urlscan.io logo urlscan.io
SecurityTrails logo

www.123greetings.com Open in urlscan Pro
184.72.245.68  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Submission Tags: falconsandbox
Submission: On February 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 42 IPs in 5 countries across 30 domains to perform 322 HTTP transactions. The main IP is 184.72.245.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.
This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 184.72.245.68 14618 (AMAZON-AES)
35 67.27.235.252 3356 (LEVEL3)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 52.54.0.202 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f12... 32934 (FACEBOOK)
9 8.253.204.245 3356 (LEVEL3)
50 67.26.83.252 3356 (LEVEL3)
1 1 2a03:2880:f02... 32934 (FACEBOOK)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 67.27.157.124 3356 (LEVEL3)
1 2a00:1450:400... 15169 (GOOGLE)
19 142.250.185.226 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
52 2a00:1450:400... 15169 (GOOGLE)
61 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:212... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
6 23.67.141.101 20940 (AKAMAI-ASN1)
5 7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 35.165.132.70 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 54.244.32.41 16509 (AMAZON-02)
4 2a02:26f0:710... 20940 (AKAMAI-ASN1)
6 3.223.102.221 14618 (AMAZON-AES)
1 35.171.145.49 14618 (AMAZON-AES)
2 2 185.33.221.91 29990 (ASN-APPNEX)
1 52.3.103.250 14618 (AMAZON-AES)
4 185.33.221.88 29990 (ASN-APPNEX)
2 184.31.84.150 20940 (AKAMAI-ASN1)
2 185.94.180.124 35220 (SPOTX-AMS)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.16.130 15169 (GOOGLE)
2 9 23.218.208.246 16625 (AKAMAI-AS)
2 2 172.217.23.98 15169 (GOOGLE)
1 52.214.43.215 16509 (AMAZON-02)
1 2 54.239.17.112 16509 (AMAZON-02)
1 1 66.155.71.25 13768 (COGECO-PEER1)
1 1 52.215.154.33 16509 (AMAZON-02)
1 54.236.227.29 14618 (AMAZON-AES)
1 2 52.48.137.92 16509 (AMAZON-02)
322 42
3    184.72.245.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com
www.123greetings.com
35    67.27.235.252 (United States)

ASN3356 (LEVEL3, US)
c.123g.us
2    2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    52.54.0.202 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-0-202.compute-1.amazonaws.com
trkn.us
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
9    8.253.204.245 (United States)

ASN3356 (LEVEL3, US)
x.123g.us
50    67.26.83.252 (United States)

ASN3356 (LEVEL3, US)
i.123g.us
1    2a03:2880:f02d:e:face:b00c:0:2 (United States)

ASN32934 (FACEBOOK, US)
web.facebook.com
1    2a02:26f0:7100:1ad::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
2    67.27.157.124 (United States)

ASN3356 (LEVEL3, US)
v.123g.us
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
19    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
7    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
52    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
61    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
adservice.google.com
1    2600:9000:2127:be00:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
1    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    23.67.141.101 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-67-141-101.deploy.static.akamaitechnologies.com
static.avantisvideo.com
cdn1.avantisvideo.com
7    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    35.165.132.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-165-132-70.us-west-2.compute.amazonaws.com
avm.avantisvideo.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
6    54.244.32.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-32-41.us-west-2.compute.amazonaws.com
events.avantisvideo.com
4    2a02:26f0:7100:484::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
player.aniview.com
6    3.223.102.221 (United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    35.171.145.49 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-145-49.compute-1.amazonaws.com
go1.aniview.com
2    185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
1    52.3.103.250 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-103-250.compute-1.amazonaws.com
sync.aniview.com
4    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    184.31.84.150 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
htlb.casalemedia.com
2    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
pubads.g.doubleclick.net
9    23.218.208.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
cm.g.doubleclick.net
1    52.214.43.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-43-215.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    52.215.154.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    54.236.227.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-227-29.compute-1.amazonaws.com
rtb.adentifi.com
2    52.48.137.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
96 123g.us
c.123g.us
x.123g.us
i.123g.us
v.123g.us
2 MB
74 googlesyndication.com
64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
1 MB
32 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
pubads.g.doubleclick.net
cm.g.doubleclick.net
195 KB
19 avantisvideo.com
cdn.avantisvideo.com
static.avantisvideo.com
cdn1.avantisvideo.com
avm.avantisvideo.com
events.avantisvideo.com
138 KB
15 google.com
adservice.google.com
www.google.com
1 KB
14 googletagservices.com
www.googletagservices.com
419 KB
12 aniview.com
play.aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
184 KB
10 ampproject.org
cdn.ampproject.org
194 KB
9 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
9 KB
6 adnxs.com
secure.adnxs.com
ib.adnxs.com
5 KB
6 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
603 KB
6 facebook.com
www.facebook.com
web.facebook.com
157 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
58 KB
5 google.de
adservice.google.de
1 KB
4 googleadservices.com
partner.googleadservices.com
595 B
3 trkn.us
trkn.us
2 KB
3 123greetings.com
www.123greetings.com
37 KB
2 crwdcntrl.net
bcp.crwdcntrl.net
976 B
2 amazon-adsystem.com
s.amazon-adsystem.com
928 B
2 indexww.com
js-sec.indexww.com
2 KB
2 2mdn.net
s0.2mdn.net
21 KB
2 spotxchange.com
search.spotxchange.com
2 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 facebook.net
connect.facebook.net
62 KB
1 adentifi.com
rtb.adentifi.com
88 B
1 adroll.com
d.adroll.com
112 B
1 sitescout.com
pixel-sync.sitescout.com
299 B
1 adsrvr.org
match.adsrvr.org
265 B
1 pinterest.com
assets.pinterest.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
322 30
Domain Requested by
50 i.123g.us www.123greetings.com
c.123g.us
42 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.123greetings.com
64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
tpc.googlesyndication.com
cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
35 c.123g.us www.123greetings.com
c.123g.us
30 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
15 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.123greetings.com
14 www.googletagservices.com c.123g.us
securepubads.g.doubleclick.net
64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 x.123g.us c.123g.us
8 www.google.com 5 redirects www.123greetings.com
googleads.g.doubleclick.net
7 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
6 track1.aniview.com player.aniview.com
6 events.avantisvideo.com cdn1.avantisvideo.com
6 avm.avantisvideo.com cdn1.avantisvideo.com
5 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 www.facebook.com connect.facebook.net
www.facebook.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
4 ib.adnxs.com player.aniview.com
4 fonts.gstatic.com fonts.googleapis.com
4 cdn1.avantisvideo.com cdn.avantisvideo.com
cdn1.avantisvideo.com
4 partner.googleadservices.com pagead2.googlesyndication.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 player.aniview.com cdn1.avantisvideo.com
player.aniview.com
3 trkn.us 1 redirects www.123greetings.com
3 www.123greetings.com c.123g.us
2 bcp.crwdcntrl.net 1 redirects ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 cm.g.doubleclick.net 2 redirects
2 js-sec.indexww.com player.aniview.com
ssum-sec.casalemedia.com
2 pubads.g.doubleclick.net imasdk.googleapis.com
2 s0.2mdn.net imasdk.googleapis.com
2 search.spotxchange.com player.aniview.com
2 htlb.casalemedia.com player.aniview.com
2 secure.adnxs.com 2 redirects
2 fonts.googleapis.com tpc.googlesyndication.com
googleads.g.doubleclick.net
2 static.avantisvideo.com cdn.avantisvideo.com
2 64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 v.123g.us
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.123greetings.com
connect.facebook.net
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 d.adroll.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 match.adsrvr.org ssum-sec.casalemedia.com
1 sync.aniview.com player.aniview.com
1 go1.aniview.com player.aniview.com
1 play.aniview.com cdn1.avantisvideo.com
1 www.gstatic.com googleads.g.doubleclick.net
1 cdn.avantisvideo.com securepubads.g.doubleclick.net
1 assets.pinterest.com
1 web.facebook.com 1 redirects
1 www.googletagmanager.com www.123greetings.com
322 53
Subject Issuer Validity Valid
*.123greetings.com
Go Daddy Secure Certificate Authority - G2		 2020-04-29 -
2022-04-29		 2 years crt.sh
*.123g.us
Go Daddy Secure Certificate Authority - G2		 2019-06-21 -
2021-09-16		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-12-22 -
2021-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2		 2020-03-20 -
2021-03-20		 a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
avantisvideo.com
Amazon		 2020-12-24 -
2022-01-22		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
cdn.avantisvideo.com
R3		 2021-02-15 -
2021-05-16		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.avantisvideo.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2020-01-22 -
2021-04-22		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-18 -
2021-03-17		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2019-06-13 -
2021-06-28		 2 years crt.sh

This page contains 37 frames:

Primary Page: https://www.123greetings.com/send/view/02111921202227047176/r5
Frame ID: 14D0CAD0E7D34A04D0AEC7D885A17874
Requests: 138 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90&_rdc=1&_rdr
Frame ID: 4C0ACD792956A03A8B1F3142EF2FAD43
Requests: 4 HTTP requests in this frame

Frame: https://www.123greetings.com/send/fcp_track/2732477f7c49706e67677a217b716850116a6073/02111921202227047176/summary
Frame ID: E5987F8DD68B2BD5F18C226335C5FBF4
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqPOft7LHmSTmElOH1nDrPQHSG_-xVgwvGOChUqVyrtnGPClc7dS7tOT7oN9ebxU95jfKZaygogF32VbP72nfKhLyOS-bgaaTwtFO2HlX7dgC4HBCJqDNRHa6sO6qIvu2NDtFZz-74m3fglg5PPoaMA6Z9lk29WQv7kXeJht5RCAQ6DS5EiHHx4nMlrVfScs6oJI0faQJodsXzrIqbeVNyvq13fzAqz3rW2zYaj6Z2TIqnwv4TwnIYQQOzShFa0NQCc3RuqaDQ-U13j_GXO-gmY16-GgQaCuUcnGjGr85-5OnY6X2sHGrzBzxhffEWcoUG0Q&sai=AMfl-YTj4976N8jM66mvitm_yi-l2Q8ViposTziU9CNF_R_hDA7vJprORPL1Vk7ST9T8uR-8eGlxYVDR_rKWx2Prh5kqfJqP5cB2ObMHC0k2bFX5NzUQI3JA12tr63P1WXiN&sig=Cg0ArKJSzNXPN6c5nfMaEAE&urlfix=1&adurl=
Frame ID: 637C67D2369F8D8CC53B8D62DCF5D9AF
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFgVNIE3cRYC9xeg3Q8qa-Or2ySF1P6VG2DuJ6gojLg8JxH7YkEGfui-9un6ba7j8Pk8xxYN5k1LzTIczC11GM541vO8pkZ8ACjogyc3CbbisWfnW1-vgCFMDemadlRAmrc4Tsrx3kgX1JV1GVBbxrlhZzW8ierDGeRnFHXdWyUws1Ks2MJU1vccSSa9fRhaNzZP0Ua4a95LXPyYbre-sbsdkffHunHvbrfIzoy84NY9XKmi-f__VvNADuxjFN4M_qN6PIZ7M9HzEPN1CEGDaXV7p2RKNcpU-Fo_xE9ukEvj_-C09iUXucL1FAPOzqsgUm0SjY&sai=AMfl-YTWEqIceN4bDf347SsSjLDep6ViJP_PI2FywV9H4THYHzvO-Gbv4LMH7DefWc9X9vDbEeRh61eSmV0z24dxaaLeDGXD-zTSHLlzkmfYvwpRAvUn3UaLApBbieJ4tf2X&sig=Cg0ArKJSzAbFvaE9JNgBEAE&urlfix=1&adurl=
Frame ID: 53DE038A8C5BA125BE5F120604108BAE
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNvmeNx3j_pVOPL8LSo9xm1eLdqVLutv07vDwKQNrXfm4-AOiOMhq7OPKky57mE2ueAjSCPZNbIi-o40x90O3p6fIGDa637kY9ywDIhPkurlN8-C7ZzZ5uyqv1O1CLNhNmYTR9mS6QYxsM-u7Hhf8UE0DFLQ0gWhBri5ekvPd73c15DIuYa8v7OwKIUIFBNuY8E5oJ5Q9eNyAObKSKm5DoJIOV3GLQomsmzHc-ZIWExrlQMdcX265-HVRTKS-rovHP44vSS3MvfwIabnXA_TrPx9_T-AmFk2lTb--hPeqLnAGavlPNnyL-yuIwj1HGq3DpXpsdAig&sai=AMfl-YRbvGuaPKYuGhPNbpYc2MwOW0vQVKMh-Kz1he5vrj-t6af8JEXTwHlK9FZaKY1qX8uuT7iVm024Tj6-7GasH3iwZqpGF5vpDgNXvcH9ttcoNwfBUrhMo3vxH-wM-MdV&sig=Cg0ArKJSzOfzNhlfCUkxEAE&urlfix=1&adurl=
Frame ID: 2AC5D050C08D52ABC47577C56E761C68
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPjz72Ule-EfErsvlmv6vmSDHJQmKOuA1SgU9xSlF-FpnBKGTV7xjUbOuuSHLj2QI8Y-2yx83buSz0GNVifk8Sj-LMvELJxeyI-1MkM_Esthh7ZILGtmgkshZVWR5CN2gn887LAMEBGxlhCdDwCrX_ZV0pP4qu-aqH9cVfbWXHTPV11Rv6X3KnH6GyFaAnjxQo3ta_e1y_j6_ERjcx6SHxqr2EWE9fKDizUgJ2lxnRTzu7scb6Y8G5MKzIUjGHwZm4zIUiwYi5m-OqsuuKPFJovQa2GWrwvvlxTtEFErlqV9TdWGHGhnLtFRSWL_MDoBZurmwJHnR51w&sai=AMfl-YQyuK1zWYbwdvmJO5tBRvs_3p96jOTDiJV2VKHWxjJhH6ByjnFx7hvYxc6pYQxc0gfRbYEQCTPg03pAcDUr6YqgwrW3RVBjhm6eI1yJFpFpwpNPBM9CVsaKq5hX9u66&sig=Cg0ArKJSzBa51sGVQS2VEAE&urlfix=1&adurl=
Frame ID: 4BC00996CD14B353A5EAA46CF5CE11FB
Requests: 14 HTTP requests in this frame

Frame: https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 1FB5B1FC52CC528999AC77FAAEE31849
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Frame ID: E40FAE6BE677CC7DEE6764E051BEE941
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Frame ID: D1938A261DC246F8FF6224BC9322C158
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG_vbp6PIc7cAg0QBr2p739t4R0_DjlKMbKqhKFNkBB7x_xdTbxggcGvvLGQQe0oF-aB587ppQekja_FIJtAmw1z6HPLIVPabWzd6kUAnz3McgjSwc3eg2lJyNUE5rLngl_8CFn52v9aE86SvYidjKJsa7Jp92Mr1QqcM6HPpmMbVBUhHn6LxyKpnQ4oHphGtksIWr-G6_j9dgiLk-KkU3S63SuZQyRLarubsp-SMRXnovxjmO1pIx7ZUCMNkhhQJRvMl-og9LRwbA4kH05E-0bUnU9zeihK3LsFI8Ku-Rh16qPxAd6ECSngX0uG8dZyzEwqD2IPc&sai=AMfl-YRuzweTRlTbv2IDgWXgmbU7gU6uMdjJGm1OxIMPlxjm90RpWni83iq67LWMuoQeB6T4e4_cI8a8op67jLRIRWt8r5LGzdE-on3oGWnmaJjERBetRZSJBRlRqr_pNFd-&sig=Cg0ArKJSzKDE4UwoqCFsEAE&urlfix=1&adurl=
Frame ID: CBF61BC8439695696A6CF2CA124F577D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: 1F4955F0753338D5F216DECC1A40F1CA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html
Frame ID: 010C3461457A11AA4A0025BFCFABE5A0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031639&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567742&bpp=26&bdt=86&idt=370&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=2&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=2070519485&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=4104898558&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21068893%2C21068946&oid=3&pvsid=3989721309339403&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8cmrrih9rvr7&fsb=1&dtd=387
Frame ID: DEDD8FE0A03030D4CDAFCE626E71A456
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Frame ID: C4E2CEA82BDF9F53098C11251DAE2829
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Frame ID: 3A60A689DF62D7AC92FD069C02131690
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567872&bpp=5&bdt=208&idt=323&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=1726524868&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1517&biw=1600&bih=1200&isw=728&ish=90&ifk=3750355158&scr_x=0&scr_y=0&eid=21066649%2C21068769%2C21068893%2C21069110%2C21069710&oid=3&pvsid=3315057320345872&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1k4ucyzibley&btvi=1&fsb=1&dtd=331
Frame ID: 44ADC0978C2F5F7F56AE8DD51E936CD0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: AFFF17E339E9CF1E61DCC013CE7E28B2
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 6CA33D7E8A04E13E059B3E431F427DE6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 211010955F0145C5DEA52B598148E324
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5539C4774B92CDCB4D161E25E64DEC13
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: A013FEE2CE6A8A4EAB7202BE87E048A1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 25EE08B75F0401E1FD6D2D91F8003FD3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 0BB61D6BF7ACBCB1FA471E286F28E581
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js
Frame ID: 95CEFECB58F556BDDE0C839EEB52FB8F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js
Frame ID: 258BF8D2E39CEB7142121DFFDB694368
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C4F108158CBDB7C19BCB0C2A694D8C59
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: BA421A004194E8F9DE67FA088C8BD307
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: DB796D04CA38514CA15613E5419285FD
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: 0D8C396A90CD123594E15BCC9EE154D7
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1613448570862-986626528031-021165-015-006171&biddername=55&key=8997189281055410897
Frame ID: E9AA32E0654CB58C96FF6631FECE30C8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 26BB6C8391E80D947297EB36A1EDE09D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
Frame ID: 1F9B976BCB8AAFB4AA2D2B22FB01E9B4
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D64FA9E0290079F2CB4F8CF7062561C0
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: FB8DD8E53A0EBA34843E514F0C4C233F
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 69FA9D753B8A8E9FDC4290EFD05D0352
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
Frame ID: 4F731F14B870226C3212222F3331CBD8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

322
Requests

100 %
HTTPS

43 %
IPv6

30
Domains

53
Subdomains

42
IPs

5
Countries

4805 kB
Transfer

11552 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8996542299.65069&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&dvis=visible HTTP 302
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8996542299.65069&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&dvis=visible&ip=185.212.171.67&cuidchk=1
Request Chain 36
  • https://web.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90 HTTP 302
  • https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90&_rdc=1&_rdr
Request Chain 116
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 122
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 166
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 224
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 228
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 263
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1613448570862-986626528031-021165-015-006171%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1613448570862-986626528031-021165-015-006171%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1613448570862-986626528031-021165-015-006171&biddername=55&key=8997189281055410897
Request Chain 292
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 293
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YCtFewIurnwfhqWRYpb.kwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGCJLPDJ0I8b7HUevYTXVww&google_cver=1&google_hm=2
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YCtFewIurnwfhqWRYpb-kwAABJIAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEB6k3TakfRh5MSqOPeUlRF0&google_cver=1
Request Chain 296
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCtFewIurnwfhqWRYpb-kwAABJIAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCtFewIurnwfhqWRYpb-kwAABJIAAAAB&dcc=t
Request Chain 297
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1616040572
Request Chain 298
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 300
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YCtFewIurnwfhqWRYpb.kwAA%261170 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YCtFewIurnwfhqWRYpb.kwAA%261170

322 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set r5
www.123greetings.com/send/view/02111921202227047176/ 		31 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4124e64c75052f58252df291616ec3f689844840439f34cca4b1922366efee93
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.123greetings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Feb 2021 04:09:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Set-Cookie
SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
fcp_R1.css
c.123g.us/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/fcp_R1.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
30356f4ee7951ecbcb3b3581c7382375d9a6b3f7758387b159161f314b0dcf89

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 14 Feb 2021 18:07:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Apr 2020 06:03:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
122533
ETag
"2476a-362a-5a23472e28440"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3493
jake_test
Test_Pass
jquery.js
c.123g.us/js2/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 14 Feb 2021 19:24:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
117877
ETag
"2c43b-16f3a-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33449
jake_test
Test_Pass
swfobject.js
c.123g.us/js2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/swfobject.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 15 Feb 2021 05:06:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
82947
ETag
"261f-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3868
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 05:21:57 GMT
123g_utils_v1.js
c.123g.us/js2/ 		123 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_utils_v1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
123befcec3590e5fac545c132399414c8baffc3e28840d6df912070e2a0fdeff

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 17 Jan 2021 07:24:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 10:41:24 GMT
Server
Apache/2.2.15 (CentOS)
Age
2580306
ETag
"1ed5c-5b3459eecfd00"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30530
jake_test
Test_Pass
Expires
Fri, 22 Jan 2021 13:02:50 GMT
utilsopt.js
c.123g.us/js2/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/utilsopt.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 15 Feb 2021 05:06:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 10:40:59 GMT
Server
Apache/2.2.15 (CentOS)
Age
82947
ETag
"2c7c8-57b2-5b3459d6f84c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6801
jake_test
Test_Pass
123g_static.js
c.123g.us/js2/ 		135 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_static.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
62920b1fb80cd4c66afd8dc2c721f4f8aa3432ba23018bae94bd7a35835bf680

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 11:32:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Nov 2020 09:38:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
1442204
ETag
"21bf5-5b3bd70c98880"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24893
jake_test
Test_Pass
Expires
Sat, 30 Jan 2021 11:47:49 GMT
jquery.blockUI.js
c.123g.us/js2/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.blockUI.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 15 Feb 2021 06:56:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
76393
ETag
"1fe9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3052
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 07:11:11 GMT
rakpanel.js
c.123g.us/js2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/rakpanel.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 05:42:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Aug 2018 13:50:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1290421
ETag
"d4c-57300e747f440"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1626
jake_test
Test_Pass
Expires
Mon, 01 Feb 2021 05:57:24 GMT
addressbook.js
c.123g.us/js2/ 		397 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/addressbook.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fedb307abb8149c457e5f1df0e2ae11452c2179f57d56a30c5558e0e98fb2d40

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 22:27:23 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 10:40:59 GMT
Server
Apache/2.2.15 (CentOS)
Age
452521
ETag
"2c400-63523-5b3459d6f84c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76755
jake_test
Test_Pass
date.js
c.123g.us/js2/calendar/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/calendar/date.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 16:42:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
991629
ETag
"afa-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
974
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 16:57:16 GMT
jquery.datePicker.js
c.123g.us/js2/calendar/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/calendar/jquery.datePicker.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 15:32:23 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2119021
ETag
"3d65-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4593
jake_test
Test_Pass
Expires
Fri, 22 Jan 2021 15:47:23 GMT
jquery.ajax_autocomplete.js
c.123g.us/js2/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 04:36:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 08:18:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
257561
ETag
"7f11-5b19d2e943540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9770
jake_test
Test_Pass
Expires
Sat, 13 Feb 2021 04:51:45 GMT
jquery.bxslider_new.js
c.123g.us/js2/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.bxslider_new.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 20 Jan 2021 09:02:54 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2315190
ETag
"50ba-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5210
jake_test
Test_Pass
Expires
Fri, 22 Jan 2021 10:03:01 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddc4c42e9b4204acd9efa92309765127f83d4ec3dee60be588854ec6765ef7db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Kj+L+hBw60Q0Frr7Vdj2Gw==
cross-origin-resource-policy
cross-origin
expires
Tue, 16 Feb 2021 04:19:30 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
qvlWe25HZ9171zK1UUILj9EKY+/8eR0jv8Gr+N1ZrCz0X0BRj4bZw89Rd0Jw94m8IGttQ7TsYx2A7Qyxy2eEDg==
x-fb-trip-id
917726464
x-fb-content-md5
4a081dd008ba51b8d13b4b5fc99c5a10
date
Tue, 16 Feb 2021 04:09:24 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"867f87715ceaa7ff1ba521a7e3beea93"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
styleopt_R1.css
c.123g.us/css/ 		80 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/styleopt_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e42ded22e1888b43db2267140c74bc8490431dc6e3422ab9a4897d67066f6e30

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 13:13:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 07:35:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
2040972
ETag
"2488f-13f79-5b19c93c92200"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16142
jake_test
Test_Pass
modal_window_R1.css
c.123g.us/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/modal_window_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 08:15:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 09:39:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
330807
ETag
"8220-5a7b79d367980"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6727
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 14:02:51 GMT
print_card_R1.css
c.123g.us/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/print_card_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 07:58:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jul 2018 11:23:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1023053
ETag
"af1-571586732da80"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
807
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 08:13:31 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3076315-1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d3e0f1b66409603b9bcf65c846b9e0444ca796694ee9d7e493f8faa7b9a9ed5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39107
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Feb 2021 04:09:25 GMT
ajax-fileuploader.gif
c.123g.us/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/ajax-fileuploader.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 07:45:08 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
505457
ETag
"2a43-54da7c7a66000"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10819
jake_test
Test_Pass
Expires
Wed, 10 Feb 2021 08:00:09 GMT
123g_master_bg.png
c.123g.us/images/ 		145 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/123g_master_bg.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 03:39:10 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
1125015
ETag
"91-54da7c7b5a240"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145
jake_test
Test_Pass
Expires
Wed, 03 Feb 2021 03:55:24 GMT
master_img_menu.png
c.123g.us/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 06:50:31 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
249534
ETag
"9d023-1861-54a227b81c940"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
icon_set_R1.png
c.123g.us/images/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:17:00 GMT
Last-Modified
Mon, 18 Nov 2019 12:30:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
237145
ETag
"9d05a-230cb-5979e1b2b4200"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143563
jake_test
Test_Pass
big_img_sprite.png
c.123g.us/images/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 12:02:31 GMT
Last-Modified
Wed, 11 Sep 2019 08:42:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
1786014
ETag
"9cd35-21653-5924300b6d700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
master_icon_set_2.png
c.123g.us/images/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7272d4ee4691fbb05f8844d60af444ec17e03d6e009fddaebd2bc97c2ab66b67

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 07:30:28 GMT
Last-Modified
Mon, 01 Feb 2021 07:29:19 GMT
Server
Apache/2.2.15 (CentOS)
Age
1283937
ETag
"9cc7a-1b74c-5ba414fdbd1c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
112460
jake_test
Test_Pass
sdk.js
connect.facebook.net/en_US/ 		198 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a3fae526397a1a22354b49df77a2105c&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b2af45f8f19487bec351186a0329f2460e8374d986f4096a610d45f30e3dda7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.123greetings.com
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fYewFB+TliRE4y+2y1Ve4g==
cross-origin-resource-policy
cross-origin
expires
Wed, 16 Feb 2022 03:40:15 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60966
x-fb-rlafr
0
x-fb-debug
p5mhYG62nV5khP/W4AXMYniEsvj3n3CX11WmVKdooRQiqMc1+x+12qvMKa+Ht+SagPLE3+3Ae4NAVoOyz4D4Vg==
x-fb-trip-id
917726464
x-fb-content-md5
e63a46cfc0903dda04acb5295f0aa525
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 16 Feb 2021 04:09:25 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"358da4e6221beab4228ef0c4621688cd"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
request.js
trkn.us/info/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8996542299.65069
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.0.202 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-0-202.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b1d6a1132cdefa4a87585b74eda12c4bc0b1744f7d15f675c3f5779a20fb57df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
731
Expires
Sun, 01 Jan 2014 00:00:00 GMT
connect_config.js
c.123g.us/js2/ 		201 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 12:07:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1008110
ETag
"c9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 12:22:36 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3076315-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2964
date
Tue, 16 Feb 2021 03:20:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 16 Feb 2021 05:20:01 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=6268317308&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a3fae526397a1a22354b49df77a2105c&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
3xNPgVFm4IGNQht1fNXoWe75Eu4fEf8E/uFiGUoIzHl/30DwScYr8F7CxzLjMRDcXYFKC+AMOvO4bQv8nod0NA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Tue, 16 Feb 2021 04:09:25 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1642324332&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1212107517&gjid=1439159032&cid=249445502.1613448565&tid=UA-3076315-1&_gid=1499543834.1613448565&_r=1&gtm=2ou230&z=43817334
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trkn.us/info/
Redirect Chain
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8996542299.65069&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&dvis=visible
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8996542299.65069&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&dvis=visible&ip=185.212.171.67&c...
42 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8996542299.65069&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&dvis=visible&ip=185.212.171.67&cuidchk=1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.0.202 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-0-202.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:25 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Tue, 16 Feb 2021 04:09:25 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=8996542299.65069&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&dvis=visible&ip=185.212.171.67&cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
345818_details.js
x.123g.us/json/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/345818_details.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0cda1ce9267f9379be6f18b526a45de6eab728db5ef387c4265e868e02e43add

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 04:09:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Feb 2021 17:09:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
0
ETag
"a63-5bb630ce45400"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
861
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 04:24:26 GMT
menu.js
x.123g.us/json/ 		70 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/menu.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e09d30cc4a7638b2004ffa2444b4eb61ec59f2cda2c823f6130f3cae9eb05ffa

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 04:08:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Feb 2021 04:06:49 GMT
Server
Apache/2.2.15 (CentOS)
Age
80
ETag
"1166b-5bb6c3b482840"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13047
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 04:23:07 GMT
345818_pc.jpg
i.123g.us/c/ejan_chinese_happy/pc/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_chinese_happy/pc/345818_pc.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ca0c70e9f630b881f04c602147c07bd3ba3e63cded94d0a03620db7e11cd76f6

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 12:56:19 GMT
Last-Modified
Thu, 04 Feb 2021 11:51:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1005187
ETag
"12117-5ba815197be80"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
74007
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 07:49:05 GMT
play-button.png
c.123g.us/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/play-button.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 08:03:32 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
1022754
ETag
"9cf17-afd-54a227b6344c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2813
jake_test
Test_Pass
345818_bg.jpg
i.123g.us/c/ejan_chinese_happy/bg/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_chinese_happy/bg/345818_bg.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d1a70d3d0a0be27194afd9b941c1a644db2a1acfc6754ab69f85150aa428f75b

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Feb 2021 01:53:08 GMT
Last-Modified
Thu, 04 Feb 2021 11:50:50 GMT
Server
Apache/2.2.15 (CentOS)
Age
958579
ETag
"e87-5ba8150a39a80"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3719
jake_test
Test_Pass
Expires
Sat, 06 Feb 2021 12:08:02 GMT
like.php
www.facebook.com/v2.0/plugins/ Frame 4C0A
Redirect Chain
  • https://web.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123gr...
  • https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123gr...
156 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90&_rdc=1&_rdr
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a3fae526397a1a22354b49df77a2105c&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a4d6aa13ff3f2301cbe6c6af90b3edc2c8d1b60cb8e0b9d654db8dc668e862ae
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90&_rdc=1&_rdr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
Vx5uQV40DGiwkWye8nmuO5vKE1fwn/TrGq/z8XnByFKm5ADPc5BaxLG+FS3vgE3kQfTwVil2vgnbGM8Qv+1Aog==
date
Tue, 16 Feb 2021 04:09:27 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90&_rdc=1&_rdr
x-fb-zr-redirect
02|1613534966|FzBGAiEAk_L9a6VxXjKJRAtacuwA2ThDRMLWXuZqMpyNvtvYrbgCIQDL7bkkjK4XJYNov1KSvyHt32PxzUlTypNUJ_gZwESNcQ
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
LjklHUrV2h4VbSoJqCKiXp1z2nGpqie1cekiyzdqiJV0y6KKFjxK55ZzkAbrze3pt5TmlYxCt05HuB6R3+qBtQ==
content-length
0
date
Tue, 16 Feb 2021 04:09:26 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
PinExt.png
assets.pinterest.com/images/ 		936 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pinterest.com/images/PinExt.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:1ad::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn
akamai
etag
"61ed0472dfcbfaf25e7585f119adf76a"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=57818
accept-ranges
bytes
content-length
936
access-control-expose-headers
X-CDN
345818.mp4
v.123g.us/vod/ejan_chinese_happy/ 		176 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://v.123g.us/vod/ejan_chinese_happy/345818.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 16 Feb 2021 04:09:27 GMT
Last-Modified
Thu, 04 Feb 2021 12:18:16 GMT
Server
Footprint Distributor V6.1.1162
Age
0
ETag
"52b1df-5ba81b2cdcaa3"
Vary
Accept-Encoding
Content-Type
video/mp4
Content-Range
bytes 0-5419486/5419487
Connection
keep-alive
Content-Length
5419487
345818.mp4
v.123g.us/vod/ejan_chinese_happy/ 		16 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://v.123g.us/vod/ejan_chinese_happy/345818.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 16 Feb 2021 04:09:27 GMT
Last-Modified
Thu, 04 Feb 2021 12:18:16 GMT
Server
Footprint Distributor V6.1.1162
Age
0
ETag
"52b1df-5ba81b2cdcaa3"
Vary
Accept-Encoding
Content-Type
video/mp4
Content-Range
bytes 0-5419486/5419487
Connection
keep-alive
Content-Length
5419487
master_img_menu.png
c.123g.us/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 06:50:31 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
249535
ETag
"9d023-1861-54a227b81c940"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
icon_set_R1.png
c.123g.us/images/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:17:00 GMT
Last-Modified
Mon, 18 Nov 2019 12:30:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
237146
ETag
"9d05a-230cb-5979e1b2b4200"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143563
jake_test
Test_Pass
tagclouds_cards.js
x.123g.us/json/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/tagclouds_cards.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
71554b959d04edb36d76e88ffa149faaefefec917865b71a33fb8c6ff2fa9ca6

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 03:41:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Feb 2021 03:31:25 GMT
Server
Apache/2.2.15 (CentOS)
Age
1669
ETag
"b2c-5bb6bbcae7d40"
Vary
Accept-Encoding
Content-Type
text/javascript
access-control-allow-origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
685
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 03:56:58 GMT
check_js_file.pl
www.123greetings.com/usr-bin/ 		19 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/usr-bin/check_js_file.pl?card_number=345818
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4bd132b612c6363a2ec753198c846cd529ea5168874837046abdac11054097b0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 04:09:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Content-Type
text/html; charset=UTF-8
connect_config.js
c.123g.us/js2/ 		201 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 12:07:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1008111
ETag
"c9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 12:22:36 GMT
Cookie set summary
www.123greetings.com/send/fcp_track/2732477f7c49706e67677a217b716850116a6073/02111921202227047176/ Frame E598 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/send/fcp_track/2732477f7c49706e67677a217b716850116a6073/02111921202227047176/summary
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.123greetings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_ga=GA1.2.249445502.1613448565; _gid=GA1.2.1499543834.1613448565; _gat_gtag_UA_3076315_1=1; config_data=CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

Cache-control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 Feb 2021 04:09:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Set-Cookie
SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
gpt.js
www.googletagservices.com/tag/js/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1892e9eee5c0b0cc01799ca7b3e16ebe91fabd6a4a876463aed1b9d65266150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"785 / 789 of 1000 / last-modified: 1613171553"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
19504
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
pubads_impl_2021020901.js
securepubads.g.doubleclick.net/gpt/ 		288 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:41:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103372
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 4C0A 		400 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90&_rdc=1&_rdr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug
rU80UoBNQPLk4z4WeBeWjFCko1zxNIV/RubGbi2S27Tr2xtumO9o9h406Lhe/hX1J7J6UcrF8b8deWAyjMd0Mg==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Thu, 04 Feb 2021 22:00:17 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
400
x-fb-rlafr
0
expires
Fri, 04 Feb 2022 22:00:17 GMT
pUW5VaFoCW2.js
www.facebook.com/rsrc.php/v3iEpO4/yS/l/en_US/ Frame 4C0A 		477 KB
123 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yS/l/en_US/pUW5VaFoCW2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90&_rdc=1&_rdr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c0571c4439bc71a810f1f6021ead277b6b22fb193908d99202edaa4e6e56fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90&_rdc=1&_rdr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug
YXd3tlSWFjyTOh/y6TiDKE4xrShlOw86ka+tTTUA3Ciui/pJmejsX0fZCOCe2iRNkDfcyerutXQNZ6OWSsbf2Q==
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
xmrT/mxSM8e//A6AQwDR6g==
date
Sat, 13 Feb 2021 03:50:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
125162
x-fb-rlafr
0
expires
Sun, 13 Feb 2022 03:50:05 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 4C0A 		67 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1613448567042&t_start=1613448567042&t_domcontent=1613448567092&t_layout=1613448567095&t_onload=1613448567095&t_paint=1613448567095&t_creport=1613448567095&t_tti=1613448567092&lid=6929708826659375218-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b92abffc6df6c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff2a0157ea6d2dc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchinese_new_year%2Fhappy%2Fbest_wishes_for_a_prosperous_new_year.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90&_rdc=1&_rdr
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
aylXXoRgB1DOlOkMGN5043k8RCih6khahvF9epaNbTEgsfDwLaaV1BbynIbf2kNpbR5v3Wwd/GAFhjTKGYPmOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Tue, 16 Feb 2021 04:09:27 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		186 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3582318066510072&correlator=3910207270978251&output=ldjh&impl=fifs&eid=21068773%2C21068891%2C21069823%2C21069979&vrg=2021020901&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210216&iu_parts=46400095%2CDesktopWeb_Finalcard_LB%2CDesktopWeb_Finalcard_Sky%2CDesktopWeb_Finalcard_LowerLB%2CDesktopWeb_Finalcard_Preroll%2CDesktopWeb_Finalcard_FCPLarge1%2CDesktopWeb_Finalcard_FCPLarge2%2CDesktopWeb_Finalcard_FCPLarge3%2CDesktopWeb_Finalcard_Video&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=728x90%2C160x600%2C970x90%7C728x90%7C970x250%2C300x250%7C336x280%7C360x300%2C300x250%2C300x250%2C300x250%2C1x1&cust_params=site%3D123greetings.com%26section%3Dejan_chinese_happy%26page%3Dfinalcard&cookie_enabled=1&bc=31&abxe=1&lmt=1613448567&dt=1613448567178&dlt=1613448564788&idt=2367&frm=20&biw=1600&bih=1200&oid=3&adxs=560%2C1114%2C310%2C410%2C332%2C650%2C968%2C0&adys=47%2C236%2C1517%2C535%2C949%2C949%2C949%2C1801&adks=3337616149%2C1542450727%2C4029745640%2C3714999025%2C3462125275%2C1838853332%2C2455301282%2C2411661447&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90%7C172x612%7C980x127%7C470x316%7C980x300%7C980x300%7C980x300%7C1600x1792&msz=728x90%7C160x600%7C980x90%7C470x270%7C314x264%7C314x264%7C314x264%7C1600x1&ga_vid=249445502.1613448565&ga_sid=1613448567&ga_hid=1642324332&fws=4%2C4%2C0%2C0%2C0%2C0%2C0%2C0&ohw=728%2C160%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
570411bfbbb25ffa4b5ef09ab137f79044218127ba8fb52b5d800fcac5a83da2
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLjY3KXE7e4CFWiDgwcdt9kDaA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14668175097915089381/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLjY3KXE7e4CFWiDgwcdt9kDaA&gqi=&layout=/sadbundle/%24csp%253Der3%24/14668175097915089381/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
google-creative-id
138271367694,113980516335,99278302815,138271368528,-1,-1,-1,138326033967
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43627
x-xss-protection
0
google-lineitem-id
5075419110,287186655,237051975,5075596738,-1,-1,-1,5501288042
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Tue, 16 Feb 2021 04:09:27 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 637C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqPOft7LHmSTmElOH1nDrPQHSG_-xVgwvGOChUqVyrtnGPClc7dS7tOT7oN9ebxU95jfKZaygogF32VbP72nfKhLyOS-bgaaTwtFO2HlX7dgC4HBCJqDNRHa6sO6qIvu2NDtFZz-74m3fglg5PPoaMA6Z9lk29WQv7kXeJht5RCAQ6DS5EiHHx4nMlrVfScs6oJI0faQJodsXzrIqbeVNyvq13fzAqz3rW2zYaj6Z2TIqnwv4TwnIYQQOzShFa0NQCc3RuqaDQ-U13j_GXO-gmY16-GgQaCuUcnGjGr85-5OnY6X2sHGrzBzxhffEWcoUG0Q&sai=AMfl-YTj4976N8jM66mvitm_yi-l2Q8ViposTziU9CNF_R_hDA7vJprORPL1Vk7ST9T8uR-8eGlxYVDR_rKWx2Prh5kqfJqP5cB2ObMHC0k2bFX5NzUQI3JA12tr63P1WXiN&sig=Cg0ArKJSzNXPN6c5nfMaEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 637C 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bf6aa601f245548822ec6c2b85a95d3ba4f72024e6970aabc2d7e0c0ca0f80f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
34247
x-xss-protection
0
server
cafe
etag
15414210905978819722
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 04:09:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 637C 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960666436283"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
33367
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 53DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstFgVNIE3cRYC9xeg3Q8qa-Or2ySF1P6VG2DuJ6gojLg8JxH7YkEGfui-9un6ba7j8Pk8xxYN5k1LzTIczC11GM541vO8pkZ8ACjogyc3CbbisWfnW1-vgCFMDemadlRAmrc4Tsrx3kgX1JV1GVBbxrlhZzW8ierDGeRnFHXdWyUws1Ks2MJU1vccSSa9fRhaNzZP0Ua4a95LXPyYbre-sbsdkffHunHvbrfIzoy84NY9XKmi-f__VvNADuxjFN4M_qN6PIZ7M9HzEPN1CEGDaXV7p2RKNcpU-Fo_xE9ukEvj_-C09iUXucL1FAPOzqsgUm0SjY&sai=AMfl-YTWEqIceN4bDf347SsSjLDep6ViJP_PI2FywV9H4THYHzvO-Gbv4LMH7DefWc9X9vDbEeRh61eSmV0z24dxaaLeDGXD-zTSHLlzkmfYvwpRAvUn3UaLApBbieJ4tf2X&sig=Cg0ArKJSzAbFvaE9JNgBEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 53DE 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bf6aa601f245548822ec6c2b85a95d3ba4f72024e6970aabc2d7e0c0ca0f80f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
34247
x-xss-protection
0
server
cafe
etag
15414210905978819722
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 04:09:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 53DE 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960666436283"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
33367
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2AC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNvmeNx3j_pVOPL8LSo9xm1eLdqVLutv07vDwKQNrXfm4-AOiOMhq7OPKky57mE2ueAjSCPZNbIi-o40x90O3p6fIGDa637kY9ywDIhPkurlN8-C7ZzZ5uyqv1O1CLNhNmYTR9mS6QYxsM-u7Hhf8UE0DFLQ0gWhBri5ekvPd73c15DIuYa8v7OwKIUIFBNuY8E5oJ5Q9eNyAObKSKm5DoJIOV3GLQomsmzHc-ZIWExrlQMdcX265-HVRTKS-rovHP44vSS3MvfwIabnXA_TrPx9_T-AmFk2lTb--hPeqLnAGavlPNnyL-yuIwj1HGq3DpXpsdAig&sai=AMfl-YRbvGuaPKYuGhPNbpYc2MwOW0vQVKMh-Kz1he5vrj-t6af8JEXTwHlK9FZaKY1qX8uuT7iVm024Tj6-7GasH3iwZqpGF5vpDgNXvcH9ttcoNwfBUrhMo3vxH-wM-MdV&sig=Cg0ArKJSzOfzNhlfCUkxEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 2AC5 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bf6aa601f245548822ec6c2b85a95d3ba4f72024e6970aabc2d7e0c0ca0f80f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
34247
x-xss-protection
0
server
cafe
etag
15414210905978819722
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 04:09:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2AC5 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960666436283"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
33367
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4BC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPjz72Ule-EfErsvlmv6vmSDHJQmKOuA1SgU9xSlF-FpnBKGTV7xjUbOuuSHLj2QI8Y-2yx83buSz0GNVifk8Sj-LMvELJxeyI-1MkM_Esthh7ZILGtmgkshZVWR5CN2gn887LAMEBGxlhCdDwCrX_ZV0pP4qu-aqH9cVfbWXHTPV11Rv6X3KnH6GyFaAnjxQo3ta_e1y_j6_ERjcx6SHxqr2EWE9fKDizUgJ2lxnRTzu7scb6Y8G5MKzIUjGHwZm4zIUiwYi5m-OqsuuKPFJovQa2GWrwvvlxTtEFErlqV9TdWGHGhnLtFRSWL_MDoBZurmwJHnR51w&sai=AMfl-YQyuK1zWYbwdvmJO5tBRvs_3p96jOTDiJV2VKHWxjJhH6ByjnFx7hvYxc6pYQxc0gfRbYEQCTPg03pAcDUr6YqgwrW3RVBjhm6eI1yJFpFpwpNPBM9CVsaKq5hX9u66&sig=Cg0ArKJSzBa51sGVQS2VEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 4BC0 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bf6aa601f245548822ec6c2b85a95d3ba4f72024e6970aabc2d7e0c0ca0f80f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
34247
x-xss-protection
0
server
cafe
etag
15414210905978819722
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 04:09:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4BC0 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960666436283"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
33367
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960672666234"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28344
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
container.html
64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1FB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Tue, 16 Feb 2021 04:09:27 GMT
expires
Wed, 16 Feb 2022 04:09:27 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022010270040000/ Frame E40F 		180 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
396569
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51484
x-xss-protection
0
server
sffe
date
Thu, 11 Feb 2021 13:59:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6d03694bae3d062c"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Feb 2022 13:59:58 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E40F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022010270040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
339824
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Fri, 12 Feb 2021 05:45:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"77bd676d834aaa8d"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Feb 2022 05:45:43 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E40F 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022010270040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
511999
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
date
Wed, 10 Feb 2021 05:56:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1304c1c0caf7ca3c"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Feb 2022 05:56:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E40F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022010270040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
396569
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
server
sffe
date
Thu, 11 Feb 2021 13:59:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"12c034eb739190af"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Feb 2022 13:59:58 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022010270040000/v0/ Frame E40F 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022010270040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
339824
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13075
x-xss-protection
0
server
sffe
date
Fri, 12 Feb 2021 05:45:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e8a1dae72af56cd"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Feb 2022 05:45:43 GMT
truncated
/ Frame E40F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87309d0e7c14f1029472a0febd8a38340b52686bb1805d968c18264acde6cde8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022010270040000/ Frame D193 		180 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
396569
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51484
x-xss-protection
0
server
sffe
date
Thu, 11 Feb 2021 13:59:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6d03694bae3d062c"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Feb 2022 13:59:58 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022010270040000/v0/ Frame D193 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022010270040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
339824
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4850
x-xss-protection
0
server
sffe
date
Fri, 12 Feb 2021 05:45:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"77bd676d834aaa8d"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Feb 2022 05:45:43 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022010270040000/v0/ Frame D193 		90 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022010270040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
511999
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27668
x-xss-protection
0
server
sffe
date
Wed, 10 Feb 2021 05:56:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1304c1c0caf7ca3c"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Feb 2022 05:56:08 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022010270040000/v0/ Frame D193 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022010270040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
396569
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1350
x-xss-protection
0
server
sffe
date
Thu, 11 Feb 2021 13:59:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"12c034eb739190af"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Feb 2022 13:59:58 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022010270040000/v0/ Frame D193 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022010270040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
339824
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13075
x-xss-protection
0
server
sffe
date
Fri, 12 Feb 2021 05:45:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e8a1dae72af56cd"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Feb 2022 05:45:43 GMT
truncated
/ Frame D193 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
375839fcbeb086876ba24ce6fd116da53df503609aca3c472310f46095682c6d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame CBF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG_vbp6PIc7cAg0QBr2p739t4R0_DjlKMbKqhKFNkBB7x_xdTbxggcGvvLGQQe0oF-aB587ppQekja_FIJtAmw1z6HPLIVPabWzd6kUAnz3McgjSwc3eg2lJyNUE5rLngl_8CFn52v9aE86SvYidjKJsa7Jp92Mr1QqcM6HPpmMbVBUhHn6LxyKpnQ4oHphGtksIWr-G6_j9dgiLk-KkU3S63SuZQyRLarubsp-SMRXnovxjmO1pIx7ZUCMNkhhQJRvMl-og9LRwbA4kH05E-0bUnU9zeihK3LsFI8Ku-Rh16qPxAd6ECSngX0uG8dZyzEwqD2IPc&sai=AMfl-YRuzweTRlTbv2IDgWXgmbU7gU6uMdjJGm1OxIMPlxjm90RpWni83iq67LWMuoQeB6T4e4_cI8a8op67jLRIRWt8r5LGzdE-on3oGWnmaJjERBetRZSJBRlRqr_pNFd-&sig=Cg0ArKJSzKDE4UwoqCFsEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame CBF6 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:be00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d4390447cdbeb188fcda3f6593cbb3ebb1db6fe26ddf5589e00c5bce297ce38a

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
JC1MZXnTlq5q1hwwM7uac4dOsQCTW8Fq
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 10:42:18 GMT
server
AmazonS3
age
33603
etag
W/"68c180f02ff8411308f6cfc922d94aa4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
date
Mon, 15 Feb 2021 18:49:27 GMT
x-amz-cf-pop
PRG50-C1
x-amz-cf-id
81-wTYUzOVkCSoQCsNQXp-yVBI1PtT2kGRqI0DgNHeT-sSbcaOlHJw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CBF6 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960666436283"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
33367
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
15730856539003239669
tpc.googlesyndication.com/simgad/ Frame E40F 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15730856539003239669?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkZRZieOxxT4JzY7fmun87g2IpgyQ
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1885f423c2c3cb98bf67c60b4cf9bf982855e23eaa6355c503adc9147547cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 12:52:23 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 12:12:11 GMT
server
sffe
age
314224
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50078
x-xss-protection
0
expires
Sat, 12 Feb 2022 12:52:23 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E40F 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Feb 2021 12:56:43 GMT
x-content-type-options
nosniff
server
cafe
age
54764
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 16 Feb 2021 12:56:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E40F 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Feb 2021 04:25:38 GMT
x-content-type-options
nosniff
server
cafe
age
85429
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:25:38 GMT
l
www.google.com/ads/measurement/ Frame E40F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkdOZOkTpyXjtXranjjHiw8xDdjvfD2aKlrYm-6Y2ezUbNoBHYSxgERs87nb6IWcFZqUgb
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame E40F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cyu1Ed0UrYMXBEOiGjuwPt7OPwAa-j76xYe7LppWWDa4CEAEg7_aQIWCRhJOF_BegAa3ciogDyAEC4AIAqAMByAMIqgTrAU_QBppqyva3JkfZ7xXmeip0law9Q_kB0TUj6WajQAk7I8fTuAfFjlAKFnb8xScBrwhxqGM67FfUG_g_LYGNVZaC2xd5fgq50Pbv3hnw-BLjXrI7MYmE2xO6-sGfZyjvKohSKiYuTYdtXDRRhAlqLqz0osxCldcu2hLUeS57tEe-AdQXkhkf6gFMr7g_KnxVNbraZUcxvs4fc1Pm87_dsPmUuz34DFdWxAy6RqNmY8C7pu09PGM_jwHD3W0zgUhUL9hO6gGqZ4hPHlGw7HFNijDbq4CwRIhTSqFTw479XLEJI8qhrXf8pBFshCDABNu9ttaEA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAeCpsVqqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEO2IBdIICQiA4YBwEAEYHYAKA8gLAdgTDLIXGgoYCAASFHB1Yi00NjI3NTE3NjgwMjQ5Njcw&sigh=Ed6M6_kCjX4&tpd=AGWhJmuLnZ-K7MJgmF2NwPp1T65WjYGlhI_XbwDAwQWBhtDs1A
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
15730856539003239669
tpc.googlesyndication.com/simgad/ Frame D193 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15730856539003239669?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkZRZieOxxT4JzY7fmun87g2IpgyQ
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1885f423c2c3cb98bf67c60b4cf9bf982855e23eaa6355c503adc9147547cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 12:52:23 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 12:12:11 GMT
server
sffe
age
314224
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50078
x-xss-protection
0
expires
Sat, 12 Feb 2022 12:52:23 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D193 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Feb 2021 12:56:43 GMT
x-content-type-options
nosniff
server
cafe
age
54764
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 16 Feb 2021 12:56:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D193 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Feb 2021 04:25:38 GMT
x-content-type-options
nosniff
server
cafe
age
85429
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:25:38 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D193 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cin6Fd0UrYJLCEOiGjuwPt7OPwAa-j76xYe7LppWWDa4CEAEg7_aQIWCRhJOF_BegAa3ciogDyAEC4AIAqAMByAMIqgTrAU_QVnvF2z8xptCBgtSVMWDzzqGWQLxn52mIdMw1T1X4kuE9sNbhQCfvP9TpCf9iEzQkAfetbkF4NY6-SyeMV86dpKGofbRZtwpvgs6akVn_lOnmeF6mg2kwtvTNgSw_FxPP-ce6lpFDs0TvBVvLcgbIY1HoDpwQibRW2KzUGgjJQTTBqmY0akOD3dJ6_C7UUGW6_c0K4PwJMmD0MxxdSo0S5XA-2vKkO0dJXLViopOVEO9Og9qxbteLbmjIpGOepvKb0bzOCaeON3AIXnZ1LH_fIFAsbJLWCjYeXfwQp_WuaEilCLG47qHkdEnABNu9ttaEA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAeCpsVqqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMP1BNIICQiA4YBwEAEYHYAKA8gLAdgTDLIXGgoYCAASFHB1Yi00NjI3NTE3NjgwMjQ5Njcw&sigh=uo0el2r_eMk&tpd=AGWhJmu-5E1B81ukdJhezwtaemOspQ7vHIoSB7injqfYzFQrEQ
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021020901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efed473401c0fd0372f5b06aa7ec24dfb267ad74a9aad22ad77457a51f71312b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6436
x-xss-protection
0
fcp_thankyou.js
x.123g.us/json/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/fcp_thankyou.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 03:49:05 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 May 2020 08:02:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
1222
ETag
"f55-5a5bf5ae75580"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1026
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 04:04:05 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ Frame 637C 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ab0341f68cc06548e5b65a9660bf17584dd7a03bc68edf26a41a560789d1a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87060
x-xss-protection
0
server
cafe
etag
14406113461772004968
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 04:09:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame 1F49 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210211/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnLkMvZmQ4e0f0JDc5x0lw1tBVGW_-SRobHK8fxzqPxA2cnGOVTBI9RHCZ-
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 15 Feb 2021 04:14:22 GMT
expires
Mon, 01 Mar 2021 04:14:22 GMT
content-type
text/html; charset=UTF-8
etag
6440208225989294717
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4777
x-xss-protection
0
age
86105
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 637C 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1df7e0416552b349d5be99d04e1c6f0c1ac6efb0f7ea6ed3d09ecce101f8a7e9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ Frame 53DE 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ab0341f68cc06548e5b65a9660bf17584dd7a03bc68edf26a41a560789d1a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87060
x-xss-protection
0
server
cafe
etag
14406113461772004968
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 04:09:27 GMT
truncated
/ Frame 53DE 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09e4647c93bc3f34ee110dae0898995ff8cd592ebc281eb4ae985f7fcf91a12a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ Frame 4BC0 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ab0341f68cc06548e5b65a9660bf17584dd7a03bc68edf26a41a560789d1a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87060
x-xss-protection
0
server
cafe
etag
14406113461772004968
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 04:09:27 GMT
truncated
/ Frame 4BC0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51c1b7f44ec78241fcc808e6df0989b074a211792b4190b3a1bd087a62b1b297

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ Frame 2AC5 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ab0341f68cc06548e5b65a9660bf17584dd7a03bc68edf26a41a560789d1a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87060
x-xss-protection
0
server
cafe
etag
14406113461772004968
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Feb 2021 04:09:27 GMT
truncated
/ Frame 2AC5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9794b8027bbd0acf3703a6997b812381d8c34e7a46f69a72cb0b374d011c18a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CBF6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f331d1c54aa91e50511d335fd0a8fbaed9193f576ae011d40dddb306802663b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021020901.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:27 GMT
thank_sendcard_v3.js
x.123g.us/json/ 		586 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/thank_sendcard_v3.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ff5d79853b24ef94811fa8ffd5d504fd70a8b9f5501d7f17057ba7a4dd5332db

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 03:43:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Feb 2021 03:01:54 GMT
Server
Apache/2.2.15 (CentOS)
Age
1583
ETag
"24a-5bb6b531f2c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
327
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 03:58:17 GMT
abc.txt
static.avantisvideo.com/data/ Frame CBF6 		28 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.141.101 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-67-141-101.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b6d0baad18d8c8777ef627d789c21ecde6910b0e5842ffb562d18ecc0f4f39cc

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 16 Feb 2021 04:09:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:23:52 GMT
Server
AmazonS3
x-amz-request-id
1EC1A8D388E68EC7
ETag
"5e882f7788e6ff7026f9ee2993591936"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6047
x-amz-id-2
UR0s/nvBHhOUSQ1fFPUnwm0eEy0vG2i6rRibxC38EECTVSdXxCslsH11UiNVWMc+9D2TjIDQ1tw=
abc.txt
static.avantisvideo.com/data/ Frame CBF6 		28 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.141.101 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-67-141-101.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b6d0baad18d8c8777ef627d789c21ecde6910b0e5842ffb562d18ecc0f4f39cc

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 16 Feb 2021 04:09:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:23:52 GMT
Server
AmazonS3
x-amz-request-id
1EC1A8D388E68EC7
ETag
"5e882f7788e6ff7026f9ee2993591936"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6047
x-amz-id-2
UR0s/nvBHhOUSQ1fFPUnwm0eEy0vG2i6rRibxC38EECTVSdXxCslsH11UiNVWMc+9D2TjIDQ1tw=
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/ Frame 010C 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ba8b07377df201f4ed44920f9041e5b49472048341dd8db70cda6dd00a8f61e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/14668175097915089381/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3763
date
Fri, 12 Feb 2021 06:57:47 GMT
expires
Sat, 12 Feb 2022 06:57:47 GMT
last-modified
Tue, 26 Jan 2021 08:46:30 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
335501
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 1FB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTqOXd0UrYPjAEOiGjuwPt7OPwAa18O-FYbO23ayBDfCo_fPRHBABIO_2kCFgkYSThfwXoAHZzaeiA8gBCakCi2U3dH5ZtD7gAgCoAwHIAwiqBPoBT9DfqDljDJsI-Sl9c3NxqjLqPgWK_WbMuWNmFqUXe8nPh8S1h7V3l6RD-Lhv6dVnJTeN9_EFcVzSbmzMqy_JTG_SV_6rvYvqPY2m9a0LOFHMLc5CTB3Yt2elMu9VyNN4sYKR3s9sLj8n8OD32G9CyYDiJzMkM3H7WY9byKOCXWvDuz6iMdzwMjDETHdcyJwACa_qclqlz7xjjtP1oXYga8kMBzp3rVJbQm_hOMc1YtmI-Vm02G4P0bZMjzWkBjLY3ew0ioDSSjb7b8MOU7YyH1ycxPl15np2MDWSu2FWZR6TldID-QrCX31CwkNPaimnn4v9iAE2dVcN-cAEttentJID4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB4-y2F2oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQh4wE0ggJCIDhgHAQARgdgAoDyAsB2BMMshcaChgIABIUcHViLTQ2Mjc1MTc2ODAyNDk2NzA&sigh=Uk3d77yAG2c&template_id=419&tpd=AGWhJmt2LPUr9LNwFp9dcTqhH1_G_Tt4-XgRX0DmzLoamna_8Q
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/02111921202227047176/r5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 1FB5 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js
Requested by
Host: 64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
URL: https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 02:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7377
x-xss-protection
0
server
cafe
etag
10747045913157086108
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 02:55:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 1FB5 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js
Requested by
Host: 64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
URL: https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 04:01:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1FB5 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
URL: https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960666436283"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
33367
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 1FB5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
URL: https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 03:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
15217341015479086142
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 03:52:24 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E40F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Tue, 16 Feb 2021 04:09:28 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 637C 		12 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 637C 		109 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 637C 		109 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DEDD 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031639&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567742&bpp=26&bdt=86&idt=370&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=2&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=2070519485&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=4104898558&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21068893%2C21068946&oid=3&pvsid=3989721309339403&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8cmrrih9rvr7&fsb=1&dtd=387
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031639&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567742&bpp=26&bdt=86&idt=370&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=2&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=2070519485&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=4104898558&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21068893%2C21068946&oid=3&pvsid=3989721309339403&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.8cmrrih9rvr7&fsb=1&dtd=387
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYa85S47liHmChcA9IsqzqI7ecDrcAPcUT08m6lOIPfGniTyp65iz1f602
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Feb 2021 04:09:28 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 637C 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960672666234"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28344
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D193
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Tue, 16 Feb 2021 04:09:28 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 4BC0 		12 B
97 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 4BC0 		109 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4BC0 		109 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C4E2 		64 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bcf880d7ad9e11f9e76f340e69ae7faa3ed2f8d7d1065d5777ae3edbb2d5373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYa85S47liHmChcA9IsqzqI7ecDrcAPcUT08m6lOIPfGniTyp65iz1f602
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Feb 2021 04:09:28 GMT
server
cafe
content-length
21842
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4BC0 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960672666234"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28344
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 53DE 		12 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 53DE 		109 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 53DE 		109 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3A60 		54 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
397e3beec7f10e34909b5609808982f5ade4a94003aa2a06a37a93ccec132be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYa85S47liHmChcA9IsqzqI7ecDrcAPcUT08m6lOIPfGniTyp65iz1f602
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Feb 2021 04:09:28 GMT
server
cafe
content-length
20456
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 53DE 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960672666234"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28344
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 2AC5 		12 B
55 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 2AC5 		109 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2AC5 		109 B
127 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 44AD 		603 B
73 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567872&bpp=5&bdt=208&idt=323&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=1726524868&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1517&biw=1600&bih=1200&isw=728&ish=90&ifk=3750355158&scr_x=0&scr_y=0&eid=21066649%2C21068769%2C21068893%2C21069110%2C21069710&oid=3&pvsid=3315057320345872&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1k4ucyzibley&btvi=1&fsb=1&dtd=331
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567872&bpp=5&bdt=208&idt=323&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=1726524868&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1517&biw=1600&bih=1200&isw=728&ish=90&ifk=3750355158&scr_x=0&scr_y=0&eid=21066649%2C21068769%2C21068893%2C21069110%2C21069710&oid=3&pvsid=3315057320345872&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1k4ucyzibley&btvi=1&fsb=1&dtd=331
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYa85S47liHmChcA9IsqzqI7ecDrcAPcUT08m6lOIPfGniTyp65iz1f602
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Feb 2021 04:09:28 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 2AC5 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960672666234"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28344
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame AFFF 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 16 Feb 2021 01:24:25 GMT
expires
Wed, 16 Feb 2022 01:24:25 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9903
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
u_d.html
cdn1.avantisvideo.com/connect/ Frame 6CA3 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.141.101 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-67-141-101.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb

Request headers

Host
cdn1.avantisvideo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

x-amz-id-2
AKcMRGPT2oFaxjSIz7J1KCw0Z8oDVIoGwe34L1bTsKEonRLwnSnmfGu7jZEqOHyt3AXzfy+AihY=
x-amz-request-id
C2D472B70E5F0D4F
Last-Modified
Wed, 21 Oct 2020 12:02:12 GMT
ETag
"616cd2f36203ae3b124d70c803c7c7a7"
x-amz-version-id
aQTt0EDrJInn5h7oZRa4YKcA5m0mCAoF
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 16 Feb 2021 04:09:28 GMT
Content-Length
15090
Connection
keep-alive
view
securepubads.g.doubleclick.net/pcs/ Frame CBF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVZii4CM-S-pmZUxef3McOlech1EWy6K2F417-NCmNf5UBCIBZtSawpk6QdXgXfS4NbMLQeBJyCVSozKzb3C331qb-V3NWLKr-DEwW8qPZ9j0YM1rfApwWVfHwogilY84fZbjFx2RobtBTthbR5OlxzHE8uw_08rvtuIVo6rIHuix7a572gsc5OZ6_-iZ3Tb0y6jNZ1OAEwt38_EmLWgpWRwUDNlW_flIp4tZ1agPsYydDi6at3kp6yON8r2UlzHYstMJYg44OkP53hOhzs8ukqspRI-aeKSzqAKwm_WhIHEOF-jPLq0zLvneXhIeL-pqus24p8b0qPQ&sai=AMfl-YQFaC1Y6QJdfPz3J5M_YOyZbJWCJDCOIoKceAK2WwTsFvJD3FWm2Ed3jIK4VW9YcpP13AS42miSQlDC_qkCuZ7WALpKYK9xE0S-iyvdDaV9QeQAGUUGYIwsHH8mDeKP&sig=Cg0ArKJSzK8DYtXyGyH-EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
15730856539003239669
tpc.googlesyndication.com/simgad/ Frame E40F 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15730856539003239669?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkZRZieOxxT4JzY7fmun87g2IpgyQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1885f423c2c3cb98bf67c60b4cf9bf982855e23eaa6355c503adc9147547cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 12:52:23 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 12:12:11 GMT
server
sffe
age
314225
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50078
x-xss-protection
0
expires
Sat, 12 Feb 2022 12:52:23 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E40F 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Feb 2021 12:56:43 GMT
x-content-type-options
nosniff
server
cafe
age
54765
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 16 Feb 2021 12:56:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E40F 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Feb 2021 04:25:38 GMT
x-content-type-options
nosniff
server
cafe
age
85430
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:25:38 GMT
15730856539003239669
tpc.googlesyndication.com/simgad/ Frame D193 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15730856539003239669?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkZRZieOxxT4JzY7fmun87g2IpgyQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1885f423c2c3cb98bf67c60b4cf9bf982855e23eaa6355c503adc9147547cb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 12 Feb 2021 12:52:23 GMT
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 12:12:11 GMT
server
sffe
age
314225
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50078
x-xss-protection
0
expires
Sat, 12 Feb 2022 12:52:23 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D193 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Feb 2021 12:56:43 GMT
x-content-type-options
nosniff
server
cafe
age
54765
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Tue, 16 Feb 2021 12:56:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D193 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 15 Feb 2021 04:25:38 GMT
x-content-type-options
nosniff
server
cafe
age
85430
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:25:38 GMT
ejan_chinese_thanku.js
x.123g.us/json/ 		28 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/ejan_chinese_thanku.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6920e736540cc020b35ce2021832adc1517afa3f868e3de264e2439a0c5da7a4

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 03:49:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Feb 2021 01:37:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1222
ETag
"6ea9-5bb6a238e2940"
Vary
Accept-Encoding
Content-Type
text/javascript
access-control-allow-origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3860
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 04:04:06 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 010C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 05:56:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79995
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 16 Feb 2021 05:56:13 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 010C 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 22:10:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21540
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 16 Feb 2021 22:10:28 GMT
d4ceb2f8dae22535edea7d1c9b8d7c2e.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/ Frame 010C 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/d4ceb2f8dae22535edea7d1c9b8d7c2e.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b897f80be17cf6623b8ecf2101fade714236c5ec74042fbbf9495d4ebf406e3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
552785
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19666
x-xss-protection
0
last-modified
Tue, 26 Jan 2021 08:46:30 GMT
server
sffe
date
Tue, 09 Feb 2021 18:36:23 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Feb 2022 18:36:23 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2110 		143 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
URL: https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYa85S47liHmChcA9IsqzqI7ecDrcAPcUT08m6lOIPfGniTyp65iz1f602; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 16 Feb 2021 03:23:04 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2784
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1FB5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b88f7b6ef2969d20f5bf0699c4d4809cb9feafa532cca845e53c0477b501d4f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 010C 		4 KB
764 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/d4ceb2f8dae22535edea7d1c9b8d7c2e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b7dd68cb3209e0d249d41d567f5dc3a65d0ea88f046a4eb641747e3c1b8423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 04:09:28 GMT
server
ESF
date
Tue, 16 Feb 2021 04:09:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Feb 2021 04:09:28 GMT
7b8bb8155718c90e594fe510992ad357.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/media/ Frame 010C 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/media/7b8bb8155718c90e594fe510992ad357.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aaadfe3a946540f3a72c871fa4f1ddd07928d6d0cd3306e74cb3b402945288ae
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
398773
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25267
x-xss-protection
0
last-modified
Tue, 26 Jan 2021 08:46:30 GMT
server
sffe
date
Thu, 11 Feb 2021 13:23:15 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Feb 2022 13:23:15 GMT
1c2e0e50e4e1b71f8098a1550645831d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/media/ Frame 010C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/media/1c2e0e50e4e1b71f8098a1550645831d.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8fd4adc33ce0d2a772d065d49cd0129f30ab8b68ecc5b31db10bd9ba43f2ff3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
398773
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2691
x-xss-protection
0
last-modified
Tue, 26 Jan 2021 08:46:30 GMT
server
sffe
date
Thu, 11 Feb 2021 13:23:15 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Feb 2022 13:23:15 GMT
66b71d8048d88b7922a82cfd83d95cb6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/media/ Frame 010C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/media/66b71d8048d88b7922a82cfd83d95cb6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14668175097915089381/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa92d3913d9510bbe741727a7be16c17cd0b6bfd1f597851d4a87981a88ca2ec
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
504992
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3083
x-xss-protection
0
last-modified
Tue, 26 Jan 2021 08:46:30 GMT
server
sffe
date
Wed, 10 Feb 2021 07:52:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Feb 2022 07:52:56 GMT
efeb_valen.js
x.123g.us/json/ 		114 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/efeb_valen.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
54a4fb12caebfaa4003f5eba45e61ddaedf1cd747d30047121f38811b9862777

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 03:51:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Feb 2021 03:37:56 GMT
Server
Apache/2.2.15 (CentOS)
Age
1097
ETag
"1c7bb-5bb6bd3fcad00"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23723
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 04:06:12 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
35.165.132.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-132-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
geoip
avm.avantisvideo.com/api/v1/ Frame 6CA3 		110 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.132.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-132-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c49b8ca6a9ac4012b9cd1b65db9c217bb16bfd7ff4c4aa18b3cd2ee728080881
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn1.avantisvideo.com/connect/u_d.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Origin
content-length
110
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2AC5 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b788333e580e798519f5122055aaeddc62685ee78e6ef43cb55bb30db58f6a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6420
x-xss-protection
0
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 010C 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 16:25:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
42243
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Tue, 15 Feb 2022 16:25:25 GMT
va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/ Frame 010C 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 20:03:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:40 GMT
server
sffe
age
29132
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15448
x-xss-protection
0
expires
Tue, 15 Feb 2022 20:03:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2AC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstf79BYTZAcWc23qAW2pqMbfZOiJfxvS90qMT7CKkJ4CZ-5-OpACUUZpaeWlZ-psgQC6ZnPgWvK1ZqjxASDm787ONmsbrDMPUhkebo2a8bOMBI4rLnanXZxFjYjciMzj365SVT02BxhdG-fEUzJaatRly-yX0k8sv2b6BzbLgIMjylgePfcHUnb8qL1dw2Al-DWf4NTsNRzYIgHiP4yYyk0F0UAsFiLzg4BfrgBeULa0pAI6Mw1jnJ4vrLiYx8ncavPVjitSg_RjvGxoEMVMqgly8aEbUBw4OjGXY7SPwlFPL6i9j50x8P2gephDJJVkJ-HL3zwek3tgQ&sai=AMfl-YS4AorCmzbH9xhX-Yj7D-NlziiVyujqQTSWP4R980iXL7LvyezMCmBLCz3MHAt8VdZqcsGBIBoAG8Pzf_KL18qdVXISVgLGyz8N_piQ_BhRbil4BN_tIYBuYtSeTLMW&sig=Cg0ArKJSzL5hKhv9B-VqEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 637C 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
407a3b33ecf971df61debf276dab49d597406581ea2576a533a4b0ccbf6deaf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js
pagead2.googlesyndication.com/bg/ Frame AFFF 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b448a1c7d0db7f32e178c9d3015febe6339f9fbf1252b49d840728f366c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 14:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:15:00 GMT
server
sffe
age
49230
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6254
x-xss-protection
0
expires
Tue, 15 Feb 2022 14:28:58 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2110
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
URL: https://64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYa85S47liHmChcA9IsqzqI7ecDrcAPcUT08m6lOIPfGniTyp65iz1f602; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Feb 2021 04:09:28 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 16-Feb-2021 05:09:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Feb 2021 04:09:28 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Feb 2021 04:09:28 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame C4E2 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 03:30:14 GMT
server
ESF
date
Tue, 16 Feb 2021 04:09:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Feb 2021 04:09:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2AC5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 637C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgyRYL46Wuok8fGnP9fHtI5e8xSCxpYxx2iGupu-kBctxHJte8qqc72d49i24HOXOccFAJzbYN-lt0tVbvqwzKJwz-uKpEdY2FYfj8x41CaFXTt6RZRuUjki8V7rxmxWCVveTv7DpkKplamXsHTWu4c7SmbndDP8y-GQzNtWQ7v3FHitL9C-9UZhTlAiFH6vlu6RiHB4MTp55arqrfMe7FFXCUQwb5lbBCXNnpGtMhHm4epZ8HLu4ZnpR3miLoxPW08_rUacmkkFL3NZzQMO571MMuUfrGDBYplLQocSd1Nlx_Q7FBSK-urkDgzjk4S87sX8FO&sai=AMfl-YSoi1obKvFk8ovRLv4TYED4XbZO4KQW3mP28ZTmV0CfvY4L30j-c6eiAEfh0SxHZo-tSPosumGf3ILa7XJqAj8hz0wBmsLzoITJuqa-k6qKwst_ksirZ4fMVCEnh-zK&sig=Cg0ArKJSzA0hhRmgG1qHEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame C4E2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 02:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5733
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 02:33:55 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame C4E2 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 02:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7377
x-xss-protection
0
server
cafe
etag
10747045913157086108
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 02:55:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame C4E2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 04:01:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C4E2 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960666436283"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
33367
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame C4E2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 03:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
15217341015479086142
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 03:52:24 GMT
l
www.google.com/ads/measurement/ Frame C4E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-uZLRJGdFW2kaxqF1qHRuJIzCsf0UfCbudbfBRNcpWmrrkmlEo-kB0lErDw9oKFAtbIRF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
f39ec1586bd36f0603e16664b9cc775d.js
www.gstatic.com/mysidia/ Frame C4E2 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f39ec1586bd36f0603e16664b9cc775d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92cea13927f23ea44ef028e531d5fbef3be60d7211fbbf843bc430bf437a870b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 10:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Feb 2021 03:32:11 GMT
server
sffe
age
407828
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10792
x-xss-protection
0
expires
Wed, 12 May 2021 10:52:20 GMT
efeb_valen_topcards.js
x.123g.us/json/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/efeb_valen_topcards.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a77a75eb4f142e250f8806837ffa755dcd82995933e62b03fc6ef639e7fff843

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 03:59:08 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Feb 2021 03:41:27 GMT
Server
Apache/2.2.15 (CentOS)
Age
620
ETag
"14a7-5bb6be09047c0"
Vary
Accept-Encoding
Content-Type
text/javascript
access-control-allow-origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1188
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 04:14:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 637C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
9985698227368178557
tpc.googlesyndication.com/simgad/ Frame 3A60 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9985698227368178557
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1d7b289bc01e7ad05de863e2909f783a7c778e9775fcfa7ff6450d66e68e69a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 09:00:21 GMT
x-content-type-options
nosniff
age
68947
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103153
x-xss-protection
0
last-modified
Mon, 08 Feb 2021 08:04:04 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Feb 2022 09:00:21 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 3A60 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 02:55:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7377
x-xss-protection
0
server
cafe
etag
10747045913157086108
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 02:55:48 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 3A60 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 04:01:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A60 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612960666436283"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
33367
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 3A60 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 03:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6139
x-xss-protection
0
server
cafe
etag
15217341015479086142
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Mar 2021 03:52:24 GMT
l
www.google.com/ads/measurement/ Frame 3A60 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT-ATM2JTZtZZnP36sgQZuWiXzaiHZFLw7pXqAGwZbdSQ-QD2QEBiDFIj1PA7kf0xNAkCp5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 3A60 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a29297eaef6c8ec4f15846560d443d488afd81b9b85b1e3357656587bc9db222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 20:59:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25815
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10789
x-xss-protection
0
server
cafe
etag
17266012695621626851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Mar 2021 20:59:13 GMT
fcp.css
c.123g.us/css/ Frame E598 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/fcp.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/2732477f7c49706e67677a217b716850116a6073/02111921202227047176/summary
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063

Request headers

Referer
https://www.123greetings.com/send/fcp_track/2732477f7c49706e67677a217b716850116a6073/02111921202227047176/summary
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 12:28:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jul 2018 10:31:17 GMT
Server
Apache/2.2.15 (CentOS)
Age
661286
ETag
"1b92-57234f6246740"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2003
jake_test
Test_Pass
Expires
Mon, 08 Feb 2021 12:43:02 GMT
jquery.js
c.123g.us/js2/ Frame E598 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/2732477f7c49706e67677a217b716850116a6073/02111921202227047176/summary
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer
https://www.123greetings.com/send/fcp_track/2732477f7c49706e67677a217b716850116a6073/02111921202227047176/summary
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 14 Feb 2021 19:24:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
117881
ETag
"2c43b-16f3a-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33449
jake_test
Test_Pass
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5539 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYa85S47liHmChcA9IsqzqI7ecDrcAPcUT08m6lOIPfGniTyp65iz1f602; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 16 Feb 2021 03:23:04 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2784
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame C4E2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a34d9b6a0e7f65637598b9c9ae3cfaf479b990de0a472f08b4a8dcc2398348ad

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame A013 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 16 Feb 2021 01:24:25 GMT
expires
Wed, 16 Feb 2022 01:24:25 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9903
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styleopt_v2.css
c.123g.us/css/ Frame E598 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/styleopt_v2.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9

Request headers

Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 03 Feb 2021 11:53:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 10:50:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1095376
ETag
"b2be-582511fdb9780"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8955
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 16:57:21 GMT
modal_window.css
c.123g.us/css/ Frame E598 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/modal_window.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de

Request headers

Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 Jan 2021 16:36:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
1337583
ETag
"746b-54da7c8112fc0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6107
jake_test
Test_Pass
Expires
Sun, 31 Jan 2021 16:51:54 GMT
print_card.css
c.123g.us/css/ Frame E598 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/print_card.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969

Request headers

Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 12:47:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
1783320
ETag
"bbf-54da7c8112fc0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
824
jake_test
Test_Pass
Expires
Tue, 26 Jan 2021 13:43:47 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C4E2 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 05:54:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
598494
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Wed, 09 Feb 2022 05:54:34 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C4E2 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 05:54:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
598494
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 09 Feb 2022 05:54:34 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 25EE 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYa85S47liHmChcA9IsqzqI7ecDrcAPcUT08m6lOIPfGniTyp65iz1f602; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 16 Feb 2021 03:23:04 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2784
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3A60 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67afd27efd4e0126a12c7ece4fb31e7b26ac3b33ac2b33b3481d5f5ba9dc2e64

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
big_img_sprite.png
c.123g.us/images/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 12:02:31 GMT
Last-Modified
Wed, 11 Sep 2019 08:42:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
1786017
ETag
"9cd35-21653-5924300b6d700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
icon_set_R1.png
c.123g.us/images/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:17:00 GMT
Last-Modified
Mon, 18 Nov 2019 12:30:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
237148
ETag
"9d05a-230cb-5979e1b2b4200"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143563
jake_test
Test_Pass
carousel_thank.json
x.123g.us/json/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/carousel_thank.json
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.204.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6c160a06935356d71d853e0825d4fd03198c6ea245ca4ba0b9079dd88a6e9fb2

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 04:08:05 GMT
Last-Modified
Tue, 16 Feb 2021 04:06:14 GMT
Server
Apache/2.2.15 (CentOS)
Age
83
ETag
"12d6-5bb6c39321980"
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4822
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 04:23:10 GMT
122581_th.gif
i.123g.us/c/efeb_valen_thanku/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_valen_thanku/th/122581_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
834ce4fee0368df6c94b9c6b1abfa2c819d0b282f5318575c38cf59c7a50b8ea

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 11:12:43 GMT
Last-Modified
Mon, 24 Feb 2014 09:39:13 GMT
Server
Apache/2.2.15 (CentOS)
Age
752205
ETag
"1fa3-4f323be8a9240"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8099
jake_test
Test_Pass
Expires
Sat, 13 Feb 2021 13:18:34 GMT
122575_th.gif
i.123g.us/c/efeb_valen_thanku/th/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_valen_thanku/th/122575_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
aa8b2b423f78df02b2f54ac82abbe3d3eb5c7b29fc3860f2f169a9f72654c1fc

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 24 Jan 2021 10:06:59 GMT
Last-Modified
Mon, 24 Feb 2014 08:16:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
1965749
ETag
"19a6-4f322974287c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6566
jake_test
Test_Pass
Expires
Mon, 25 Jan 2021 10:48:45 GMT
342264_th.gif
i.123g.us/c/efeb_valen_thanku/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_valen_thanku/th/342264_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ac483e594ec505f2248a5ae0fdb098624168eeeb904b376cdd66a790b3053877

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 19 Jan 2021 18:53:49 GMT
Last-Modified
Thu, 13 Feb 2020 13:21:29 GMT
Server
Apache/2.2.15 (CentOS)
Age
2366139
ETag
"1ff5-59e74f77b4840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8181
jake_test
Test_Pass
Expires
Mon, 25 Jan 2021 10:49:33 GMT
closeBtn_h.png
c.123g.us/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/closeBtn_h.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 15:20:42 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
996526
ETag
"9cf1d-42a-54a227b6344c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1066
jake_test
Test_Pass
345831_th.gif
i.123g.us/c/ejan_chinese_thanku/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_chinese_thanku/th/345831_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
81520a90bbeb5385b97e93219b5acc7bf6a875aeeb615002814dd8208e9852e1

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 05 Feb 2021 11:18:16 GMT
Last-Modified
Fri, 05 Feb 2021 08:26:19 GMT
Server
Apache/2.2.15 (CentOS)
Age
924672
ETag
"1ffe-5ba92931260c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8190
jake_test
Test_Pass
Expires
Thu, 11 Feb 2021 13:38:34 GMT
337087_th.gif
i.123g.us/c/ejan_chinese_thanku/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_chinese_thanku/th/337087_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8fcfdf2a65cd305327b35c045743ea600b0c8ee7d2850637afd976ebbdb34814

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 Jan 2021 01:20:39 GMT
Last-Modified
Mon, 18 Jan 2021 07:34:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
1565329
ETag
"1f61-5b927bf7c22c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8033
jake_test
Test_Pass
Expires
Fri, 29 Jan 2021 07:15:44 GMT
337133_th.gif
i.123g.us/c/ejan_chinese_thanku/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_chinese_thanku/th/337133_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
45287e4a8b14bb9bbcb752e7b157bc43babf7138cd1c97ff2b247b7075a1b70f

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 18 Jan 2021 14:54:29 GMT
Last-Modified
Mon, 18 Jan 2021 07:36:33 GMT
Server
Apache/2.2.15 (CentOS)
Age
2466899
ETag
"1fc4-5b927c7f2e240"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8132
jake_test
Test_Pass
Expires
Mon, 25 Jan 2021 04:02:41 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 0BB6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 16 Feb 2021 01:24:25 GMT
expires
Wed, 16 Feb 2022 01:24:25 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9903
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
321220_th.jpg
i.123g.us/c/efeb_valen_thanku/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_valen_thanku/th/321220_th.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b5afdc723b201b004e42a5d13aefafd24f2e4d8d58c79e23d91dbab77514009f

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 10:34:34 GMT
Last-Modified
Tue, 02 Feb 2016 12:37:58 GMT
Server
Apache/2.2.15 (CentOS)
Age
1877694
ETag
"1f57-52ac8c5729580"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8023
jake_test
Test_Pass
Expires
Fri, 29 Jan 2021 20:51:40 GMT
342384_th.gif
i.123g.us/c/efeb_cuddleday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_cuddleday/th/342384_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4cf710a7a360e3472d9a8eb48d0ed3819988aa5494cea2480ab40867802c44f6

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 18:11:06 GMT
Last-Modified
Fri, 21 Feb 2020 13:37:57 GMT
Server
Apache/2.2.15 (CentOS)
Age
208702
ETag
"1f76-59f162119f740"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8054
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 13:24:19 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 15 Feb 2021 08:03:53 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
72335
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 08:18:53 GMT
122839_th.gif
i.123g.us/c/emar_sharesmile_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_sharesmile_day/th/122839_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ff3e7291e74975ed8cc4aa304cb47a9e63f58d10bc2d2b630592fb4f8cb34211

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 20:42:13 GMT
Last-Modified
Mon, 24 Feb 2014 08:31:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
1754835
ETag
"1f2c-4f322cd33bc00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7980
jake_test
Test_Pass
Expires
Fri, 05 Feb 2021 08:27:20 GMT
121896_th.gif
i.123g.us/c/emar_behappy/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_behappy/th/121896_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4e0d987d73c96d762da92d2d4d2bdda8853c10ffbe2cf80a8a93e7da13f091fd

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 20:39:11 GMT
Last-Modified
Mon, 24 Feb 2014 09:44:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
2187017
ETag
"1e3c-4f323d0b88080"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7740
jake_test
Test_Pass
Expires
Fri, 29 Jan 2021 12:26:40 GMT
113234_th.gif
i.123g.us/c/efeb_cuddleday/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_cuddleday/th/113234_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e20b60b8098f39d06cbc942f16539c9e696c5f6f01f0d967bf7ca2b80125f019

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 18:16:06 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
1418002
ETag
"17b8-4f322ae723300"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6072
jake_test
Test_Pass
Expires
Mon, 01 Feb 2021 06:47:25 GMT
117047_th.gif
i.123g.us/c/efeb_temporaryinsanityday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_temporaryinsanityday/th/117047_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c639b289c573f35945ef6dcf473d35ed353de75587fad9302fa2887cae8b1420

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 21:26:12 GMT
Last-Modified
Mon, 24 Feb 2014 08:19:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
2011396
ETag
"1fb0-4f322a0bcad80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8112
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 04:29:18 GMT
342438_th.jpg
i.123g.us/c/emar_sharesmile_day/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_sharesmile_day/th/342438_th.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bccf6567888827ee030ff5fdb228448d48ae65f610ec8ef65aa651c0262fba65

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 24 Jan 2021 00:38:40 GMT
Last-Modified
Thu, 27 Feb 2020 11:16:04 GMT
Server
Apache/2.2.15 (CentOS)
Age
1999848
ETag
"1df2-59f8cd8bc2500"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7666
jake_test
Test_Pass
Expires
Sun, 24 Jan 2021 21:07:54 GMT
103761_th.gif
i.123g.us/c/efeb_mardigras/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_mardigras/th/103761_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67f98ed75f7027e7fca822094d8fa5304c975b3ec0ea3f5b14950883d84cb33b

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 27 Jan 2021 12:41:51 GMT
Last-Modified
Mon, 24 Feb 2014 08:22:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
1697257
ETag
"1faa-4f322acb7b1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8106
jake_test
Test_Pass
Expires
Tue, 02 Feb 2021 07:55:06 GMT
104337_th.gif
i.123g.us/c/emar_behappy/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_behappy/th/104337_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3c946e82aab35fbcd22a34a155a697bb0b0b6c9fbe4c9f580d228f3b9efd3e15

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 09:32:54 GMT
Last-Modified
Mon, 24 Feb 2014 09:44:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
326194
ETag
"1b67-4f323d0b88080"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7015
Expires
Fri, 12 Feb 2021 09:47:54 GMT
110062_th.gif
i.123g.us/c/efeb_temporaryinsanityday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_temporaryinsanityday/th/110062_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5db8a4f99539993bb08dec281b82273d56722e440a6a7536bb54be3c45f866e4

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 03:29:21 GMT
Last-Modified
Mon, 24 Feb 2014 08:19:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
2076007
ETag
"1fed-4f322a0bcad80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8173
jake_test
Test_Pass
Expires
Sat, 30 Jan 2021 09:15:14 GMT
104124_th.gif
i.123g.us/c/efeb_polarbearday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_polarbearday/th/104124_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23d8ba9939b8e2d95c2f4c0f45fa6cecf6871a591505d1c4564f82d4f32df820

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 12:07:05 GMT
Last-Modified
Mon, 24 Feb 2014 09:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
316943
ETag
"1bbe-4f323c3e7dcc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7102
jake_test
Test_Pass
Expires
Sat, 13 Feb 2021 14:42:52 GMT
103771_th.gif
i.123g.us/c/efeb_mardigras/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_mardigras/th/103771_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
508ee61691d2d1f62fd9e9886cc7acc73607c116289b6289bd7b5fb56c03af7c

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 12:12:53 GMT
Last-Modified
Mon, 24 Feb 2014 08:22:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
316595
ETag
"17d7-4f322acb7b1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6103
jake_test
Test_Pass
Expires
Fri, 12 Feb 2021 12:27:53 GMT
121616_th.gif
i.123g.us/c/efeb_polarbearday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_polarbearday/th/121616_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2c930b1a60cd656522ca1759c503b22faa7b8565367a0871743dfbd13346ea38

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:31:49 GMT
Last-Modified
Mon, 24 Feb 2014 09:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
214659
ETag
"1f26-4f323c3e7dcc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7974
jake_test
Test_Pass
Expires
Sat, 13 Feb 2021 16:46:49 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4BC0 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d033f51d2697896f250126d26223e1eb8a5a64f059b5d65fba9da8070bdd5f0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6522
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5539
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYa85S47liHmChcA9IsqzqI7ecDrcAPcUT08m6lOIPfGniTyp65iz1f602; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Feb 2021 04:09:28 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 16-Feb-2021 05:09:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Feb 2021 04:09:28 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Feb 2021 04:09:28 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js
pagead2.googlesyndication.com/bg/ Frame 95CE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 11:41:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 00:15:00 GMT
server
sffe
age
404904
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6263
x-xss-protection
0
expires
Fri, 11 Feb 2022 11:41:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4BC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttODe3t2NuOdVndHuklEnTw8SF_YVWfmSjalaP3GXHQKVFFg-QGKjJzBW7dFvU_H0-6VGZnXFtIMJMTQ3LMAkKvbNUS1m0zWpOgdkihTMLcwpG7IWXKo4dTFFgVPCJHBbfOf-YIWPw53HGDtj3tqndnrkOSDqjDHoLDn_qHgQao4rs449CT99GnhsMZusbg7rgaYvsM1jyVNwcg6DY5qFrka8NBhN5IZMmLENjnrp0Cq66isfOLb8z7vfn3B7HtRZOFWKxWztn8QJ9QwSkyY0nH-AN0qK6BCv7IkRJUHoLc_HaukOyIwFA5D4eEzpmXKaY2rziWFwwOvuj&sai=AMfl-YSfvE903D08eSLJIDNmOowf9FDbhdQSo0s4lB1VyyQY_TRYmj-nJDDTFrKquLlsrJogNntSkwQXKqjov64glsx8jawIpojyaALUuuJYWzOaDs2HZHfw4WPvoDhrb3-g&sig=Cg0ArKJSzIUc8bjEW8xDEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 53DE 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea0235622b16dcd550ed3e49388674a76a77827e1bae5a5b142cc97f34091b4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6347
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 25EE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
179 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlYa85S47liHmChcA9IsqzqI7ecDrcAPcUT08m6lOIPfGniTyp65iz1f602; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Feb 2021 04:09:29 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 16-Feb-2021 05:09:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Feb 2021 04:09:29 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Feb 2021 04:09:29 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4BC0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:29 GMT
YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js
pagead2.googlesyndication.com/bg/ Frame 258B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YrTt2nCnHeKxmHilKBZXmnSHLNBYl9Kx70apKwZmX28.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 11:41:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 00:15:00 GMT
server
sffe
age
404905
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6263
x-xss-protection
0
expires
Fri, 11 Feb 2022 11:41:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 53DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdLA2H8ldXZj4PypaqOfhUEsolvWxUS2oaHc9-m9j41ROyFnnR6P0eo_f98kjmpDCY6n0tXqX3U3TZJ4aPWzRBq3G59VbDjuIqfsu2adsuCPvSSq3UqvTwR-xLQ5dJ9LkGCad5clG6AvhOUvAWxRrM9sSuR28f0PlemYYvxKZt83mwNuQJFmcYnD5Rr08dbwpX2fnYeLvsAzFQToY1cdGA1pVplkTgYcs2sB1Q6EHl-gXG_lttIr3IX6_0JJNVx01-vOQrmctsjVL1sChN75WAfXZzxIw3eJ9ydt0tBlR8StBjRDvLaPm4RikmqzCJGFtybcqZqJg&sai=AMfl-YSr2REDmzwCwg4EZ8DpkUigbnHwtP8lVFBccnvCYoRVZvSBRCjH6GpJ2TYeMtzaqDaBhzv3QqyijLFRxcuuHE_Z7BZYuAAf3LkXYMtNOIDabIGlxoM07az9rKkGEVuM&sig=Cg0ArKJSzDBGY9P0xxO4EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 53DE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:29 GMT
l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js
pagead2.googlesyndication.com/bg/ Frame A013 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b448a1c7d0db7f32e178c9d3015febe6339f9fbf1252b49d840728f366c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 14:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:15:00 GMT
server
sffe
age
49231
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6254
x-xss-protection
0
expires
Tue, 15 Feb 2022 14:28:58 GMT
l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js
pagead2.googlesyndication.com/bg/ Frame 0BB6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b448a1c7d0db7f32e178c9d3015febe6339f9fbf1252b49d840728f366c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 14:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:15:00 GMT
server
sffe
age
49231
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6254
x-xss-protection
0
expires
Tue, 15 Feb 2022 14:28:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C4F1 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 16 Feb 2021 01:24:25 GMT
expires
Wed, 16 Feb 2022 01:24:25 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9904
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame BA42 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 16 Feb 2021 01:24:25 GMT
expires
Wed, 16 Feb 2022 01:24:25 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
9904
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
video-loader2-cr.js
cdn1.avantisvideo.com/js/ Frame CBF6 		121 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.141.101 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-67-141-101.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
af4acfc4586c2d5c11514ef08681ca1cc7f69db15e61443a7e6347226f82633d

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
uZ3IAR1ILqd3gCJAaZ9PBtO2GfcxtaML
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2021 08:43:15 GMT
Server
AmazonS3
x-amz-request-id
DB2334CE3C50DBA6
ETag
"605f5c9fee2a9f0e3b4711ec43352b49"
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Tue, 16 Feb 2021 04:09:29 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36129
x-amz-id-2
dv3sJSWsrdcf8DYNyl/42cOYMfxU9X3cmAAYj7AJ30aJlbtT3YeJf8KSAFn5ZLYcebsraeKDi1g=
gen_204
pagead2.googlesyndication.com/pagead/ 		0
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021020901&jk=3582318066510072&bg=!7-yl7K_NAAXRs2QT0TsAKQB2-DxaABd1R8d0S0Hs9z1clfO-i6Cn8bpGaEm7zMfXqwd5l4kyEmN8AgAAAltSAAAAYWgBBwoBcw0uRtqQgUFPgddBELLZYZBZp14pPTvTEOSGpTbnzyEB89A2cyJxsub8GjyDpeJZgR0DpZd3lxWOdKhD5BFam4mFXPAbdQdgMDZyjDQth-JyIVIX4ib7qwW93Snl9JaECgJ0AVbmfcmmbbqQjx4nLIIA2JFr3p2uUURjIFPCXGyZQLH8zae4VAXw6MHZIBYDDs9CTo9JPM45cSC9IbwXG5eyLZJn_tJ3hlkOHhejkGK5JokEbOpp9Yw8FRnGVpr0-qEdOsFjHsYxOglm-0i-GUGO-AIp_JRYpoJtSP1J7SM0QCZjNmTID62Rak8qjXx7x8IaClTbLCgvdc3dCIxo2oPweqyL-jVKiPjxqCQgHezY6rYc-qwIh_J_lq8LpF55FuwRsex6I5JKBUTfZIlY4JW-yPFvZBhZmP4e3zOTccj4BMPbzdNKfui7HijXxHvjT-9pioN8QkoNqLpKYkoAueq2UBoQIc91iaou3CnPWsCt48qxmQHny8z8YWiHxzDLXyRQrOkJt2xDPhn4rENIOEYkIPcydZN_JCa3oWpj0unChtD1m5QWFtsgH4nPOEtG7rFs_W9EeEhevA18CBx5ItFfwPjyyx3_0zy2m-euBN7k4uoDCSlWmODOPJxZ2BkPGSVB9Kmh13QwilakzUHf8Qp_UEdYqog23ZADSRndt29GoaxjMHd1wy-8-vh5nRKdi8XPG2S0QwYqVmZiSeCEXKHoK9t4LWW0u-vm_4GXSFg5oFBxLGf83G9nT_Y73e0BNVydkoCwA5rWIVhgrL_QHfJagzqogtjxqWEWIspSDVOyko02KV2TkGX_GYKkO0DMLjuZwDJKLyh-sXi5D_YMhF_WokPQsJ-uQoLzflWOcWaLN9BDH7dXH9kVNqT_ngz30OmoVaOiVrB2onDMW_OT8qStXW7ADXMldWKW9GVxFtfmuIXMp4VwqPGe6eTUgKAFxXE7sTxCCv4aXgrEtxZ_sWP6hmRRb5_SabFvehwGmMEootNtKDSUsCWxkgi9hxp5FkM_0kYi6CLX2tHR8PbV3ogdiFO1eo6xFqG7UpLozZAytWO8qLbxMBBLvY1fXPWEK2kBumi8SMCrxugTobPQC2ArnNLtO5jzU8mm-FQUIiXx8g3iuopnSenTReJvrA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js
pagead2.googlesyndication.com/bg/ Frame C4F1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b448a1c7d0db7f32e178c9d3015febe6339f9fbf1252b49d840728f366c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 14:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:15:00 GMT
server
sffe
age
49231
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6254
x-xss-protection
0
expires
Tue, 15 Feb 2022 14:28:58 GMT
l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js
pagead2.googlesyndication.com/bg/ Frame BA42 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/l2tEihx9DbfzLheMnTAV_r5jOfn78SUrSdhAco82bCo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b448a1c7d0db7f32e178c9d3015febe6339f9fbf1252b49d840728f366c2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 14:28:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 09 Feb 2021 09:15:00 GMT
server
sffe
age
49231
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6254
x-xss-protection
0
expires
Tue, 15 Feb 2022 14:28:58 GMT
video-loader2-cr.js
cdn1.avantisvideo.com/js/ 		121 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.141.101 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-67-141-101.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
af4acfc4586c2d5c11514ef08681ca1cc7f69db15e61443a7e6347226f82633d

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
uZ3IAR1ILqd3gCJAaZ9PBtO2GfcxtaML
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2021 08:43:15 GMT
Server
AmazonS3
x-amz-request-id
DB2334CE3C50DBA6
ETag
"605f5c9fee2a9f0e3b4711ec43352b49"
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Tue, 16 Feb 2021 04:09:29 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36129
x-amz-id-2
dv3sJSWsrdcf8DYNyl/42cOYMfxU9X3cmAAYj7AJ30aJlbtT3YeJf8KSAFn5ZLYcebsraeKDi1g=
u_d.html
cdn1.avantisvideo.com/connect/ Frame DB79 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.67.141.101 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-67-141-101.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb

Request headers

Host
cdn1.avantisvideo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

x-amz-id-2
AKcMRGPT2oFaxjSIz7J1KCw0Z8oDVIoGwe34L1bTsKEonRLwnSnmfGu7jZEqOHyt3AXzfy+AihY=
x-amz-request-id
C2D472B70E5F0D4F
Last-Modified
Wed, 21 Oct 2020 12:02:12 GMT
ETag
"616cd2f36203ae3b124d70c803c7c7a7"
x-amz-version-id
aQTt0EDrJInn5h7oZRa4YKcA5m0mCAoF
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 16 Feb 2021 04:09:29 GMT
Content-Length
15090
Connection
keep-alive
activeview
pagead2.googlesyndication.com/pcs/ Frame 637C 		42 B
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvmvQQ2H7H8jdmov_lbHNgzeZ72OJkRpmRV79lKUbxFV9_Vds4KH-Zsbl7kS3K4BeBUazgQ7QMKKo_k2y6GYmbMJlJjH2TiXlgMYe-V1A&sig=Cg0ArKJSzLgTZg-sCOCTEAE&id=osdim&mcvt=1048&p=47,560,137,1288&mtos=1048,1048,1048,1048,1048&tos=1048,0,0,0,0&v=20210210&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3337616149&rs=4&met=ie&la=0&cr=0&osd=0&vs=4&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
35.165.132.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-132-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 16 Feb 2021 04:09:29 GMT
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
geoip
avm.avantisvideo.com/api/v1/ Frame DB79 		110 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.132.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-132-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c49b8ca6a9ac4012b9cd1b65db9c217bb16bfd7ff4c4aa18b3cd2ee728080881
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn1.avantisvideo.com/connect/u_d.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Origin
content-length
110
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 637C 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=3989721309339403&bg=!5eal5qXNAAXRs2QT0TsAKQB2-Dxao8jCXTs_iLdznV9aqKaMFnVyqMFfkQhC_OY2V99AdKW9MGS2AgAAASRSAAAALmgBBwoAe4hgw1OSH-KWyWLKMl_OP34ku5aSkN3wFNP2oNjW59TbYEJ-4S4NkSL1SQRcSdctRUz48iYz58yrVITH4cNQPvVBgpQx_Y9M1y9Lh0ztkwesFrqzyf2hMAbx4P0quNyFUJeD36dhWpqFf-rzwa05gCJDYvq6vBduGvoE2pkB9J7AjZ171kgE-7DaeXCusZ3jyYBHvtd35KOg2-KME0RRe-KERuA1Jkqu_LnmDXb9VkVpuHAJVTYaE7eGUhSJ2uAxM3yQdISiWxR6g-nDrNMCBTcnVG5St1AVU18l6tRSKgS8CCRQEu09qGhyK8vbJmrxJLLYkCRSd8NnTjdiZtF4REYo9ipVaMaw2rCjqZkCiCO8z5DATZVcW_SZ7LK12biYT_IiXbN9E2-V5vm39tCd3bvinSzTBNTYY39XN9k1lYpqMrVqynoVm1zZlIGJqENvRdiQxe9wYPbbprvVBJykFO-YAU_VfvuL2GSuK9D297vBWRLplCwVVW-3O1a-tSaJ6FbBkgek8y2nUkcBpTuRmY86zM75ep0Dp14UCHrJ-ZN4Xod4B5evD9v2SzzoA2ojJP_cOUeTwIOQvDSsY6ccTPazvKR7FQ3_KiU84OesSfQBByKCmZjiKiGVbWz70zPr0bzKM5EUFDdu7IfXo1Mxr7_skagDZJgMWvi0F1apaBucvuzvwL9HjRoEfrT3YpTIyrzMrB_iWwDt44ngzCkcvbWDiPU1rrAjiiU6PjVjkFO_-jQ1VLsxeIvz77gCOkS8JXD0FJPSspSrnYkVS-XXIteWYQU2X_RNWHDh9PBC0Gtkd6dUU85Ba5-F79-IYad5YW7S
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2AC5 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=3315057320345872&bg=!-vml-brNAAXRs2QT0TsAKQB2-DxaZTObbUckNpuQJl21T7ldbcMuoO4wQfdu6iYtJUCrl4OZ5bHnAgAAAWhSAAAAQmgBBwoAc3nYUHz62YVq-kL72WbX_fblEmqIIa4yzGG6i9JdUgLwEPJS0z4UQBCdzSCOCQOwhFm7jWJyvTWrscP-6_0g8rlgkUnuLFs5sr8fZu64eojKap1SSTHSbO9R0xdjrmTdvIbt4iaL5h6G5fmpZNTuybOsU4WZAeoSXcjwerKeTywzxg9KnwlreAiIzC5XAufIR8Fqh0PtVp6U71qCV9tWRZblOamDAeWbWLkOR6ixp8b-3aW3ANTuz2-ynpqvMHJWE_L2cocUBqJuVpkhK56nJPDk8KtVKxPnX967jfzgiK5sjeKvl_RHalkBSdrruJkl-WWB5E3GIaVsvfEUR4GRSeuLY0_JOTlmSaX-OPa4vPDt_E7MgOe6Mf1ctNKoldlxpEeQcCrlU3IC39-8QapX4araQH_Jed5kGEavHcxdKQcLZn0n2MLY9EnkSCZmCOdHYS1RZIclIijAR02ZltMXxCl_96XV-Nop3lBQv_xECQvLl2hr2xiGpT4XBjyYGjURR9fHl14sIUCClrq_qAqNso_E37d7EpTfNlIdbwFlMdE_5zx_VDKmXoxuMqVyb-ha6SVJH64VYQMozfQJ5TK0BAwDz6k50JLwwDlz4TZuVP7jvZtXVrhsurByhHA4XSuRm8gsvumKZnALskR1GQtAyeyMRYOw-WRzkoDIvFbMvv0khAm9a7cGPDqUu4uEry9wpr7GpF5APXmekDD71bX1znSQzHyuZY-nqoopMnYQ1mlFL9q1TLg9UDnbDwLA-WAKqdbeUYSOyNOJuJlHZY56XFHPTN-2g1FMxA7Ew84D_lj0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A60 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu81SHCuCGTJyoxUS_e-Hqxv6zyoTpM1jFdeMmAjAm02htTZmOcO5oMWM-KluUcw6D8FA4Wu_jHJDX0MXbkGZ3AZqCuGzmBHXF57I2MUfxmn526sJ_bdJLTu9qDXg&sai=AMfl-YR3pigLJt4YS5a7z521RnWWLcUMILPf6lQYbEC6LY78EADg9cOU5KJUlENJlOOAUKmMJouw0ss7m00p2m3k2-H7xXXd9XHBTWrvn2XEseJwetEU3qbtQI4bBR6m&sig=Cg0ArKJSzDeY6bmFOnoNEAE&cid=CAASPeRoV-F-ecXx6QcYFoTvydfjL8S6a_SWhQp3Q6tBV3l88qNSoxIcXgkpD_jKk6javsO8hr9cAZ6JZZG9eCU&id=osdim&mcvt=1038&p=0,0,600,160&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3196990230&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613448568185&dlt=319&rpt=182&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567812&bpp=5&bdt=152&idt=362&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=718187342&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3478970420&scr_x=0&scr_y=0&eid=21068083%2C21068769%2C21068893%2C21068945%2C21068786%2C44734254&oid=3&pvsid=4096331530645288&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.bqalwhkdqurj&fsb=1&dtd=372
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4BC0 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=1792968626206178&bg=!4-Cl4KPNAAXRs2QT0TsAKQB2-DxaBqzMiSHH9Q2OgB_QaLPQrYHH8vXXP8HdJTDAihYXP_JhcbcNAgAAAYpSAAAANGgBBwoA76X2NCyZ0t_2ECQIhjZUukBClnYF1XyeeWZpAJkXFvyNdKFBw3PrfRgu7xQl_QJkinpAPFOSyK84_Xxz3VcoLYd8zocx9VKaEb5emiu_B2vqe6wavZ0rx_L9jwP0pWXp7ktokN-jEnTWfNFY-jtCkclFgYW7-YiP_I-R6HZ5q2j7u6krgyRkj5Akf52Yl1rQ312PFFsRYifY3XV1genPn1SQf4wtflRNYZxhdKUHu1ayTpLoihRPBxMcPniDI7MIOAlgSlUZyg2nxF2MUHmWYfJa53B4A_yTmow9iGgrqzx-zCxp4ZL7KxGJcOTkrmY3mQH9opd-ALnpWKk9DDrLfqos-HrOfbLob2tpRUyC4yPYrTrzl1lcWOPuhl52me63rC4Fq9r72MzrxDPnCDyR-LdEoPCxFlZWO5Lx6SyIHFI_5lHJ20JCeCbMLgbbE7SYdyymdmprITF7b4J2a0lGl0oGe-ETIO-UcBfORSCGB0B4qhsvA-z-pPHQmo-4TlBefSQB8YQ1jKvjRhSq7_i1B6bv-e_48prHyeQLRWzG7yAGGqgS1fo4-nDAKr3INnz7PS3jkTNKRJDrtDrS54ngY5QLXnsz6PLTMDPuMOsgj46kY7660oEr0uVFI85N-snwaBy7TVUW31Zh8IwUDvHYivpxCndzMqHZ39QSDLB0glh8xU8YP4W52TEvnIiw1c6jlV5rTA41v5bBR4SbRZ86lRvIqL8LijRwWlV5Gv_BTuhNpI9fisLVSdqV7EctUncgdIPzE0hzMf7YCog_1Uq5z9L63-WTehjj8x8WwXlRqueDk97CvtQ_Bj6WxbSrqLhXP5XvqfHxlYszJzS7EmsG5i_vR0DHzPtEjiw3HtClrJmjIZ25YWOXVHhtG335BX0Ia__VQfUtpwXB2EMIJhlXYpZk08pLEwT__WyoVQuKqquQQquiszg6gKeGSqEejleeQMApOMVP7x8sLRVLjOhyP-MIOqJqlLt0WPRrp1ryn-Q
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 53DE 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=4096331530645288&bg=!oKOlo-DNAAXRs2QT0TsAKQB2-DxaBLxA_-9AoX4jJbErD-RQl0oJdSmDZ--Ur5XpLi-I_guTMmAlAgAAAXVSAAAAImgBBwoBa5_SZffrz7FTHwWjGKixWW4w09EYxWiLFarS1Sf39cldNUbhk3Nkv0D7YxKcGGf0Ql3jo-mwGLRM_jMwIt0Q6yUMnH9pBhaVu1o56jjHomgPXyMFYilbX_CCpS7wgArqw1yaLJvzdL-6vDE_f0gMB4km8hsHWDdZewcklQIKXqwXOlb5D36JDwfJL289I0nDrsY3Ec6vLqTp509-1G8DQGNyVpudvwgo8Y5fQujHT3JUR8CEsda9spKWR_JI2Xd1ZKTBTSRa-s2nmweDNfwrHGK0v8An6UYVRVtfCqdH1peGjUxTQ8tSM5MeTrEOrfvcl2_1eE4otUqaWNlNGgDgCLcWB7fxnlwbQnDgV0-TLT06LnUD6JXngsgNObArT2aZLE64UjVDU1tkl9pLpeYbZdj9SPmtu4BX6KJXE_mlDRNCin7wxS-gWpyTtKXwtVH6-r_nIrTRla_PgbAcsugeNZJW6RZ8lPiaxSTc9JkCAv3pXNpBCYelfgwojP5ml3H0iO2uojGImOOALciUcZei6fvEqmr0aB0f8xni_EumKZx2UcwyaarlhygCXszw1sYTTdnKvMaP123zlaSlAyS7TycYCITPQ734n9K-B0ZbSXrzQJ6i2YRrjjjgregV15x5-u1CZynbWhm02-s9aY-izsHDN6mHNNk92cZKvhY8jl9299bhCG6UYQhOCzc899FfQTioeSt78slLRShIkUfwOtHzIy5wJqGYRkKFSn5rtgq9YyaKJHjmf6f3Sze--goe749OMXidVmyB1Pn1LDIBFPUy6_qfr2tjob52UpGHB_13T3kX2JZBKtyLMV0RoMzlL7JnEaWiHQGMyTJVR7WaR7uKjlKyZXpbT6bgB8BDiEB-xeC4qMTEiiVx-tgLFlortxzmkGgVtQwWI2XP-IDt2t2UHI5XqPiBxNVXSefO-OxapK9cvkKBQjd_Igqr4R4PHnCPtyjf3nbDbIQbvEOPGtjuyGA_YUjwWe7gwrsxlWRZl632_wzv-TeAdRLCqtL_LnzO8Dbpl6eKVQe6rQ7fIO-HDpS4u7MIQ9f38JmrDZnpC9h9bGnOrj8dR1MMuz_DOvTnGbtCn3t_QhAOwbfihRTm8VvRJfguR8vO8yE_tzQewgYJRbgHCf8hXH-sk3D9cEsNbrKg4yiwKWPWfSM75Uo
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C4E2 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshG-JcZm93vH8Ml4AsDTBMSqIh3n_gnhbqz1yE0mEynOEofI-q6qNDtRR2HehgnRrlj6nesTIYC9QGMy13mXq8YhFGE2qbKXVai1EIxqRTYorh5WyQSUXuNMVwnQ&sai=AMfl-YRxwywhZuL4S45lnhSPDGz__JauglpcwrbvAk90XThHF29Hmsx0vfDXFBIvQzF_tScENElu2qSrBOj4cTTUOTF0LTzsZ9o46RWc69bu4hLmzG9X6fxVcF9gxFiJ&sig=Cg0ArKJSzOhZqMZHc7V8EAE&cid=CAASPeRoSF6s1TDCZyozICHiaNMQ9ePV8JpYakHeafWO3lZmL6oB4fKGOcwrk9Js10nCEta2mHLWo1sVoqiLa4E&id=osdim&mcvt=1023&p=0,0,250,300&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2557105816&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613448568162&dlt=292&rpt=151&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&ea=0&flash=0&wgl=1&dt=1613448567845&bpp=5&bdt=178&idt=306&shv=r20210211&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&correlator=2339579847851&frm=23&ife=4&pv=1&ga_vid=249445502.1613448565&ga_sid=1613448568&ga_hid=482733370&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=1822416051&scr_x=0&scr_y=0&eid=44736377%2C21068769%2C21068893&oid=3&pvsid=1792968626206178&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.upntjjpae1le&fsb=1&dtd=314
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4BC0 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzmYc_A6pCGhN35cnnn57c1lWhwSpcvxR1aldY_2JyDf-soQnwJS7R3WzwN9M02Wg8VpeQ2JElYYlkW90OF6wlGR2LBNb9m13ppKnhQJ4&sig=Cg0ArKJSzIPfFtv8eO9CEAE&id=osdim&mcvt=1024&p=535,495,785,795&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20210210&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3714999025&rs=4&met=ie&la=0&cr=0&osd=0&vs=4&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 53DE 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxQWatlwabMO-FO_dLk7qfs0A3Ig1CnSflW5pPizF_bZ4WqJ-fMRqTjhemISd8MQtCLLxzs2cm8DZZunSRL65H8ZMVVts7yUyTjjJ6k2Y&sig=Cg0ArKJSzLgzvIjbKYTREAE&id=osdim&mcvt=1006&p=236,1114,836,1274&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20210210&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1542450727&rs=4&met=ie&la=0&cr=0&osd=0&vs=4&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
desktop
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop
Protocol
H2
Server
35.165.132.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-132-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.123greetings.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 16 Feb 2021 04:09:30 GMT
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-xss-protection
1; mode=block
vary
Origin
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
/
events.avantisvideo.com/ 		2 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 16 Feb 2021 04:09:30 GMT
content-length
2
content-type
text/plain
desktop
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.165.132.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-165-132-70.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef145a76a553e0fd137a061b67edb0201065346219bf1c3147211767c72bf7aa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 16 Feb 2021 04:09:30 GMT
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache-response
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Origin
content-length
2437
x-xss-protection
1; mode=block
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:7100:484::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:30 GMT
x-guploader-uploadid
ABg5-UwEpOOzPXys2aUVzzCWV_Wbu0VHJb1TzpjkmShBsq4D590Wnfl8wa6N1SJ5BYiXUBuUsW5RRSgxNdlbed8fbxDS5g_vzQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
2
last-modified
Thu, 14 May 2020 13:22:36 GMT
server
UploadServer
etag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=1800
x-goog-stored-content-length
2
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 16 Feb 2021 04:39:30 GMT
aniview.js
player.aniview.com/script/6.1/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:7100:484::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4b6f2e21fdd573246166e25e88c0693f269ad5eb974fb517d6dee5f765bd65d2

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:30 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzMZGl6HzLxL4DzdDBB3kEjgOceS2HPrqXI6S5iAmBU1ZP6FyCxmzQr8TiaI-811P5NFkvA6LKdiTJAGj9UjTfUPSxLeQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9025
last-modified
Wed, 03 Feb 2021 11:37:22 GMT
server
UploadServer
etag
"b07b626603dc9e6121e6bea0651d4d48"
vary
Accept-Encoding
x-goog-hash
crc32c=BpGuWw==, md5=sHtiZgPcnmEh5r6gZR1NSA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1612352242886279
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9025
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 16 Feb 2021 04:14:30 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 0D8C 		330 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:7100:484::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
53bc4331439f779b215d1e00795e09d2e50d3c6237a801322e7ce352d8d664d6

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:30 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwmD5uH92E1Wx_lj7MkWkpg-MPtIB8x92lF6npgFOd763btiEmy4jzZZ56AYVCOZ3GoGkNcAGD68eLUqcv2CoYk6wbnVg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
95404
last-modified
Sun, 07 Feb 2021 13:02:01 GMT
server
UploadServer
etag
"186b52340c98abc7ffd7a1f3d898e5b8"
vary
Accept-Encoding
x-goog-hash
crc32c=VsFAlg==, md5=GGtSNAyYq8f/16Hz2JjluA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1612702921511543
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
95404
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 16 Feb 2021 04:14:30 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5e5bd1f528a0610dd725f7d8&e=inventory&vi=100&cb=1613448570572
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=570571&AV_WIDTH=400&AV_HEIGHT=225&cb=1613448570586
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.145.49 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-145-49.compute-1.amazonaws.com
Software
/
Resource Hash
150c4196f5ceca6150bda93c432e946b5457b5639cf17a7fa4d406ceb59cb2f3

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Thu, 04 Feb 2021 14:22:51 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 16 Feb 2021 04:09:30 GMT
content-length
2
content-type
text/plain
cookiesyncendpoint
sync.aniview.com/ Frame E9AA
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1613448570862-986626528031-021165-015-006171%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1613448570862-986626528031-021165-015-006171%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1613448570862-986626528031-021165-015-006171&biddername=55&key=8997189281055410897
0
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1613448570862-986626528031-021165-015-006171&biddername=55&key=8997189281055410897
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.103.250 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-103-250.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1613448570862-986626528031-021165-015-006171&biddername=55&key=8997189281055410897
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

date
Tue, 16 Feb 2021 04:09:31 GMT
content-length
0
set-cookie
aniC=1613448570862-986626528031-021165-015-006171; Path=/; Domain=aniview.com; Expires=Tue, 23 Feb 2021 04:09:31 GMT; Secure; SameSite=None 2_C_55=8997189281055410897; Path=/; Domain=aniview.com; Expires=Tue, 23 Feb 2021 04:09:31 GMT; Secure; SameSite=None 2_C_55=8997189281055410897; Path=/; Expires=Tue, 23 Feb 2021 04:09:31 GMT; Secure; SameSite=None

Redirect headers

Server
nginx/1.17.9
Date
Tue, 16 Feb 2021 04:09:31 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1613448570862-986626528031-021165-015-006171&biddername=55&key=8997189281055410897
AN-X-Request-Uuid
e24b13f5-de7b-461a-9637-0e2ab0fbdee8
Set-Cookie
uuid2=8997189281055410897; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 17-May-2021 04:09:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.86:80
ptv
ib.adnxs.com/ 		85 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19004300&referrer=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&us_privacy=1---&cbb=3448571135&imp_id=30336f97-c83d-46cf-a320-de24d79a3dd2
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:31 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.68:80
AN-X-Request-Uuid
ed9d7d61-8c86-442f-ad48-af053e9fe263
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&us_privacy=1---&cbb=3448571137&imp_id=30336f97-c83d-46cf-a320-de24d79a3dd2
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:31 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.47:80
AN-X-Request-Uuid
ad08587e-eb2e-4fa0-abbe-95e5db748d5e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 0D8C 		243 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:7100:484::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ceaea2fd9e4b24aece91e428baed68e62add8f39a6222935b9229a4cef1d992a

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:31 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uz2umayJCMrxPAp2emgAW7l6Oo34dnpALlRZ4jsktsg61mI_AwIo1feYByj1IWIbouhDFAQscc94mc_9syB8Ayc1Aq_og
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
78485
last-modified
Wed, 03 Feb 2021 11:36:15 GMT
server
UploadServer
etag
"642bab289f0ca1aee3990bd6b45120f7"
vary
Accept-Encoding
x-goog-hash
crc32c=XmB1jg==, md5=ZCurKJ8Moa7jmQvWtFEg9w==
content-language
en
access-control-allow-origin
*
x-goog-generation
1612352175758243
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
78485
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 16 Feb 2021 04:14:31 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 16 Feb 2021 04:09:31 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=www.123greetings.com&rs=www.123greetings.com&sid=94948&t=1613448570&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1613448570862-986626528031-021165-015-006171&cha=0.7&cb=36020423679&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1613448571141&asid=5e8ed317b5a10f46e450d499%2C5e9030afdc817965520eb855%2C6012e07d2dbaf03bbd1c0d08%2C5ed4f62cf7ab575f812fc8d4%2C5f3500a41c87da63396619f7&ofpr=%2C%2C%2C0.27%2C0.17&fpo=%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cygnus
htlb.casalemedia.com/ 		24 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2217720f6dd9747c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%228079%22%2C%22rid%22%3A%2298d0a432c6459968231fc458642b4dc6_172316265%22%2C%22name%22%3A%22123Greetings%22%2C%22hp%22%3A1%2C%22domain%22%3A%22123greetings.com%22%2C%22asi%22%3A%22avantisvideo.com%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223a44a9a771062%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22sid%22%3A%22400x225%22%7D%2C%22bidfloor%22%3A0.27%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A225%2C%22placement%22%3A4%7D%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
cecd05c20aadaf390f90d69bf6a3c3d146fa2aa046a008d7a56efbe672fe02ae

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:31 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[NL], RC:[], CN:[EU], CIP:[185.212.171.67], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Tue, 16 Feb 2021 04:09:31 GMT
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 16 Feb 2021 04:09:31 GMT
X-SpotX-Timing-Transform
0.000260
X-SpotX-Timing-SpotMarket
0.004911
X-SpotX-Timing-Page-Mux
0.000890
X-SpotX-Timing-Page-Require
0.000333
X-fe
072
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000024
X-SpotX-Timing-Page
0.008951
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000282
Last-Modified
Tue, 16 Feb 2021 04:09:31 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004911
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.002238
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=www.123greetings.com&rs=www.123greetings.com&sid=94948&t=1613448570&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1613448570862-986626528031-021165-015-006171&cha=0.7&cb=36020423679&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1613448571317&asid=6012e07d2dbaf03bbd1c0d08&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 26BB 		325 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aad1cfaa43542e25f6a2959cc6fd270c103e4b8346a4130292019f5922332998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114573
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:31 GMT
bridge3.440.1_en.html
imasdk.googleapis.com/js/core/ Frame 1F9B 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde6d423561ad924a17fb17192a2d1335d409fb5ca2196bdb0bc695be8255dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.440.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192913
date
Fri, 12 Feb 2021 01:38:12 GMT
expires
Sat, 12 Feb 2022 01:38:12 GMT
last-modified
Fri, 12 Feb 2021 01:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
354679
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 26BB 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10523
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:31 GMT
integrator.js
adservice.google.com/adsid/ Frame 26BB 		109 B
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame 1F9B 		156 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FOutstream_123greetings_Desktop_Slider_T2_Avantis_Google&description_url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2422640270291695&nofb=0&sdkv=h.3.440.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&adsid=NT&sdki=44d&adk=3292969052&sdk_apis=2%2C8&sid=CB9BB521-2E38-4EEB-9DC7-18B4D96CA4C6&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&eid=44725356%2C44728150&dt=1613448571584&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&scor=2684943555484772&ged=ve4_td1_tt0_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame D64F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 16 Feb 2021 04:09:31 GMT
Content-Length
1151
Connection
keep-alive
342438_th.jpg
i.123g.us/c/emar_sharesmile_day/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_sharesmile_day/th/342438_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bccf6567888827ee030ff5fdb228448d48ae65f610ec8ef65aa651c0262fba65

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 24 Jan 2021 00:38:40 GMT
Last-Modified
Thu, 27 Feb 2020 11:16:04 GMT
Server
Apache/2.2.15 (CentOS)
Age
1999852
ETag
"1df2-59f8cd8bc2500"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7666
jake_test
Test_Pass
Expires
Sun, 24 Jan 2021 21:07:54 GMT
321220_th.jpg
i.123g.us/c/efeb_valen_thanku/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_valen_thanku/th/321220_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b5afdc723b201b004e42a5d13aefafd24f2e4d8d58c79e23d91dbab77514009f

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 10:34:34 GMT
Last-Modified
Tue, 02 Feb 2016 12:37:58 GMT
Server
Apache/2.2.15 (CentOS)
Age
1877697
ETag
"1f57-52ac8c5729580"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8023
jake_test
Test_Pass
Expires
Fri, 29 Jan 2021 20:51:40 GMT
342384_th.gif
i.123g.us/c/efeb_cuddleday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_cuddleday/th/342384_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4cf710a7a360e3472d9a8eb48d0ed3819988aa5494cea2480ab40867802c44f6

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 18:11:06 GMT
Last-Modified
Fri, 21 Feb 2020 13:37:57 GMT
Server
Apache/2.2.15 (CentOS)
Age
208705
ETag
"1f76-59f162119f740"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8054
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 13:24:19 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 15 Feb 2021 08:03:53 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
72338
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 08:18:53 GMT
122839_th.gif
i.123g.us/c/emar_sharesmile_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_sharesmile_day/th/122839_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ff3e7291e74975ed8cc4aa304cb47a9e63f58d10bc2d2b630592fb4f8cb34211

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 20:42:13 GMT
Last-Modified
Mon, 24 Feb 2014 08:31:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
1754839
ETag
"1f2c-4f322cd33bc00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7980
jake_test
Test_Pass
Expires
Fri, 05 Feb 2021 08:27:20 GMT
121896_th.gif
i.123g.us/c/emar_behappy/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_behappy/th/121896_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4e0d987d73c96d762da92d2d4d2bdda8853c10ffbe2cf80a8a93e7da13f091fd

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 20:39:11 GMT
Last-Modified
Mon, 24 Feb 2014 09:44:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
2187021
ETag
"1e3c-4f323d0b88080"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7740
jake_test
Test_Pass
Expires
Fri, 29 Jan 2021 12:26:40 GMT
113234_th.gif
i.123g.us/c/efeb_cuddleday/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_cuddleday/th/113234_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e20b60b8098f39d06cbc942f16539c9e696c5f6f01f0d967bf7ca2b80125f019

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 18:16:06 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
1418005
ETag
"17b8-4f322ae723300"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6072
jake_test
Test_Pass
Expires
Mon, 01 Feb 2021 06:47:25 GMT
117047_th.gif
i.123g.us/c/efeb_temporaryinsanityday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_temporaryinsanityday/th/117047_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c639b289c573f35945ef6dcf473d35ed353de75587fad9302fa2887cae8b1420

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 21:26:12 GMT
Last-Modified
Mon, 24 Feb 2014 08:19:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
2011399
ETag
"1fb0-4f322a0bcad80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8112
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 04:29:18 GMT
121616_th.gif
i.123g.us/c/efeb_polarbearday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_polarbearday/th/121616_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2c930b1a60cd656522ca1759c503b22faa7b8565367a0871743dfbd13346ea38

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:31:49 GMT
Last-Modified
Mon, 24 Feb 2014 09:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
214662
ETag
"1f26-4f323c3e7dcc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7974
jake_test
Test_Pass
Expires
Sat, 13 Feb 2021 16:46:49 GMT
103771_th.gif
i.123g.us/c/efeb_mardigras/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_mardigras/th/103771_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
508ee61691d2d1f62fd9e9886cc7acc73607c116289b6289bd7b5fb56c03af7c

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 12:12:53 GMT
Last-Modified
Mon, 24 Feb 2014 08:22:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
316598
ETag
"17d7-4f322acb7b1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6103
jake_test
Test_Pass
Expires
Fri, 12 Feb 2021 12:27:53 GMT
104124_th.gif
i.123g.us/c/efeb_polarbearday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_polarbearday/th/104124_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23d8ba9939b8e2d95c2f4c0f45fa6cecf6871a591505d1c4564f82d4f32df820

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 12:07:05 GMT
Last-Modified
Mon, 24 Feb 2014 09:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
316946
ETag
"1bbe-4f323c3e7dcc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7102
jake_test
Test_Pass
Expires
Sat, 13 Feb 2021 14:42:52 GMT
110062_th.gif
i.123g.us/c/efeb_temporaryinsanityday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_temporaryinsanityday/th/110062_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5db8a4f99539993bb08dec281b82273d56722e440a6a7536bb54be3c45f866e4

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 03:29:21 GMT
Last-Modified
Mon, 24 Feb 2014 08:19:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
2076010
ETag
"1fed-4f322a0bcad80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8173
jake_test
Test_Pass
Expires
Sat, 30 Jan 2021 09:15:14 GMT
104337_th.gif
i.123g.us/c/emar_behappy/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_behappy/th/104337_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3c946e82aab35fbcd22a34a155a697bb0b0b6c9fbe4c9f580d228f3b9efd3e15

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 09:32:54 GMT
Last-Modified
Mon, 24 Feb 2014 09:44:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
326197
ETag
"1b67-4f323d0b88080"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7015
Expires
Fri, 12 Feb 2021 09:47:54 GMT
103761_th.gif
i.123g.us/c/efeb_mardigras/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_mardigras/th/103761_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67f98ed75f7027e7fca822094d8fa5304c975b3ec0ea3f5b14950883d84cb33b

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 27 Jan 2021 12:41:51 GMT
Last-Modified
Mon, 24 Feb 2014 08:22:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
1697260
ETag
"1faa-4f322acb7b1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8106
jake_test
Test_Pass
Expires
Tue, 02 Feb 2021 07:55:06 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame FB8D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7927f1998f0bc92134b7fda9c06a57969ca6635e9c5ed14a7571521eb6ab5520

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/um/ixmatch.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YCtFewIurnwfhqWRYpb.kwAA; CMPS=3164
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://js-sec.indexww.com/um/ixmatch.html

Response headers

Server
Apache
Content-Type
text/html
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1559
Expires
Tue, 16 Feb 2021 04:09:31 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:31 GMT
Connection
keep-alive
Set-Cookie
CMID=YCtFewIurnwfhqWRYpb.kwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Feb 2022 04:09:31 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 17 May 2021 04:09:31 GMT CMPRO=1170;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 17 May 2021 04:09:31 GMT CMST=YCtFe2ArRXsA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 17 Feb 2021 04:09:31 GMT CMRUM3=dd602b457b27600&40602b457b05a0&2d602b457b05a0&e6602b457b27600&f1602b457b05a00&69602b457b05a0&bc602b457b05a00&27602b457b0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Feb 2022 04:09:31 GMT

Redirect headers

Server
Apache
Content-Length
376
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Tue, 16 Feb 2021 04:09:31 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:31 GMT
Connection
keep-alive
Set-Cookie
CMID=YCtFewIurnwfhqWRYpb.kwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Wed, 16 Feb 2022 04:09:31 GMT CMPS=3164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Mon, 17 May 2021 04:09:31 GMT
crum
dsum-sec.casalemedia.com/ Frame FB8D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YCtFewIurnwfhqWRYpb.kwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGCJLPDJ0I8b7HUevYTXVww&google_cver=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGCJLPDJ0I8b7HUevYTXVww&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 16 Feb 2021 04:09:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGCJLPDJ0I8b7HUevYTXVww&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame FB8D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YCtFewIurnwfhqWRYpb-kwAABJIAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEB6k3TakfRh5MSqOPeUlRF0&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEB6k3TakfRh5MSqOPeUlRF0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 16 Feb 2021 04:09:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEB6k3TakfRh5MSqOPeUlRF0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame FB8D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_user_id=YCtFewIurnwfhqWRYpb.kwAA&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&gdpr=1&cm_dsp_id=70
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.43.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-43-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame FB8D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCtFewIurnwfhqWRYpb-kwAABJIAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCtFewIurnwfhqWRYpb-kwAABJIAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCtFewIurnwfhqWRYpb-kwAABJIAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:32 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:32 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&id=YCtFewIurnwfhqWRYpb-kwAABJIAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FB8D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1616040572
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1616040572
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 16 Feb 2021 04:09:32 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:31 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1616040572
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum-sec.casalemedia.com/ Frame FB8D
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 16 Feb 2021 04:09:32 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Tue, 16 Feb 2021 04:09:32 GMT
server
nginx/1.18.0
content-length
76
CookieIndex
rtb.adentifi.com/ Frame FB8D 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.227.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-227-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
tpid=YCtFewIurnwfhqWRYpb.kwAA%261170
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame FB8D
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YCtFewIurnwfhqWRYpb.kwAA%261170
  • https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YCtFewIurnwfhqWRYpb.kwAA%261170
49 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YCtFewIurnwfhqWRYpb.kwAA%261170
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:32 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.216
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:32 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YCtFewIurnwfhqWRYpb.kwAA%261170
cache-control
no-cache
x-server
10.45.16.78
content-length
0
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame FB8D 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YCtFewIurnwfhqWRYpb.kwAA%261170
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-208-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/send/view/02111921202227047176/r5&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 04:09:32 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2768
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 16 Feb 2021 04:55:40 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 16 Feb 2021 04:09:32 GMT
content-length
2
content-type
text/plain
ptv
ib.adnxs.com/ 		85 B
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19004300&referrer=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&us_privacy=1---&cbb=3448572041&imp_id=361f41b6-e5f8-4fc8-b431-a93956c46bba
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:32 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.37:80
AN-X-Request-Uuid
90edea19-42cf-476e-87ba-fd4f5d6c46a8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&us_privacy=1---&cbb=3448572041&imp_id=361f41b6-e5f8-4fc8-b431-a93956c46bba
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Feb 2021 04:09:32 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.42:80
AN-X-Request-Uuid
dee4bf42-8dd3-4671-b77c-374f91b577a1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 16 Feb 2021 04:09:32 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=www.123greetings.com&rs=www.123greetings.com&sid=94948&t=1613448570&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1613448570862-986626528031-021165-015-006171&cha=0.7&cb=36020423679&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1613448572042&asid=5e8ed317b5a10f46e450d499%2C5e9030afdc817965520eb855%2C6012e07d2dbaf03bbd1c0d08%2C5ed4f62cf7ab575f812fc8d4%2C5f3500a41c87da63396619f7&ofpr=%2C%2C%2C0.27%2C0.17&fpo=%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:32 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 16 Feb 2021 04:09:32 GMT
X-SpotX-Timing-Transform
0.000324
X-SpotX-Timing-SpotMarket
0.005917
X-SpotX-Timing-Page-Mux
0.000999
X-SpotX-Timing-Page-Require
0.000388
X-fe
058
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000031
X-SpotX-Timing-Page
0.010503
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000322
Last-Modified
Tue, 16 Feb 2021 04:09:32 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005917
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.002506
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		24 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%228bca79c0011141%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%228079%22%2C%22rid%22%3A%2298d0a432c6459968231fc458642b4dc6_172316265%22%2C%22name%22%3A%22123Greetings%22%2C%22hp%22%3A1%2C%22domain%22%3A%22123greetings.com%22%2C%22asi%22%3A%22avantisvideo.com%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2299685ce8a33a96%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22sid%22%3A%22400x225%22%7D%2C%22bidfloor%22%3A0.27%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A225%2C%22placement%22%3A4%7D%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
7dc3e80207176accc76a73eb6776471cc29f0e06185a1e01e1b2981d7ef9d856

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Feb 2021 04:09:32 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[NL], RC:[], CN:[EU], CIP:[185.212.171.67], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Tue, 16 Feb 2021 04:09:32 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=www.123greetings.com&rs=www.123greetings.com&sid=94948&t=1613448570&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1613448570862-986626528031-021165-015-006171&cha=0.7&cb=36020423679&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1613448572116&asid=6012e07d2dbaf03bbd1c0d08&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:32 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 69FA 		325 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aad1cfaa43542e25f6a2959cc6fd270c103e4b8346a4130292019f5922332998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114573
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:32 GMT
bridge3.440.1_en.html
imasdk.googleapis.com/js/core/ Frame 4F73 		577 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde6d423561ad924a17fb17192a2d1335d409fb5ca2196bdb0bc695be8255dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.440.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/send/view/02111921202227047176/r5
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.123greetings.com/send/view/02111921202227047176/r5

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192913
date
Fri, 12 Feb 2021 01:38:12 GMT
expires
Sat, 12 Feb 2022 01:38:12 GMT
last-modified
Fri, 12 Feb 2021 01:33:01 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
354680
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 69FA 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10523
x-xss-protection
0
expires
Tue, 16 Feb 2021 04:09:32 GMT
integrator.js
adservice.google.com/adsid/ Frame 69FA 		109 B
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Feb 2021 04:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame 4F73 		156 B
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FOutstream_123greetings_Desktop_Slider_T2_Avantis_Google&description_url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3014700556097971&nofb=0&sdkv=h.3.440.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&adsid=NT&sdki=44d&adk=1945808977&sdk_apis=2%2C8&sid=FA9A2DBF-F7CD-4012-BC2A-A79AF1DED931&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F02111921202227047176%2Fr5&eid=44730612&dlt=1613448572118&idt=96&dt=1613448572235&cookie=ID%3Dc930fadf61b5480a-22f0bc4c7dba00b8%3AT%3D1613448567%3AS%3DALNI_MbhCvHl1NfpbpHytAxtp1xouPjpaQ&scor=2295554499036422&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/js/core/bridge3.440.1_en.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 16 Feb 2021 04:09:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 16 Feb 2021 04:09:32 GMT
content-length
2
content-type
text/plain
103761_th.gif
i.123g.us/c/efeb_mardigras/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_mardigras/th/103761_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67f98ed75f7027e7fca822094d8fa5304c975b3ec0ea3f5b14950883d84cb33b

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 27 Jan 2021 12:41:51 GMT
Last-Modified
Mon, 24 Feb 2014 08:22:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
1697263
ETag
"1faa-4f322acb7b1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8106
jake_test
Test_Pass
Expires
Tue, 02 Feb 2021 07:55:06 GMT
342438_th.jpg
i.123g.us/c/emar_sharesmile_day/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_sharesmile_day/th/342438_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bccf6567888827ee030ff5fdb228448d48ae65f610ec8ef65aa651c0262fba65

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 24 Jan 2021 00:38:40 GMT
Last-Modified
Thu, 27 Feb 2020 11:16:04 GMT
Server
Apache/2.2.15 (CentOS)
Age
1999854
ETag
"1df2-59f8cd8bc2500"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7666
jake_test
Test_Pass
Expires
Sun, 24 Jan 2021 21:07:54 GMT
321220_th.jpg
i.123g.us/c/efeb_valen_thanku/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_valen_thanku/th/321220_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b5afdc723b201b004e42a5d13aefafd24f2e4d8d58c79e23d91dbab77514009f

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 25 Jan 2021 10:34:34 GMT
Last-Modified
Tue, 02 Feb 2016 12:37:58 GMT
Server
Apache/2.2.15 (CentOS)
Age
1877700
ETag
"1f57-52ac8c5729580"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8023
jake_test
Test_Pass
Expires
Fri, 29 Jan 2021 20:51:40 GMT
342384_th.gif
i.123g.us/c/efeb_cuddleday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_cuddleday/th/342384_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4cf710a7a360e3472d9a8eb48d0ed3819988aa5494cea2480ab40867802c44f6

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 18:11:06 GMT
Last-Modified
Fri, 21 Feb 2020 13:37:57 GMT
Server
Apache/2.2.15 (CentOS)
Age
208708
ETag
"1f76-59f162119f740"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8054
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 13:24:19 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 15 Feb 2021 08:03:53 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
72341
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 08:18:53 GMT
122839_th.gif
i.123g.us/c/emar_sharesmile_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_sharesmile_day/th/122839_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ff3e7291e74975ed8cc4aa304cb47a9e63f58d10bc2d2b630592fb4f8cb34211

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 26 Jan 2021 20:42:13 GMT
Last-Modified
Mon, 24 Feb 2014 08:31:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
1754841
ETag
"1f2c-4f322cd33bc00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7980
jake_test
Test_Pass
Expires
Fri, 05 Feb 2021 08:27:20 GMT
121896_th.gif
i.123g.us/c/emar_behappy/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_behappy/th/121896_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4e0d987d73c96d762da92d2d4d2bdda8853c10ffbe2cf80a8a93e7da13f091fd

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 21 Jan 2021 20:39:11 GMT
Last-Modified
Mon, 24 Feb 2014 09:44:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
2187023
ETag
"1e3c-4f323d0b88080"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7740
jake_test
Test_Pass
Expires
Fri, 29 Jan 2021 12:26:40 GMT
113234_th.gif
i.123g.us/c/efeb_cuddleday/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_cuddleday/th/113234_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e20b60b8098f39d06cbc942f16539c9e696c5f6f01f0d967bf7ca2b80125f019

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 Jan 2021 18:16:06 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
1418008
ETag
"17b8-4f322ae723300"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6072
jake_test
Test_Pass
Expires
Mon, 01 Feb 2021 06:47:25 GMT
117047_th.gif
i.123g.us/c/efeb_temporaryinsanityday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_temporaryinsanityday/th/117047_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c639b289c573f35945ef6dcf473d35ed353de75587fad9302fa2887cae8b1420

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 21:26:12 GMT
Last-Modified
Mon, 24 Feb 2014 08:19:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
2011402
ETag
"1fb0-4f322a0bcad80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8112
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 04:29:18 GMT
121616_th.gif
i.123g.us/c/efeb_polarbearday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_polarbearday/th/121616_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2c930b1a60cd656522ca1759c503b22faa7b8565367a0871743dfbd13346ea38

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:31:49 GMT
Last-Modified
Mon, 24 Feb 2014 09:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
214665
ETag
"1f26-4f323c3e7dcc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7974
jake_test
Test_Pass
Expires
Sat, 13 Feb 2021 16:46:49 GMT
103771_th.gif
i.123g.us/c/efeb_mardigras/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_mardigras/th/103771_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
508ee61691d2d1f62fd9e9886cc7acc73607c116289b6289bd7b5fb56c03af7c

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 12:12:53 GMT
Last-Modified
Mon, 24 Feb 2014 08:22:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
316601
ETag
"17d7-4f322acb7b1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6103
jake_test
Test_Pass
Expires
Fri, 12 Feb 2021 12:27:53 GMT
104124_th.gif
i.123g.us/c/efeb_polarbearday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_polarbearday/th/104124_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23d8ba9939b8e2d95c2f4c0f45fa6cecf6871a591505d1c4564f82d4f32df820

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 12:07:05 GMT
Last-Modified
Mon, 24 Feb 2014 09:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
316949
ETag
"1bbe-4f323c3e7dcc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7102
jake_test
Test_Pass
Expires
Sat, 13 Feb 2021 14:42:52 GMT
110062_th.gif
i.123g.us/c/efeb_temporaryinsanityday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_temporaryinsanityday/th/110062_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5db8a4f99539993bb08dec281b82273d56722e440a6a7536bb54be3c45f866e4

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 23 Jan 2021 03:29:21 GMT
Last-Modified
Mon, 24 Feb 2014 08:19:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
2076013
ETag
"1fed-4f322a0bcad80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8173
jake_test
Test_Pass
Expires
Sat, 30 Jan 2021 09:15:14 GMT
104337_th.gif
i.123g.us/c/emar_behappy/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_behappy/th/104337_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3c946e82aab35fbcd22a34a155a697bb0b0b6c9fbe4c9f580d228f3b9efd3e15

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 09:32:54 GMT
Last-Modified
Mon, 24 Feb 2014 09:44:18 GMT
Server
Apache/2.2.15 (CentOS)
Age
326200
ETag
"1b67-4f323d0b88080"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7015
Expires
Fri, 12 Feb 2021 09:47:54 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=NL&cos=OSX&r=www.123greetings.com&rs=www.123greetings.com&sid=94948&t=1613448570&cip=185.212.171.67&sn=&tgt=0&osv=10.14.5&bv=83.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1613448570862-986626528031-021165-015-006171&cha=0.7&cb=36020423679&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.102.221 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/send/view/02111921202227047176/r5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 16 Feb 2021 04:09:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Verdicts & Comments Add Verdict or Comment

478 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| swfobject number| showmore_time number| showmore_time1 object| pos_arr number| start_x string| user_server_IP object| aImages string| base_url string| base_url_new string| loginpop_url boolean| tellafrnd_flag string| cardcustommusic object| extraopts string| studio_mus string| logged_in_id string| logged_in_email string| logged_in_name function| checkEmail_site function| setCookie function| getCookie function| setSessCokieNew function| getSessCokieNew function| getCardType function| isIE function| detectIE object| googletag function| NewDFPADCode function| PreRollAd function| embed_flash function| load_json function| loadTopNav function| showMore function| closeMore function| clearCloseMore function| showMore1 function| closeMore1 function| clearCloseMore1 object| CardRating function| showViews function| showSent object| CardRelevency object| CardTags function| Tab123 function| blankOnFocus number| nl_timer object| nl_vars function| nl_email_validate function| nl_setTypo function| preload function| addthis_click function| showSearchTagClouds_New function| showSearchTagClouds function| showCardsTagClouds function| showCardsTagClouds_new function| showYouTubeCard function| embedswf_swfobject function| show_embed function| makeCopy function| setCookie_new function| showPreview_new function| showQuickSend function| quick_send function| LoadMusic_New function| changeAudioMusic undefined| v_api undefined| a_api function| Load_Video_Card function| video_callback function| Remove_Video_Card function| Remove_Audio_Card function| changeMusic boolean| mopTipFlag boolean| openMopTip undefined| mopTipW undefined| mopTipH string| mopTipID object| mopTipFunc undefined| mopTipPin undefined| mopTipContent number| mopTipTime object| contact_arr object| contact_email_arr number| is_photocard function| showHideComments function| sendFeedback function| unescapeHtml function| get_evcal function| set_evcal function| setUserPref function| getUserPref function| setSessCokie function| getSessCokie function| addCommas function| selectMusic string| mus_vol function| PlayMusic function| StopMusic function| SetMusic function| GetMusic function| showcard_takeover function| shareFriends_init function| showFriendsAddr function| showLoginBar function| showLoginSignupPopup function| loadConfigData function| SetAsBookmark function| showHPCustomBlocks function| getUsrCountry function| loadCustomMusic_Studio function| LoadHeaderMenu function| socialMediaShowHide function| ShowMantle function| getCookieConsent function| showSpecialExitAd function| CheckAD_Blocker function| Show_Animation function| ShowSearchAutoCom function| getInternetExplorerVersion number| start_y number| startx number| starty string| scroller_html function| callOnPageLoad function| showBookmark function| clearCloseMore_new1 function| closeMore_new1 function| showMore_new1 function| clearCloseMore_new function| closeMore_new function| showMore_new function| showNavPanel function| showMoreCardsHP function| Tab123_New object| timer function| NLSubscribe function| HP_scroller function| QuickSendHP string| sort_op function| FAQ_validate function| showCardno function| showPaging function| showResults function| sortMembers function| printCard function| print_init function| FCP_Sender_Block function| showThankBlock function| showThankBlock_Popup function| showSendAnotherCard function| showSendAnotherCard_Popup function| DoAfterVideo function| buildFullFCP function| ShowFCPThankCard function| ThumbCarousel function| buildThankPage function| Track_Thank_Scroller function| Thank_Scroller function| Show_Thumbs function| Show_Icons function| showFCPQuickSend function| showFCPQuickSend_New function| getPlugins function| v function| w function| smus function| tmus function| play function| LoadMusic function| LoadMultipleMusic object| a object| b object| c object| d object| f object| g object| h number| player string| defaultmus string| agt boolean| ie boolean| win object| mt string| nse string| p string| n object| email_uid function| showBoxContent function| getHappyBirthdaySubCat function| getAnniversarySubCatNew function| getHappyBirthdaySubCatNew function| showCardData function| showPreviewCardData function| showFbUserData function| checkDate function| fillDay function| fillMonth function| fillYear function| fillFullDay function| fillFullMonth function| getStatusCodes function| Show_Contact function| Add_Contact function| Edit_Contact function| Delete_Contact function| Import_Contact function| Do_Signup function| Do_Login function| Do_Logout function| Do_ForgotPwd function| Check_Login function| Validate_Login function| SetTypoVal function| Validate_Signup function| Validate_Newpwd object| allcontacts_arr object| allfriends_arr object| allpendingfrnd object| allmutualfriends object| all_imcontacts object| all_friendsactivity object| all_myactivity object| all_artists object| connect_data function| Show_Allcontacts function| Show_Allfriends function| Show_Pending_Frnd function| Show_MyFriends function| Show_MutualFriends function| Show_MyActivity_New function| Show_FriendsActivity_New function| Add_NewContact function| Edit_NewContact function| Edit_RemiderContact function| Delete_NewContact function| Delete_ContactNew function| Pending_FrndReq function| Pending_FrndReq1 function| Get_MutualFrnd function| Confirm_Email function| Confirm_Email_MyPage function| ChangePic function| ChangePicMyPage function| ImportContact object| filterArr function| Filter_Contact object| all_birthdays function| Show_Birthdays function| getFullDate object| all_reminders function| ShowReminder function| ShowReminderPrint function| SaveBdayReminder function| SaveAnnivReminder function| getSelectionText function| selectElementText function| copySelectionText function| AddtoSendCard object| eventids object| allevents_arr object| addevents_ids object| delevents_ids object| delidsarr boolean| isMyEventsCalled function| events_init function| events_init_mypage function| getMyEvents function| Show_MyEvents function| Filter_Event function| Add_Event function| Delete_Event function| SaveEventReminder function| Show_Artists function| Delete_Artist function| Follow_Artist function| Follow_Artist_Mypage function| Show_FollowArtist function| ChangeTemplate function| SetPreview function| ShowFriendList function| AddFriendManually function| fillTime function| fillHours function| fillMinutes function| SetHiddenVars function| AddCalendar function| ShowInviteeInfo function| DeleteInvite function| SetJoiningOpt function| SaveRespond function| SaveInvite function| Validate_AcctSettings function| Validate_AcctSettings_MyPage function| AddNewFamilyMemberRow function| Validate_FamilyMember_MyPage function| SetTypoValFamilyMemberMyPage function| Validate_MarriedFamilyMember_MyPage function| SetTypoValMarriedFamilyMemberMyPage function| AddNewFriend function| Validate_NewFriend_MyPage function| Validate_Event_Reminder function| Validate_ProfileSettings function| AddNewFamilyMemberRowSettings function| AddNewMarriedFamilyMemberRowSettings function| Validate_FamilyMember_SettingPage function| SetTypoValMarriedFamilyMemberSettingsPage function| Validate_AddReminder_Manually function| Add_New_Reminder function| Validate_Manual_Contact function| SetTypoValManualContact function| init_scheduled_card function| Validate_AddReminder_Logout function| Validate_AddReminder_Login function| Validate_AddFriendsReminder_Logout function| Validate_AddFriendsReminder_Login function| Validate_ChangeMindReminder_Logout function| scrollToAnchor function| dropDownMonthDayChanged object| track_dataarr_received function| callAjaxMyPage function| SaveNewPassword function| SaveBdaySettings function| SaveAnniversarySettings function| SaveEventSettings function| SaveFollowUpdatesSettings function| SavePrivacySettings function| SaveNewEmailAddress function| ResendEmailVerification function| RemoveSecondaryEmail function| UpdatePrimaryCommEmail function| SaveFBConnectSettings function| Do_Blockuser function| Show_Paging function| Show_Paging_New function| DoExtra function| ConnectBlocks_in123g function| CallPlugin_api function| connect_blocks function| Show_ImportfrmCookie function| Show_EmptyAddrBook function| Show_PendingFrndReq function| TimestamptoDays function| showDateTxt function| Show_Thank_DeliveryDtl function| showContactsInvites object| bubble_data function| getServPath function| getCrossDomainMsgPost function| showNotificationCounts function| connectNotification_init object| sendCardData object| recvCardData undefined| sendCardDataCount undefined| recvCardDataCount function| showRecvdCards function| showSntCards function| showMyecardsSuggessions function| showUpBdays function| showBdayReminder function| showUpEvents function| showEventReminder function| showSuggessions function| ShowEventsCards function| connectWithFacebook function| LinkAuthed function| DelinkFB function| InviteFrnd function| InviteFB_Friends object| jQuery18203754255012383543 object| card_contents string| affId string| cardId string| user_card_no string| cat_q1 string| sub_cat_q1 string| receiver_email_enc object| isPhotoCard object| qs_params string| q1_thank number| left object| others_cards string| is_sender object| animation function| unblockCallFunc object| FB function| publish function| publish_pint function| getpdf function| addCalendar string| site_rtn_overlay function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| config_data number| c2 number| c1 object| card_details boolean| isopen boolean| flag object| boxFunc object| top_menu object| tagclouds_cards function| loadQ1Json object| ggeac object| google_js_reporting_queue number| offset number| end function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| google_reactive_ads_global_state function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| list object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner object| details object| more object| generated_time object| cards object| q1_dtl object| music_dtl number| int_more_cards object| subcats object| topcards object| $e object| google_image_requests object| avntsWebpackJsonp number| avnts_player function| avPlayer object| storageAni object| closure_lm_243759 object| closure_lm_905867

4 Cookies

Domain/Path Name / Value
.123greetings.com/ Name: _gat_gtag_UA_3076315_1
Value: 1
www.123greetings.com/ Name: config_data
Value: CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=1
.123greetings.com/ Name: _gid
Value: GA1.2.1499543834.1613448565
.123greetings.com/ Name: _ga
Value: GA1.2.249445502.1613448565

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs(Line 9)
Message:
Powered by AMP ⚡ HTML – Version 2010270040000 https://www.123greetings.com/send/view/02111921202227047176/r5
console-api info URL: https://cdn.ampproject.org/rtv/022010270040000/amp4ads-v0.mjs(Line 9)
Message:
Powered by AMP ⚡ HTML – Version 2010270040000 https://www.123greetings.com/send/view/02111921202227047176/r5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64bc14cbd9066a544c8596d93086715c.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
assets.pinterest.com
avm.avantisvideo.com
bcp.crwdcntrl.net
c.123g.us
cdn.ampproject.org
cdn.avantisvideo.com
cdn1.avantisvideo.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
events.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
htlb.casalemedia.com
i.123g.us
ib.adnxs.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
play.aniview.com
player.aniview.com
pubads.g.doubleclick.net
rtb.adentifi.com
s.amazon-adsystem.com
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.avantisvideo.com
sync.aniview.com
tpc.googlesyndication.com
track1.aniview.com
trkn.us
v.123g.us
web.facebook.com
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.123g.us
142.250.185.226
172.217.16.130
172.217.23.98
184.31.84.150
184.72.245.68
185.33.221.88
185.33.221.91
185.94.180.124
23.218.208.246
23.67.141.101
2600:9000:2127:be00:1c:38a0:8a40:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2006
2a00:1450:4001:812::2001
2a00:1450:4001:812::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a02:26f0:7100:1ad::1931
2a02:26f0:7100:484::2c79
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
3.223.102.221
35.165.132.70
35.171.145.49
52.214.43.215
52.215.154.33
52.3.103.250
52.48.137.92
52.54.0.202
54.236.227.29
54.239.17.112
54.244.32.41
66.155.71.25
67.26.83.252
67.27.157.124
67.27.235.252
8.253.204.245
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
09e4647c93bc3f34ee110dae0898995ff8cd592ebc281eb4ae985f7fcf91a12a
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0cda1ce9267f9379be6f18b526a45de6eab728db5ef387c4265e868e02e43add
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
123befcec3590e5fac545c132399414c8baffc3e28840d6df912070e2a0fdeff
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
150c4196f5ceca6150bda93c432e946b5457b5639cf17a7fa4d406ceb59cb2f3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1df7e0416552b349d5be99d04e1c6f0c1ac6efb0f7ea6ed3d09ecce101f8a7e9
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063
23d8ba9939b8e2d95c2f4c0f45fa6cecf6871a591505d1c4564f82d4f32df820
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2c930b1a60cd656522ca1759c503b22faa7b8565367a0871743dfbd13346ea38
2d3e0f1b66409603b9bcf65c846b9e0444ca796694ee9d7e493f8faa7b9a9ed5
2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30356f4ee7951ecbcb3b3581c7382375d9a6b3f7758387b159161f314b0dcf89
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36b7dd68cb3209e0d249d41d567f5dc3a65d0ea88f046a4eb641747e3c1b8423
375839fcbeb086876ba24ce6fd116da53df503609aca3c472310f46095682c6d
397e3beec7f10e34909b5609808982f5ade4a94003aa2a06a37a93ccec132be0
3ba8b07377df201f4ed44920f9041e5b49472048341dd8db70cda6dd00a8f61e
3c946e82aab35fbcd22a34a155a697bb0b0b6c9fbe4c9f580d228f3b9efd3e15
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2
407a3b33ecf971df61debf276dab49d597406581ea2576a533a4b0ccbf6deaf2
4124e64c75052f58252df291616ec3f689844840439f34cca4b1922366efee93
45287e4a8b14bb9bbcb752e7b157bc43babf7138cd1c97ff2b247b7075a1b70f
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b6f2e21fdd573246166e25e88c0693f269ad5eb974fb517d6dee5f765bd65d2
4b88f7b6ef2969d20f5bf0699c4d4809cb9feafa532cca845e53c0477b501d4f
4b897f80be17cf6623b8ecf2101fade714236c5ec74042fbbf9495d4ebf406e3
4bd132b612c6363a2ec753198c846cd529ea5168874837046abdac11054097b0
4cf710a7a360e3472d9a8eb48d0ed3819988aa5494cea2480ab40867802c44f6
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
4e0d987d73c96d762da92d2d4d2bdda8853c10ffbe2cf80a8a93e7da13f091fd
508ee61691d2d1f62fd9e9886cc7acc73607c116289b6289bd7b5fb56c03af7c
51c1b7f44ec78241fcc808e6df0989b074a211792b4190b3a1bd087a62b1b297
53bc4331439f779b215d1e00795e09d2e50d3c6237a801322e7ce352d8d664d6
54a4fb12caebfaa4003f5eba45e61ddaedf1cd747d30047121f38811b9862777
570411bfbbb25ffa4b5ef09ab137f79044218127ba8fb52b5d800fcac5a83da2
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5db8a4f99539993bb08dec281b82273d56722e440a6a7536bb54be3c45f866e4
62920b1fb80cd4c66afd8dc2c721f4f8aa3432ba23018bae94bd7a35835bf680
62b4edda70a71de2b19878a52816579a74872cd05897d2b1ef46a92b06665f6f
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
67afd27efd4e0126a12c7ece4fb31e7b26ac3b33ac2b33b3481d5f5ba9dc2e64
67f98ed75f7027e7fca822094d8fa5304c975b3ec0ea3f5b14950883d84cb33b
6920e736540cc020b35ce2021832adc1517afa3f868e3de264e2439a0c5da7a4
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c160a06935356d71d853e0825d4fd03198c6ea245ca4ba0b9079dd88a6e9fb2
6f331d1c54aa91e50511d335fd0a8fbaed9193f576ae011d40dddb306802663b
700d1d900f10d454a72ce90127520d4ecbbc35725e63b2b2fe9a46e9c9d3fc02
71554b959d04edb36d76e88ffa149faaefefec917865b71a33fb8c6ff2fa9ca6
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
7272d4ee4691fbb05f8844d60af444ec17e03d6e009fddaebd2bc97c2ab66b67
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
7927f1998f0bc92134b7fda9c06a57969ca6635e9c5ed14a7571521eb6ab5520
7ab0341f68cc06548e5b65a9660bf17584dd7a03bc68edf26a41a560789d1a84
7bf6aa601f245548822ec6c2b85a95d3ba4f72024e6970aabc2d7e0c0ca0f80f
7c0571c4439bc71a810f1f6021ead277b6b22fb193908d99202edaa4e6e56fe5
7dc3e80207176accc76a73eb6776471cc29f0e06185a1e01e1b2981d7ef9d856
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
81520a90bbeb5385b97e93219b5acc7bf6a875aeeb615002814dd8208e9852e1
834ce4fee0368df6c94b9c6b1abfa2c819d0b282f5318575c38cf59c7a50b8ea
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb
87309d0e7c14f1029472a0febd8a38340b52686bb1805d968c18264acde6cde8
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fcfdf2a65cd305327b35c045743ea600b0c8ee7d2850637afd976ebbdb34814
90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905
92cea13927f23ea44ef028e531d5fbef3be60d7211fbbf843bc430bf437a870b
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944
976b448a1c7d0db7f32e178c9d3015febe6339f9fbf1252b49d840728f366c2a
9bcf880d7ad9e11f9e76f340e69ae7faa3ed2f8d7d1065d5777ae3edbb2d5373
a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb
a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969
a29297eaef6c8ec4f15846560d443d488afd81b9b85b1e3357656587bc9db222
a34d9b6a0e7f65637598b9c9ae3cfaf479b990de0a472f08b4a8dcc2398348ad
a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de
a4d6aa13ff3f2301cbe6c6af90b3edc2c8d1b60cb8e0b9d654db8dc668e862ae
a77a75eb4f142e250f8806837ffa755dcd82995933e62b03fc6ef639e7fff843
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa8b2b423f78df02b2f54ac82abbe3d3eb5c7b29fc3860f2f169a9f72654c1fc
aaadfe3a946540f3a72c871fa4f1ddd07928d6d0cd3306e74cb3b402945288ae
aad1cfaa43542e25f6a2959cc6fd270c103e4b8346a4130292019f5922332998
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ac483e594ec505f2248a5ae0fdb098624168eeeb904b376cdd66a790b3053877
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848
af4acfc4586c2d5c11514ef08681ca1cc7f69db15e61443a7e6347226f82633d
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d6a1132cdefa4a87585b74eda12c4bc0b1744f7d15f675c3f5779a20fb57df
b1d7b289bc01e7ad05de863e2909f783a7c778e9775fcfa7ff6450d66e68e69a
b2af45f8f19487bec351186a0329f2460e8374d986f4096a610d45f30e3dda7a
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b5afdc723b201b004e42a5d13aefafd24f2e4d8d58c79e23d91dbab77514009f
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b6d0baad18d8c8777ef627d789c21ecde6910b0e5842ffb562d18ecc0f4f39cc
b788333e580e798519f5122055aaeddc62685ee78e6ef43cb55bb30db58f6a61
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01
bccf6567888827ee030ff5fdb228448d48ae65f610ec8ef65aa651c0262fba65
c1885f423c2c3cb98bf67c60b4cf9bf982855e23eaa6355c503adc9147547cb9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c49b8ca6a9ac4012b9cd1b65db9c217bb16bfd7ff4c4aa18b3cd2ee728080881
c639b289c573f35945ef6dcf473d35ed353de75587fad9302fa2887cae8b1420
c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb
ca0c70e9f630b881f04c602147c07bd3ba3e63cded94d0a03620db7e11cd76f6
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cde6d423561ad924a17fb17192a2d1335d409fb5ca2196bdb0bc695be8255dec
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ceaea2fd9e4b24aece91e428baed68e62add8f39a6222935b9229a4cef1d992a
cecd05c20aadaf390f90d69bf6a3c3d146fa2aa046a008d7a56efbe672fe02ae
d033f51d2697896f250126d26223e1eb8a5a64f059b5d65fba9da8070bdd5f0d
d1a70d3d0a0be27194afd9b941c1a644db2a1acfc6754ab69f85150aa428f75b
d2b13ee812188a64ef574ee912eaea945b1ae2a5a54b413e2fdfda94a7a58d09
d4390447cdbeb188fcda3f6593cbb3ebb1db6fe26ddf5589e00c5bce297ce38a
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d9794b8027bbd0acf3703a6997b812381d8c34e7a46f69a72cb0b374d011c18a
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
ddc4c42e9b4204acd9efa92309765127f83d4ec3dee60be588854ec6765ef7db
e09d30cc4a7638b2004ffa2444b4eb61ec59f2cda2c823f6130f3cae9eb05ffa
e1892e9eee5c0b0cc01799ca7b3e16ebe91fabd6a4a876463aed1b9d65266150
e20b60b8098f39d06cbc942f16539c9e696c5f6f01f0d967bf7ca2b80125f019
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42ded22e1888b43db2267140c74bc8490431dc6e3422ab9a4897d67066f6e30
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e8fd4adc33ce0d2a772d065d49cd0129f30ab8b68ecc5b31db10bd9ba43f2ff3
ea0235622b16dcd550ed3e49388674a76a77827e1bae5a5b142cc97f34091b4d
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef145a76a553e0fd137a061b67edb0201065346219bf1c3147211767c72bf7aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efed473401c0fd0372f5b06aa7ec24dfb267ad74a9aad22ad77457a51f71312b
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
fa92d3913d9510bbe741727a7be16c17cd0b6bfd1f597851d4a87981a88ca2ec
fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9
fedb307abb8149c457e5f1df0e2ae11452c2179f57d56a30c5558e0e98fb2d40
ff3e7291e74975ed8cc4aa304cb47a9e63f58d10bc2d2b630592fb4f8cb34211
ff5d79853b24ef94811fa8ffd5d504fd70a8b9f5501d7f17057ba7a4dd5332db