 36 KB
12 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Jul 2021 14:40:19 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 79AD 36 KB
12 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Jul 2021 14:40:19 GMT

GET
H3-29 200 bridge3.473.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 569F 578 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.473.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194074
date: Thu, 29 Jul 2021 08:18:39 GMT
expires: Fri, 29 Jul 2022 08:18:39 GMT
last-modified: Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 109068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6232 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:27 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6232 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.473.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C57A 578 KB
190 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.473.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194074
date: Thu, 29 Jul 2021 08:18:39 GMT
expires: Fri, 29 Jul 2022 08:18:39 GMT
last-modified: Tue, 27 Jul 2021 18:08:21 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 109068
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B4D9 44 KB
17 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 30 Jul 2021 14:36:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame B4D9 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 38B7 36 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Jul 2021 14:40:19 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2B72 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 13:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Jul 2021 14:40:19 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7468 156 B
287 B 280ms
280ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3588107134865287&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1885377968&sdk_apis=2%2C8&sid=CA333B7A-B46D-4A3F-8466-23DCFE6055F3&eid=44726392&url=https%3A%2F%2Fwww.123greetings.com%2F&dt=1627655787484&cookie=ID%3D0fd88b45498770ea%3AT%3D1627655782%3AS%3DALNI_Mb_vbF2CIZoSUqigmOMAJofLmrRuQ&scor=4127788243317876&ged=ve4_td0_tt0_pd0_la0_er1443.310.1595.610_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 6684 156 B
287 B 213ms
213ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1663398707624525&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3515805784&sdk_apis=2%2C8&sid=38FD3D59-AFA5-460B-97B2-A067DB5D47E7&eid=44725356%2C44733378&url=https%3A%2F%2Fwww.123greetings.com%2F&dt=1627655787490&cookie=ID%3D0fd88b45498770ea%3AT%3D1627655782%3AS%3DALNI_Mb_vbF2CIZoSUqigmOMAJofLmrRuQ&scor=543102665518145&ged=ve4_td0_tt0_pd0_la0_er1443.310.1595.610_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 569F 156 B
287 B 319ms
319ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1801045947518695&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=175927010&sdk_apis=2%2C8&sid=A032DA1F-F6F2-4032-A89D-64777A58C9DD&url=https%3A%2F%2Fwww.123greetings.com%2F&dt=1627655787553&cookie_enabled=1&scor=4448896088458540&ged=ve4_td1_tt1_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C57A 156 B
287 B 383ms
383ms XHR
text/xml 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=280690881496965&sdkv=h.3.473.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1644027974&sdk_apis=2%2C8&sid=34FB8DEA-EC73-4B0F-9903-9AAAE2282DF6&eid=44740340&url=https%3A%2F%2Fwww.123greetings.com%2F&dt=1627655787559&cookie_enabled=1&scor=715272564718102&ged=ve4_td1_tt1_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.473.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 210ms
210ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Jul 2021 14:36:27 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 217ms
216ms Ping
text/plain 52.42.241.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.241.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-241-136.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 30 Jul 2021 14:36:28 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 369ms
125ms XHR
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=39182&t=1627655785&cip=195.242.213.229&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1627655785944-950044584672-006831-001-008598&cha=0.7&stagid=&stplid=&cb=96304947951&d9=0000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Jul 2021 14:36:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 363ms
125ms XHR
text/plain 52.1.142.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=30312&t=1627655786&cip=195.242.213.229&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=4&aafaid=&proto=https&uid=1627655786029-952045205672-007338-011-002912&cha=0.7&stagid=&stplid=&cb=48461428488&d9=0000&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.142.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-142-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 30 Jul 2021 14:36:30 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 dc_oe=ChMI1-C4poKL8gIVgxKLCh0jYQThEAAYACCyvt9EQhMIh5j3pYKL8gIVYsm7CB09uwdz;met=1;&timestamp=1627655794267;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9E7E 42 B
251 B 71ms
69ms Image
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1-C4poKL8gIVgxKLCh0jYQThEAAYACCyvt9EQhMIh5j3pYKL8gIVYsm7CB09uwdz;met=1;&timestamp=1627655794267;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Jul 2021 14:36:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtMTljMzA5YzI4OGM1NGM4MTc5NjQ0NDlhZWZhMDU3OTY=&google_push=AYg5qPIMB4RiV2hzmxTZ8b-rXh9qa74_wp4zfruka-YmwdF-e2Mf9mvznnXVPtXS11hxDiQsyOQiZ0rHhzT23vv_n086a-2--mQ

Verdicts & Comments Add Verdict or Comment

429 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 20:07:36	Name: test_cookie Value: CheckForPermission
.123greetings.com/	1970-01-19 20:07:35	Name: _gat_gtag_UA_5085183_1 Value: 1
.123greetings.com/	1970-01-20 05:29:11	Name: __gads Value: ID=0fd88b45498770ea-22eac04b7bc90083:T=1627655782:RT=1627655782:S=ALNI_MYDHeNqMhK4s62fhdOc7-H28TQBQA
www.123greetings.com/	1970-01-19 20:07:36	Name: config_data Value: CADB=1\|CLG=1\|CBR=1\|CUB=1\|CCC=1\|CFLC=1\|CPFR=1\|CBRR=1\|TCP=1\|TAP=1\|TCAP=1\|TRE=1\|QkDshLgd=0\|FBCon=1
.123greetings.com/	1970-01-19 20:09:02	Name: _gid Value: GA1.2.791825691.1627655782
.123greetings.com/	1970-01-20 13:38:47	Name: _ga Value: GA1.2.1512183023.1627655782

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: fontsCustom [object Object]
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: fontsCustom [object Object]
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: fontsCustom [object Object]
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: fontsCustom [object Object]
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: Assets loading completed
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: Assets loading completed
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: Assets loading completed
console-api	log	URL: https://storage.bannernow.com/resources/lib/bn_1.0.0.min.js(Line 1) Message: Assets loading completed

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4be336f9305f058ffc24830306f481b6.safeframe.googlesyndication.com
a.rfihub.com
a.tribalfusion.com
ade.googlesyndication.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
avm.avantisvideo.com
c.123g.us
cc.adingo.jp
cdn.avantisvideo.com
cdn1.avantisvideo.com
cm.g.doubleclick.net
cms.quantserve.com
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
events1.avantisvideo.com
fksnk.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.123g.us
i.ytimg.com
ib.adnxs.com
icv.bannernow.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsby.bidtheatre.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
play.aniview.com
player.aniview.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
rtb2-useast.e-volution.ai
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
sm.rtb.mts.ru
ssbsync.smartadserver.com
static.avantisvideo.com
stats.bannernow.com
stats.g.doubleclick.net
storage.bannernow.com
sync.1rx.io
sync.aniview.com
sync.go.sonobi.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tech.rtb.mts.ru
tg.socdm.com
tpc.googlesyndication.com
tr.blismedia.com
track1.aniview.com
trkn.us
um.simpli.fi
ups.analytics.yahoo.com
www.123greetings.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.123g.us
x.bidswitch.net
cm.g.doubleclick.net
124.146.215.46
13.224.96.44
142.250.184.226
142.250.185.130
142.250.185.226
142.250.74.194
159.253.128.183
159.65.197.210
174.129.232.188
174.137.133.49
178.162.133.149
184.72.244.154
185.29.132.241
185.33.221.13
185.64.189.115
185.86.138.120
185.94.180.123
193.0.160.128
2.18.234.21
213.155.156.182
213.19.147.45
213.87.44.187
217.66.147.166
2600:9000:20eb:2600:1c:38a0:8a40:93a1
2600:9000:2190:3e00:3:748e:7940:93a1
2600:9000:2190:7400:1c:38a0:8a40:93a1
2600:9000:2190:7400:8:9ed9:9c40:93a1
2606:4700::6812:1cf8
2606:4700::6812:d05
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2016
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2001
2a00:1450:400c:c07::9a
2a02:26f0:6c00:28a::2c79
2a02:fa8:8806:16::1400
3.126.56.137
3.228.133.61
34.102.219.251
34.96.105.8
35.157.168.25
35.72.120.200
37.252.173.27
44.194.225.67
52.1.142.100
52.1.46.74
52.42.241.136
52.54.0.202
54.76.217.27
66.155.71.25
67.27.233.124
69.173.144.138
8.253.95.245
85.114.159.118
91.228.74.133
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
00daf38246395dac4de02103182f82b848f680566d454fbec929b609a43bb08a
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
079f180cafeebed9a4762f3b2d1df57ed5745d4baee54466b6f683ed15c7c4cf
0964703aceadd0f8a443019b3d10e976a88d91cb124b39c0a9518b844e94ba8d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8c05bf9d6a5f3d9ba5dd3df2bd94f473f130d1fb8fe99d94cbad0bbb7194ef
0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
17304da0f1ff5292f9b4a4ab0a88c6639ba653d2128a11be10c47e5def381855
1819d7ec971102dfa41ef75ea583953d1f5c1feb5be74cfc2502fed5027af1c0
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1b91d59c4bdd90f11c17f875ae27b15c1efe83d42182702f51570fcc2063fd24
1cbb58dea630e6854e6c5912004d1ec97ad9829d50725234801b850bc811d3a1
1d44594c1739a91182d57a302cf6345f311a73a9dfd2b2a28b6a22d6488f490b
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2e0b072e0b1f96186a779eee12b838fb8ac4372baff6c3af22d3d27caeb18bf4
31ed3f5ec4d1c1cc4d74ac1ebe9fb6569dc743fa6ba30ad59b7473ee7aebb40e
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36d5cb8944f751d50e27c4ebad68c8a42b59248c85acc7cc5c4c9060c38decdc
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038
4545946e62b8e831756006b646fbf7e97b5fb8b85e52b625bdcc8b5d83745eb2
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a989caa0e4be8c09df7aae34ca650aa4b0973825d092f3b500252f9df01ad8
4a85791a89d858a4a4ee8547c4c79c9b0ec2b457bdcc26957b8d9b0bca2cb6fb
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fcabe564a32362410ea257ffed7fc5402e8de23ceac61a14da3fbfa83f4c2d9
5010abc38d335ee8205f1ebf7d7c29fbc266076903263054feb2a070a16a4633
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b20b51e8583144335e72a9e6a1fbdb9039642d40a70659e5bdb3ca1ff43982
56e15c9e3542a7457433e608f6180bf8877083db9c231bcfb137aa4a14fb1b53
5743ed63aae3df0518af28d321d5b89d3e2c18186e95ed881e76a827ca11897e
59f9424c9efc7e93c3d65b907a63a53aba61ee0e8c837d2bc6cd452ce850e9aa
5b2a765691b3e18c0d36da2361a9ee5023df284a154d55cb963550f841134955
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
639f019b16d2efa6f1c2ebe3f0d334e130cc469a58130cc24ffd8879efef1642
63b176462a62d19e5a2af4cc0a845119d0389aae23ef15decd83efd182c91c40
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
64bfd4b4cf2c3da2f06ef2aca3385e95f597a1beb38c3c627b9d73794536cac0
65364950e02af5a054532e0c6b5b188e2d1074f1b91b52de1aecdd2f8b891ae5
660dafdc78011b6e915b39cbfd9546c82a36aa6c20bfc6a75e144bc700a290a8
691589a940c9030b5397bdbdc082cb8abb2d15671502a6dd66bafafb4de3b599
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca223a43320b486f8767f60e348e1450e9b85efc920b1e92ec8893ec4d4c795
6f0b81586105c3fc3ba29f2eef900dd2c50b2b26722c6220e961df8bf1d529ba
6fa6a865c6b9eb9502e735c6fffd0be3a9ae561404e45ef83c3768fffde6ffb8
75519df306ca3d5504dc66f8e3398dc30f976a5859725309b90a0f2a3fdea6ec
7646eb28d5b7374f6d7ce43923cfb7808838ede19668494186a9ceca32fce9dd
78a69854cfec0c81eb2984ec5479bdcd88f9502879e78e34518113eda582856a
7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4
8062c22768af33db3d700d0b88ecdd9491bb1be33f78b1e242560af1c018633b
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d8f47ba3fc9f8abe199256c4a10e740350824da156811d038a795186e03985b
8e21db5f5131558eb01e4241849ed66cf6ce8f0832773fff68d3f80f3c908d18
92704f0026adca12f0fd6fca2cfcf6849d465c18126b13527cab79d4a668c9a2
93a5aff7973bd2b1639e0499d27018a88782692ddb340169b27fac0d37dc6a66
93ac003be34fcbf3129f1ebd4153e8f42c9eea954f3cc556b3c646fa8a6226de
940bdc70144188b863d137858d188c5bc8f06fb824ce9f8a6a146bae52e7b56f
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944
96e96292bf35ab4cfa60cf8f26578f55bacf27297ed4d97f7110a70e29229e0a
97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
9ec7a2c23d14eb76c0f5bac272f9a01b2a70c489a9908efdd3e3355b2d9da0d6
9f30a8297674d78bd47fac36fa34aaef5931f9553bedb23f69a224c059c9466b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a19415bca7d20948dc84ed1c81824ad3545eb71ed53b8b5e46e14c4067e7b6f8
a2a0de9cd500f168c39c066ce781cab396b388cc839d4ba096621e05556d1011
a30a7c0650053629138c0048be6755c6bb5a61042aad170213c0bedcaeee686a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ae1a0191fae972853eb51cd108ad9cc0c7a4b816881cc2bc3e1ad591a6cf0c6d
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bd60b36c7295f8f8d39a88d81426950abf34371bc84b3833cb6ae8462361e1
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b30943412da7b8f4522bd34237726176c9803d041bfd45108d7e0126653eb5b2
b5f6725d97f06942e257d6d2b4b1e4fa995125639d493272334b7029c992a016
b60ae1f30b4f5377d15512f826fb28e272b722060a600e8e000232344c02840d
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b9c276d17cd99e5b75efce93d31c06708f643a69a931ff03417c5defec0774bb
bc88881c267493814ada96b0cb57897aa9ff44610d2da1a67656c3cbcc0a874a
bf44f1594bcce8319544c66daf90f4acc536e867d1df6dd1248f3a06a7483c67
bf4900457595acfaab2ecb280f061084399ba695896d2373f27a8ab05e451c9d
c34acb0cd97e26911178912e89ce0a81b169505f7879ac67b63b6738b14a260a
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c65e0c2137f4623296e906bdd24c03c1d4a79cd3a6b86e35ed44caaabd21f3c0
c8010f7028e2c56b453642b6816394b163da28534c012edef128f31e14e99044
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
c8ebd21203a56bd30a0de6311a4650f352edc0fc91264153a36b688ce77719f4
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d5c4076b9051274be7b30626b66ae218ca8d82d641d30cd561c28acfc48cd2a9
d77db41dc4c7b8c130a5569ce570646d824303b3909cbfc8767a5c513b4c9140
d81386cb76a2f803a6a7674bab45293bde918693a683a583ccd20f85619df9ef
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d92c23d837d0a43d259a4b2ab98f3c90c136864041dcf32cd796c9b033e1fe05
db20203d2e3d3c689bae6647f1977fb9bb644c2b07408b0aedcad5005b428586
dc4a1a64707f81bcfa441704bf8ecf56c6b5829125afa38c4f25d6b2cbe99a73
dd1a968632f27995087d32ae53e4d1d8a8369ad6ef0661d1ee9b7136efaaa952
ddc4cf4776ce693796a056a35fd46319510e20845e500397877494461accf18e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6cee3305c56c517e5cf163a31e946fba7b7d65c49724832ecbcae3b84d5cb1
df593244193c3cf046b26a486cc6d9b03d94406e3ace812307bdc3d9e0e54b9d
e01b853362aea176912a44877a8c29edd3bca5ef9122cb579f23db3c7056a6ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e91e7d4b434bf577e8f9f0fef4a45ab94c41fd0493ff9e760bcd398732f6fdc4
eca48824a13b12bd6503bda806b0a66f2b0810fdc90796c0e763c3f934cee5a2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796
f266d83bb90cd4612e9a79fba1c16e31a87ffb70b05a41f1951aeeee301a9db3
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f6d11d75780091a50f5ff6f06a98e7deec983dd51413d915368dc4460c41268e
fe376626e35270fa60cf647c476851387d93440816777c74fce6437e273ef612

www.123greetings.com Open in urlscan Pro 184.72.244.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

346 Requests

97 %HTTPS

36 %IPv6

47 Domains

73 Subdomains

45 IPs

11 Countries

6111 kBTransfer

16098 kBSize

6 Cookies

11 Outgoing links

Redirected requests

346 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.123greetings.com Open in urlscan Pro
184.72.244.154 Public Scan

Screenshot
Live screenshot

Full Image

346
Requests

97 %
HTTPS

36 %
IPv6

47
Domains

73
Subdomains

45
IPs

11
Countries

6111 kB
Transfer

16098 kB
Size

6
Cookies

346 HTTP transactions
1 data transactions