urlscan.io logo urlscan.io
SecurityTrails logo

www.123greetings.com Open in urlscan Pro
184.72.244.154  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Submission: On January 19 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 52 IPs in 6 countries across 38 domains to perform 342 HTTP transactions. The main IP is 184.72.244.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com. The Cisco Umbrella rank of the primary domain is 284678.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.
This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 184.72.244.154 14618 (AMAZON-AES)
38 67.27.235.124 3356 (LEVEL3)
45 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 54.205.137.106 14618 (AMAZON-AES)
5 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
5 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
43 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
22 67.27.157.124 3356 (LEVEL3)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
2 67.27.233.252 3356 (LEVEL3)
1 11 2a00:1450:400... 15169 (GOOGLE)
16 142.250.186.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
8 2600:9000:225... 16509 (AMAZON-02)
1 2 142.250.186.38 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:223... ()
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638:1::11 44788 (ASN-CRITE...)
4 2600:9000:223... 16509 (AMAZON-02)
7 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 178.250.0.139 44788 (ASN-CRITE...)
2 178.250.2.150 44788 (ASN-CRITE...)
2 54.186.195.144 16509 (AMAZON-02)
1 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
3 2a02:26f0:e30... 20940 (AKAMAI-ASN1)
3 34.195.16.202 14618 (AMAZON-AES)
1 3.217.20.60 14618 (AMAZON-AES)
2 2 185.33.221.13 29990 (ASN-APPNEX)
1 18.208.85.173 ()
1 72.251.249.9 29791 (VOXEL-DOT...)
3 185.33.221.15 29990 (ASN-APPNEX)
1 3.69.225.48 ()
1 213.19.147.42 26120 (RHYTHMONE)
1 23.0.33.234 16625 (AKAMAI-AS)
6 2a00:1450:400... ()
1 2a00:1450:400... ()
1 184.30.20.185 ()
1 4 184.30.20.241 ()
2 2 151.101.2.49 ()
1 1 52.59.67.60 ()
2 3.126.56.137 ()
2 2 15.197.193.217 ()
342 52
3    184.72.244.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com
www.123greetings.com
38    67.27.235.124 (United States)

ASN3356 (LEVEL3, US)
c.123g.us
x.123g.us
45    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    54.205.137.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-137-106.compute-1.amazonaws.com
trkn.us
5    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
18    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
5    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
43    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
22    67.27.157.124 (United States)

ASN3356 (LEVEL3, US)
i.123g.us
1    2a02:26f0:1700:785::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.pinterest.com
2    67.27.233.252 (United States)

ASN3356 (LEVEL3, US)
v.123g.us
11    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
16    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
10    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
8    2600:9000:2251:5400:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
cdn1.avantisvideo.com
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
ad.doubleclick.net
7    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:9000:223f:2e00:8:9ed9:9c40:93a1 (United States)

ASN- ()
static.avantisvideo.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
4    2600:9000:223e:a000:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
avm.avantisvideo.com
7    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
2    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    54.186.195.144 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-186-195-144.us-west-2.compute.amazonaws.com
events1.avantisvideo.com
1    2a02:26f0:e300:187::2c79 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
3    2a02:26f0:e300:18e::2c79 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
3    34.195.16.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-16-202.compute-1.amazonaws.com
track1.aniview.com
1    3.217.20.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-20-60.compute-1.amazonaws.com
go1.aniview.com
2    185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    18.208.85.173 (None, )

ASN- ()
sync.aniview.com
1    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
3    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    3.69.225.48 (None, )

ASN- ()
ads.adaptv.advertising.com
1    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
1    23.0.33.234 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-33-234.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
6    2a00:1450:4001:813::200a (None, )

ASN- ()
imasdk.googleapis.com
1    2a00:1450:4001:812::2006 (None, )

ASN- ()
s0.2mdn.net
1    184.30.20.185 (None, )

ASN- ()
acdn.adnxs.com
4    184.30.20.241 (None, )

ASN- ()
js-sec.indexww.com
ssum-sec.casalemedia.com
2    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    52.59.67.60 (None, )

ASN- ()
pixel.advertising.com
2    3.126.56.137 (None, )

ASN- ()
ups.analytics.yahoo.com
2    15.197.193.217 (None, )

ASN- ()
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
90 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
1 MB
62 123g.us
c.123g.us — Cisco Umbrella Rank: 688066
x.123g.us
i.123g.us — Cisco Umbrella Rank: 225890
v.123g.us
1009 KB
30 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
ad.doubleclick.net — Cisco Umbrella Rank: 195
cm.g.doubleclick.net Failed
282 KB
19 google.com
adservice.google.com — Cisco Umbrella Rank: 80
www.google.com — Cisco Umbrella Rank: 13
4 KB
16 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 17061
static.avantisvideo.com — Cisco Umbrella Rank: 17427
cdn1.avantisvideo.com — Cisco Umbrella Rank: 19522
avm.avantisvideo.com — Cisco Umbrella Rank: 17498
events1.avantisvideo.com — Cisco Umbrella Rank: 16483
191 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
pix.eu.criteo.net — Cisco Umbrella Rank: 7730
csm.eu.criteo.net — Cisco Umbrella Rank: 7881
203 KB
12 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
imasdk.googleapis.com
520 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
397 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
192 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 324
204 KB
9 aniview.com
play.aniview.com — Cisco Umbrella Rank: 13640
player.aniview.com — Cisco Umbrella Rank: 2244
track1.aniview.com — Cisco Umbrella Rank: 2186
go1.aniview.com — Cisco Umbrella Rank: 5400
sync.aniview.com
210 KB
7 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
1 KB
6 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 404
ib.adnxs.com — Cisco Umbrella Rank: 241
acdn.adnxs.com
22 KB
5 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 777
2 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
31 KB
4 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 639
273 KB
3 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 461
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com Failed
4 KB
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 13370
ads.eu.criteo.com — Cisco Umbrella Rank: 7925
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10541
51 KB
3 trkn.us
trkn.us — Cisco Umbrella Rank: 2773
3 KB
3 123greetings.com
www.123greetings.com — Cisco Umbrella Rank: 284678
40 KB
2 adsrvr.org
match.adsrvr.org
925 B
2 yahoo.com
ups.analytics.yahoo.com
150 B
2 everesttech.net
sync-tm.everesttech.net
669 B
2 indexww.com
js-sec.indexww.com
2 KB
2 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
603 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
84 KB
1 2mdn.net
s0.2mdn.net
17 KB
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1334
176 B
1 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 816
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
5 KB
1 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 2665
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
36 KB
0 adgrx.com Failed
cm.adgrx.com Failed
0 w55c.net Failed
pm.w55c.net Failed
0 bttrack.com Failed
bttrack.com Failed
0 quantserve.com Failed
pixel.quantserve.com Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
342 38
Domain Requested by
45 pagead2.googlesyndication.com www.123greetings.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
srcdoc
43 tpc.googlesyndication.com googleads.g.doubleclick.net
www.123greetings.com
4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
30 c.123g.us www.123greetings.com
c.123g.us
22 i.123g.us www.123greetings.com
16 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.123greetings.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
11 www.google.com 1 redirects www.123greetings.com
4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
11 www.googletagservices.com googleads.g.doubleclick.net
c.123g.us
securepubads.g.doubleclick.net
4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
8 x.123g.us c.123g.us
8 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
7 static.criteo.net ads.eu.criteo.com
7 fonts.gstatic.com fonts.googleapis.com
7 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
6 cdn.avantisvideo.com securepubads.g.doubleclick.net
cdn.avantisvideo.com
6 fonts.googleapis.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
cdnjs.cloudflare.com
5 partner.googleadservices.com pagead2.googlesyndication.com
5 www.facebook.com connect.facebook.net
www.123greetings.com
4 pix.eu.criteo.net ads.eu.criteo.com
4 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
4 static.xx.fbcdn.net www.facebook.com
4 www.gstatic.com googleads.g.doubleclick.net
3 ib.adnxs.com player.aniview.com
acdn.adnxs.com
3 track1.aniview.com www.123greetings.com
3 player.aniview.com cdn.avantisvideo.com
player.aniview.com
3 trkn.us 1 redirects www.123greetings.com
3 www.123greetings.com c.123g.us
2 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
2 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
2 ups.analytics.yahoo.com
2 sync-tm.everesttech.net 2 redirects
2 js-sec.indexww.com player.aniview.com
ssum-sec.casalemedia.com
2 secure.adnxs.com 2 redirects
2 events1.avantisvideo.com www.123greetings.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 cdn1.avantisvideo.com cdn.avantisvideo.com
2 static.avantisvideo.com cdn.avantisvideo.com
2 ad.doubleclick.net 1 redirects www.123greetings.com
2 4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 v.123g.us www.123greetings.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.123greetings.com
connect.facebook.net
1 pixel.advertising.com 1 redirects
1 acdn.adnxs.com player.aniview.com
1 s0.2mdn.net imasdk.googleapis.com
1 htlb.casalemedia.com player.aniview.com
1 tag.1rx.io player.aniview.com
1 ads.adaptv.advertising.com player.aniview.com
1 ce.lijit.com player.aniview.com
1 sync.aniview.com player.aniview.com
1 go1.aniview.com player.aniview.com
1 play.aniview.com cdn.avantisvideo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com 4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com www.123greetings.com
1 assets.pinterest.com www.123greetings.com
1 www.googletagmanager.com www.123greetings.com
0 cm.adgrx.com Failed ssum-sec.casalemedia.com
0 pm.w55c.net Failed ssum-sec.casalemedia.com
0 bttrack.com Failed ssum-sec.casalemedia.com
0 pixel.quantserve.com Failed ssum-sec.casalemedia.com
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
0 dsum-sec.casalemedia.com Failed ssum-sec.casalemedia.com
0 cm.g.doubleclick.net Failed ssum-sec.casalemedia.com
342 66
Subject Issuer Validity Valid
*.123greetings.com
Go Daddy Secure Certificate Authority - G2		 2020-04-29 -
2022-04-29		 2 years crt.sh
*.123g.us
Go Daddy Secure Certificate Authority - G2		 2021-08-11 -
2022-09-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-28 -
2022-01-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2		 2021-01-19 -
2022-02-20		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.avantisvideo.com
Amazon		 2021-11-24 -
2022-12-22		 a year crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-06		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-25		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh

This page contains 55 frames:

Primary Page: https://www.123greetings.com/send/view/12625721318002229286/r25
Frame ID: 7A7021334EF39E9031D3A1CBCEBD2CEB
Requests: 113 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20190131/zrt_lookup.html
Frame ID: 9175BE19EBCE4359B486B379E3F34D3E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1642577424&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577424450&bpp=3&bdt=358&idt=209&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3187202617341&frm=20&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577425&ga_hid=426916259&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740&oid=2&pvsid=3896086241270521&pem=827&tmod=45&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: 4DD76B9E2F06591110071B1A9B5EA624
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5EA0C5C119F0646228F2E0F0FC7BE5A7
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 310A1CD679BB3CFF3D5B9A5AB88E178A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ECC2621643CD85486013024A1E42FFCE
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df243146a6d4f3c%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1b5c58034d716%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fseasons_greetings%2Fwishes%2Fwarmest_wishes_on_season.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Frame ID: 0C1BB50CD63B6C83B0250CC09B98E1A4
Requests: 4 HTTP requests in this frame

Frame: https://www.123greetings.com/send/fcp_track/343058306a7c617567796c0264766d564a7f6a70277a56/12625721318002229286/summary
Frame ID: 5E6F1290AB263F734809ADB44B804007
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Frame ID: 4BF003B3803D3B1AD2DB19EE485A9AF2
Requests: 1 HTTP requests in this frame

Frame: https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 22A4FB540300AFE7D7DF64A7A4048D04
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7Fj5emRhQqPNIRn-txZwLaobTbP-p-HIotpmbx95W-P50It2JxSWVJnAvZfL3pxf2rGvn1NtzMkKz4VrdKgrLdmG32CVXz7IYNLnz3lbODPewAnYVmy3atB9-dSSPBfPTKDUjh7Pg8bVrsb6wDOzT-liGIb1aOKajuYSRp30uiA_IY0z8wmfF_yqm7cp3DvTMh3EY-etspzUyBC23GlgNE0kyvmx9yPet2PijrLuODspHEtgjlRt_x2obo9GBknmdzbIoRMth0838jYCV5AmGZaqSyEMBx-hcjUprVQ0dhJjF419aYorKG8MRICshyjBX_693I3zRbx0o&sig=Cg0ArKJSzBnDdsNs3fZMEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A73247029B3956D594274052076653BD
Requests: 13 HTTP requests in this frame

Frame: https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A1FB83F31504FE46839E96305073C569
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufDnEczv0JnWcxth-MwXV3YQHBDjQbYvHaS0z7kVeiK3gKKlL02eaY96Q15heCHlkqgtBKfTz_rmSFIaTQHkgVSFLO6Zp0_xDJoFoawPOs9rngVMVDKe19Bq25XKVTM1xx9YCe2kvfIGBMADRofZz81fylg6jZrRarsZLFkdVPUQ-RerrP4krKMQ6WbP33__-7G-OrD8I4UIkU81GrLkNBmjLCFObzdGeJG9wsZh29D3uecl_ulWNnp9oEJThyHuAj9EBjLyj3B9jA5DAT3zeHAmBb-1z3nBfw3fFoIgqjEnRLJPRqulVpg7i8bj5hUG-H3ocdQU4I0r8lOIC5sw&sig=Cg0ArKJSzNhRulfEYoAVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 26D12111C03E932EE70DE9E8900938E5
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Frame ID: 74318B50F8E16D286A0BF6BA538EBE8C
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Frame ID: 72B5F3D979A273126CDFF903F5E68CE7
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3UyqRW3ys9KXmZ1WO0CAR1NOJFmpRDKtdGARMlMvZen_xYPOQqaafA1h1G2Rq3LozKV0-7JQrfTQM9T66Ugd5AjFeg58SGn5-Hd1DKf6dL1zqQgcyyRoNvs549zbnSCvUTvC9fEv37M6_oa0Z6ycc1Hs3X3UgcyrbGPs2TJi9Eeabr5-pJOvzqE7os1Tf_2ws54bbmxiO_wlKk7MkmcBlaaZ-a8YBdnx6De1w42FyZIn7s0bTgKvBgtPI_UKnnYivwTsooc5F8626szFbHarhChqhqBVSWFPe-p8AD41iHS5ivbZ7Ko3ezhnqtaXHKcmnc_eGEl4sI5mlCj0dVcfrbcg&sig=Cg0ArKJSzCllrdjc-gpxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: FD50BFB70E38F58656CC9D2201D3B30D
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfp4FMA9afjDamJ2aQ7BBB929l0WLMlWm7yFf1vbVv3kK3HmgdhFmGqj5Dwpl-50Ctzkx220C5tO2MwI2bHyQHYmo6O32rzA9pt1ADU_CGTvdw38Hl18X-HMDJ1PqQozn99-um2LAQ07zTN-olTPRvSvoBwK56d9F-O5WMQqroHW_vG7KgRLAhWHiX4Ff9VB2AA8Pnpl_1EXjbUCx3qwi0l3U-CSSvve7scl7XPBBSIiYtk6OgLCOFF-MZ2F0GVirGg27uSiQUEAWfZbpBAr_c8sQkuZkiPM9IjUBp9VKtBZCYoaFEij_COitLwOYVJ1D2u10yvfvwgf7KaZ6Dfktv9uc&sig=Cg0ArKJSzLGgGNnkSBVxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E215DEC108DADD96B1E3AA0CC76F6355
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukId8kZNCZlMnZUml8v488RCKSk18ThBUnZhl71JIdzj3eYbYzkyajRY6JusLDHFfFVssTKYb00jee-RXk_DPBXei5mxlrhF6qCxp_Pr_sEsFDpDF7C5JCgJJDqwqT1jM6pOwGuHPzhO-KvAnK2JFZIT4Kj_3vpkphEJzORmXX7_PfBKhMifAytWFRWjZpZsmGNZPfY9aW6f6o-CcsQOQy5TSRXz6B3Nny-p7AAzE5v87z1xRnJutaHFejvlUA2uBt2UjcEi6CgmSX31go6VSnIFLZoOIGU1UtGSz4r64w6BT-NIi_f2ye1bJb2As_6s1KhUEU7G0UfVQO31Q4Gg&sig=Cg0ArKJSzL9rPcanSDQyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C7BF5D03676D0EE034F3A4AFB947AD5B
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Frame ID: DF21522116F5150CD38E6B548A53741E
Requests: 19 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 30B56E8F398643544BF87C47574A5A17
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
Frame ID: 8B744DBD5E4A534ABFCA7C5FA518AD14
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031645&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427659&bpp=12&bdt=157&idt=218&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=961455891&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1664&biw=1600&bih=1200&isw=728&ish=90&ifk=2957823516&scr_x=0&scr_y=0&eid=44753740&oid=2&pvsid=3511165836253204&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4yjg6hq5u64i&btvi=1&fsb=1&dtd=231
Frame ID: DF79A7FB73A935B6F379D4C749AE26B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Frame ID: 8D4DF1B43F64608AA8823E4A0A7C85DE
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Frame ID: 909E22D01A4F94600A7B5100B41290B2
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Frame ID: 02E7F6B61C00E8E52CF5D0D302203998
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Frame ID: 61AC330CFB388B6EBE8806A00C85514A
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 939D8D66225C2F9A341FDAF474F30EE7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 686F5811956F6C89C767E5F4BD4FD6E9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3F731CF6CE8C75E8A45C1E6817C85DCD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EFF600A864EA89750627A0E8AD5B254F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08B0CEFC65B1270F155B9AD805B0C0C4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3937B604FC5FD636B0E6C045260A129E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE3FA5803F3266841FA51B9F560FAC67
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Frame ID: 984526CE0268DC022C354D2EA4A208D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D2DD4BBC1FBCE128B2C57CAC50721AED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41C160DC71A3492C8401771A7877A358
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: 01EAC2002FFDAF23A60E04A0375DF66D
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc8f28eaec6578%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1b5c58034d716%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fseasons_greetings%2Fwishes%2Fwarmest_wishes_on_season.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Frame ID: 11A5A05960830D51091B07421144810F
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1642577429653-918497249424-005525-002-000922&biddername=55&key=3315064801658763602
Frame ID: 6AE6A54298545F228287EC606AE7A2DB
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=364161&3pid=1642577429653-918497249424-005525-002-000922&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642577429653-918497249424-005525-002-000922%26biddername%3D18%26key%3D%5BSOVRNID%5D
Frame ID: 6FD48A1D21DAB693828AC34E2CC8DAE4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F8F3A1A3AFBB2D975DBE9215C547427
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC46ECADC98179DB21049E98A8977B77
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 80AF9FE45846F92585C0A0ECC6556F40
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: D82C5E8A146EA4FFBF774BB74A275191
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: 5D398D716CE063087BBB7F82EA8F546D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: E42F942DE36F0CB1EA95B6615C700B2D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Frame ID: FAA720EDAA86B19762689D0C382EFF37
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2FB4D6DDBFB3C0B0C6534B0B502DD3F2
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2C40645370E7814D83D1A837BBFDF23B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E55D27A6BF45C6D55C4470378B759FA7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4F845F75DA336AE9D103188A82BFB856
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FD529EE69E0C3096D3CDC42EECB8D478
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4BB82ECA8A6E122B1A2CD58B1BA06C75
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F5B99F21BAF20B4EFA2ADB462A183C6E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: C036B43057F3EDA8E11E867C6E0FA492
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A Greeting card for Jos and Griet from Beverly

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

342
Requests

96 %
HTTPS

51 %
IPv6

38
Domains

66
Subdomains

52
IPs

6
Countries

5140 kB
Transfer

15525 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1866068004.0458288&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&dvis=visible HTTP 302
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1866068004.0458288&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&dvis=visible&ip=185.213.155.162&cuidchk=1
Request Chain 64
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 110
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323562368;dc_trk_aid=515909901;dc_trk_cid=163309495;ord=2478435641;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness) HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323562368;dc_pre=CODj3eClvfUCFYpc5Qodj_0GrA;dc_trk_aid=515909901;dc_trk_cid=163309495;ord=2478435641;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Request Chain 313
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642577429653-918497249424-005525-002-000922%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1642577429653-918497249424-005525-002-000922%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1642577429653-918497249424-005525-002-000922&biddername=55&key=3315064801658763602
Request Chain 343
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=Yee_FgAGsd-y3wAF HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=Yee_FgAGsd-y3wAF&_origin=0&gdpr=0&gdpr_consent=&_test=Yee_FgAGsd-y3wAF HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=Yee_FgAGsd-y3wAF&_origin=0&gdpr=0&gdpr_consent=&_test=Yee_FgAGsd-y3wAF&apid=UPae352192-78f9-11ec-b336-06608ab9860a
Request Chain 344
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=e2659c32-27f2-4cfe-8b7f-cab832ee0279&_origin=1&gdpr=1&gdpr_consent=
Request Chain 345
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPae352192-78f9-11ec-b336-06608ab9860a HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPae352192-78f9-11ec-b336-06608ab9860a&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBhZTM1MjE5Mi03OGY5LTExZWMtYjMzNi0wNjYwOGFiOTg2MGE%3D
Request Chain 352
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

342 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request r25
www.123greetings.com/send/view/12625721318002229286/ 		34 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
41f99c5f26f5c73f5b6ebe1d407d71a68e40aa6ddc4888f3b2ac97cb4dccb2b6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jan 2022 07:30:21 GMT
Server
Apache/2.2.15 (CentOS)
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Connection
Close
fcp_R1.css
c.123g.us/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/fcp_R1.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ae36a06a38cf0dc7ff3f85990fc45bd5983fda8517494345df59733bf20e2f08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 23 Dec 2021 07:50:37 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2021 11:38:41 GMT
Server
Apache/2.2.15 (CentOS)
Age
2331587
ETag
"24866-3a14-5c36251415240"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3714
jake_test
Test_Pass
jquery.js
c.123g.us/js2/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 11:51:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
416349
ETag
"16f3a-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33449
jake_test
Test_Pass
Expires
Sat, 15 Jan 2022 17:19:31 GMT
swfobject.js
c.123g.us/js2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/swfobject.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 08:49:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1377673
ETag
"261f-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3868
jake_test
Test_Pass
Expires
Mon, 03 Jan 2022 09:04:11 GMT
123g_utils_v1.js
c.123g.us/js2/ 		123 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_utils_v1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 30 Dec 2021 08:47:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 12:51:14 GMT
Server
Apache/2.2.15 (CentOS)
Age
1723356
ETag
"1ed3a-5c3f0259a7480"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30667
jake_test
Test_Pass
Expires
Thu, 30 Dec 2021 09:02:48 GMT
utilsopt.js
c.123g.us/js2/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/utilsopt.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 02 Jan 2022 14:35:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 10:41:25 GMT
Server
Footprint Distributor V6.1.1162
Age
1443297
ETag
"57b2-5b3459efc3f40"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6801
jake_test
Test_Pass
Expires
Fri, 14 Jan 2022 08:43:51 GMT
123g_static.js
c.123g.us/js2/ 		138 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_static.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
42f9e1454594114ac69809f4d5e48510936150a2384c892228e8685a468bdc82

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 28 Dec 2021 08:48:43 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jun 2021 07:23:19 GMT
Server
Apache/2.2.15 (CentOS)
Age
1896101
ETag
"2c3d6-226b7-5c4f114d1a7c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25258
jake_test
Test_Pass
jquery.blockUI.js
c.123g.us/js2/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.blockUI.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 03:38:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
532343
ETag
"1fe9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3052
jake_test
Test_Pass
Expires
Sun, 16 Jan 2022 07:31:22 GMT
rakpanel.js
c.123g.us/js2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/rakpanel.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 07:04:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Aug 2018 13:50:01 GMT
Server
Footprint Distributor V6.1.1162
Age
865580
ETag
"d4c-57300e747f440"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1626
jake_test
Test_Pass
Expires
Sun, 09 Jan 2022 07:19:06 GMT
addressbook.js
c.123g.us/js2/ 		401 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/addressbook.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82bd02cee2c77b75a28a94f51c1163035315c09ef8eafe6fa5f79f35b97424e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 22:24:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 31 Aug 2021 08:44:30 GMT
Server
Apache/2.2.15 (CentOS)
Age
464746
ETag
"6427b-5cad6f5405780"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77386
jake_test
Test_Pass
Expires
Fri, 14 Jan 2022 12:06:16 GMT
date.js
c.123g.us/js2/calendar/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/calendar/date.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 10:20:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
1026570
ETag
"2c3fe-afa-54a227da71a40"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
974
jake_test
Test_Pass
jquery.datePicker.js
c.123g.us/js2/calendar/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/calendar/jquery.datePicker.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 25 Dec 2021 21:54:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2108159
ETag
"3d65-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4593
jake_test
Test_Pass
Expires
Sat, 25 Dec 2021 22:09:25 GMT
jquery.ajax_autocomplete.js
c.123g.us/js2/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 08:26:24 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 12:46:24 GMT
Server
Apache/2.2.15 (CentOS)
Age
1292640
ETag
"4ec6-5cbdfda4a4800"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6384
jake_test
Test_Pass
Expires
Tue, 04 Jan 2022 08:41:24 GMT
jquery.bxslider_new.js
c.123g.us/js2/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.bxslider_new.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 09:28:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
856899
ETag
"50ba-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5210
jake_test
Test_Pass
Expires
Sun, 09 Jan 2022 09:43:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde9b4ba3eae8432f78755a9384858151ba7664bad3fd0f781fc78ca906e5438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52001
x-xss-protection
0
server
cafe
etag
2314050558545122398
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:24 GMT
styleopt_R1.css
c.123g.us/css/ 		80 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/styleopt_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 05 Jan 2022 10:23:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2021 11:38:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1199233
ETag
"13f87-5c3625216f1c0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16152
jake_test
Test_Pass
Expires
Wed, 05 Jan 2022 10:38:11 GMT
modal_window_R1.css
c.123g.us/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/modal_window_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 30 Dec 2021 14:45:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 09:39:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
1701895
ETag
"8220-5a7b79d367980"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6727
jake_test
Test_Pass
Expires
Thu, 30 Dec 2021 15:00:29 GMT
print_card_R1.css
c.123g.us/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/print_card_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 05:52:54 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jul 2018 11:23:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
783450
ETag
"af1-571586732da80"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
807
jake_test
Test_Pass
Expires
Sun, 16 Jan 2022 06:12:42 GMT
ajax-fileuploader.gif
c.123g.us/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/ajax-fileuploader.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 16 Jan 2022 15:04:02 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
231982
ETag
"2a43-54da7c7a66000"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10819
jake_test
Test_Pass
Expires
Sun, 16 Jan 2022 15:19:02 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96378daf42904c9714d60928ed7cdbabd70c0c219a352a8bd268782d67325133
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SvjIsKo9MaYADUTxeu++BA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
W3DAGQwfmtRBCjbFy0n2ZdKLAiDQz921UdL5sJ3Gnd9FBUjzv0mSX+7lSUFNtGhMKWQDBfj4siu/j2ZJ/KjLjg==
x-fb-trip-id
917726464
x-fb-content-md5
0cb7ca54b5527d4a3e6665e77886bba9
x-frame-options
DENY
date
Wed, 19 Jan 2022 07:30:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e6d3761fc6d5c1a898fe1f8debec6808"
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:39:31 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3076315-1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0458cac31340b2af62029e777d002d2274bf1c77af66477faf88d0ebf9254d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36501
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Jan 2022 07:30:24 GMT
123g_master_bg.png
c.123g.us/images/ 		145 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/123g_master_bg.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 01 Jan 2022 06:44:36 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
1557948
ETag
"9d001-91-54a227b81c940"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145
jake_test
Test_Pass
master_img_menu.png
c.123g.us/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 18 Jan 2022 12:08:46 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
69698
ETag
"1861-54da7c7b5a240"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
Expires
Tue, 18 Jan 2022 12:23:47 GMT
icon_set_R1.png
c.123g.us/images/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 11:18:32 GMT
Last-Modified
Mon, 18 Nov 2019 12:30:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
850312
ETag
"9d05a-230cb-5979e1b2b4200"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143563
jake_test
Test_Pass
big_img_sprite.png
c.123g.us/images/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 20 Dec 2021 13:59:20 GMT
Last-Modified
Wed, 11 Sep 2019 08:41:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
2568664
ETag
"21653-59242fbe2e0c0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
Expires
Mon, 20 Dec 2021 14:14:20 GMT
master_icon_set_2.png
c.123g.us/images/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 06:55:45 GMT
Last-Modified
Tue, 04 Jan 2022 06:54:24 GMT
Server
Apache/2.2.15 (CentOS)
Age
1298079
ETag
"9cbe1-15fce-5d4bc1b820800"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90062
jake_test
Test_Pass
sdk.js
connect.facebook.net/en_US/ 		290 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0982d0b9e56028862da572646d0bdb17
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3871f25eed1fca463e93e7ec415f3d0261d2bbd775e2fa277dcebb42d057671c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.123greetings.com/
Origin
https://www.123greetings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
JzYzds/94R3s/mmZLaeTew==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
83469
x-fb-rlafr
0
x-fb-debug
DuVq8p6V2Lux66G8vjl5O4Sr1yvO3RJL1z9NhNRdZjLYXXeWbxmri6o/R3eond7CRfFQWiU5dWQsQrF3bWpDNA==
x-fb-content-md5
291888e693e8006861c4d99771771d42
x-frame-options
DENY
date
Wed, 19 Jan 2022 07:30:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"cf15c8ef166c29e666dc2756677f795e"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 19 Jan 2023 06:48:56 GMT
request.js
trkn.us/info/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1866068004.0458288
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.137.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-137-106.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4a93a248fbb0020232b9e6832021c2fc5a8fb494b258182bc77ed4109620fd5a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 07:30:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
732
Expires
Sun, 01 Jan 2014 00:00:00 GMT
connect_config.js
c.123g.us/js2/ 		201 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 30 Dec 2021 14:11:14 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1703950
ETag
"2c454-c9-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
jake_test
Test_Pass
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=6268317308&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0982d0b9e56028862da572646d0bdb17
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
IWSxT+evM3pk+IbJMaaG2olLyYxnFJqurSSiMyMSQydpx1QPdlWTQUpTvljqxj2dzJytmbsX+FCcD8CAWuuBGw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Wed, 19 Jan 2022 07:30:24 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3076315-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1758
date
Wed, 19 Jan 2022 07:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 19 Jan 2022 09:01:06 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef979ae41636bb1112445e7c404cc3a34ccf4b32e7b9b556d6bdc7f464009d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104506
x-xss-protection
0
server
cafe
etag
5387996186767430246
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220113/r20190131/ Frame 9175 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220113/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Tue, 18 Jan 2022 18:50:39 GMT
expires
Tue, 01 Feb 2022 18:50:39 GMT
cache-control
public, max-age=1209600
age
45585
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		220 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4adcc15753ff8901c2b9545b2243c482e74bb4a3680ca97b21fca4b0e23c64f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4DD7 		153 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1642577424&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577424450&bpp=3&bdt=358&idt=209&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3187202617341&frm=20&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577425&ga_hid=426916259&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753740&oid=2&pvsid=3896086241270521&pem=827&tmod=45&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68c52ed14a891a2b39e90f6a6f17a204c548012e64eb693451942b76a69ec00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 Jan 2022 07:30:25 GMT
server
cafe
content-length
42829
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 Jan 2022 07:30:25 GMT
cache-control
private
/
trkn.us/info/
Redirect Chain
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1866068004.0458288&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&dvis=visible
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1866068004.0458288&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&dvis=visible&ip=185.213.155.1...
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1866068004.0458288&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&dvis=visible&ip=185.213.155.162&cuidchk=1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Server
54.205.137.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-137-106.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 07:30:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Wed, 19 Jan 2022 07:30:24 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1866068004.0458288&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&dvis=visible&ip=185.213.155.162&cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=426916259&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1723179927&gjid=1817619670&cid=1791891534.1642577425&tid=UA-3076315-1&_gid=1874489788.1642577425&_r=1&gtm=2ou1c0&z=365501030
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74f13681845f836d18c360c4d2f885f560c72efc93122154df4e134ec24a6e0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54129
x-xss-protection
0
server
cafe
etag
7701536245582360513
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:25 GMT
331849_details.js
x.123g.us/json/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/331849_details.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7cbb28d68036f8527b38d1597c8172789ffeeee4d6cdee3f0c6345b842a6ee68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:30:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 Jan 2022 07:57:58 GMT
Server
Apache/2.2.15 (CentOS)
Age
0
ETag
"7c3-5d5d6a09e4d80"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
754
jake_test
Test_Pass
Expires
Wed, 19 Jan 2022 07:45:25 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/ Frame 5EA0 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4885
x-xss-protection
0
date
Tue, 18 Jan 2022 19:52:09 GMT
expires
Tue, 01 Feb 2022 19:52:09 GMT
cache-control
public, max-age=1209600
age
41896
etag
13671712056976469594
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame 5EA0 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 06:25:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 07:30:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 07:30:25 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5EA0 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 03:16:23 GMT
x-content-type-options
nosniff
age
15242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 19 Jan 2023 03:16:23 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5EA0 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 17:02:52 GMT
x-content-type-options
nosniff
age
138453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 17 Jan 2023 17:02:52 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/elements/html/ Frame 5EA0 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:21:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
515
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8104
x-xss-protection
0
server
cafe
etag
11153116566150069083
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:21:50 GMT
css
fonts.googleapis.com/ Frame 310A 		8 KB
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 06:29:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 07:30:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 07:30:25 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 310A 		1 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:14:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
964
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:14:21 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame 310A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:15:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 310A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:27:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 310A 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 310A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
181
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:27:24 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame 310A 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 19:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 18:31:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 19:13:52 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame ECC2 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Wed, 19 Jan 2022 07:04:56 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
1529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
menu.js
x.123g.us/json/ 		70 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/menu.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0b72b40d1f0732b188a3f536854c57ca8460312086725a227a2869153d1b0e18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:21:47 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jan 2022 06:06:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
518
ETag
"1167e-5d5e92f95dc80"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13054
jake_test
Test_Pass
Expires
Wed, 19 Jan 2022 07:36:48 GMT
331849_pc.jpg
i.123g.us/c/ejan_seasonsgreetings_wishes/pc/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_seasonsgreetings_wishes/pc/331849_pc.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d710994daead7ca6c8619139d55ffd246d8cc6e90994cbe52ad65903c7e277d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 17:06:16 GMT
Last-Modified
Tue, 05 Dec 2017 07:13:12 GMT
Server
Apache/2.2.15 (CentOS)
Age
1261450
ETag
"e32a-55f929159d200"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58154
jake_test
Test_Pass
Expires
Thu, 06 Jan 2022 09:58:12 GMT
play-button.png
c.123g.us/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/play-button.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 12:28:34 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
1796511
ETag
"afd-54da7c7a66000"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2813
jake_test
Test_Pass
Expires
Mon, 03 Jan 2022 05:34:30 GMT
331849_bg.jpg
i.123g.us/c/ejan_seasonsgreetings_wishes/bg/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_seasonsgreetings_wishes/bg/331849_bg.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d1a70d3d0a0be27194afd9b941c1a644db2a1acfc6754ab69f85150aa428f75b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 12:03:18 GMT
Last-Modified
Tue, 05 Dec 2017 07:12:52 GMT
Server
Apache/2.2.15 (CentOS)
Age
847628
ETag
"e87-55f929028a500"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3719
jake_test
Test_Pass
Expires
Mon, 10 Jan 2022 08:59:34 GMT
like.php
www.facebook.com/v2.0/plugins/ Frame 0C1B 		48 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df243146a6d4f3c%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1b5c58034d716%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fseasons_greetings%2Fwishes%2Fwarmest_wishes_on_season.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0982d0b9e56028862da572646d0bdb17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
351195aeda319fcc0796c0aff345990ada8d7e925c7d524d0855bc7c84245bb5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v5.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
Up3xIhy54ZM29LndA2kJY0KnEz+E69qTKHdn+JkNvPR6HcZjuTClZg97gNqu1wP7fRKiT4zurehec8I/4TyDFw==
date
Wed, 19 Jan 2022 07:30:26 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
PinExt.png
assets.pinterest.com/images/ 		936 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pinterest.com/images/PinExt.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:785::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn
akamai
etag
"61ed0472dfcbfaf25e7585f119adf76a"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=54693
accept-ranges
bytes
content-length
936
access-control-expose-headers
X-CDN
331849.mp4
v.123g.us/vod/ejan_seasonsgreetings_wishes/ 		176 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://v.123g.us/vod/ejan_seasonsgreetings_wishes/331849.mp4
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 19 Jan 2022 07:07:58 GMT
Last-Modified
Tue, 05 Dec 2017 07:24:18 GMT
Server
Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age
1347
ETag
"1a8971-55f92b919fe23"
Vary
Accept-Encoding
Content-Type
video/mp4
Content-Range
bytes 0-1739120/1739121
Connection
keep-alive
Content-Length
1739121
331849.mp4
v.123g.us/vod/ejan_seasonsgreetings_wishes/ 		16 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://v.123g.us/vod/ejan_seasonsgreetings_wishes/331849.mp4
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 19 Jan 2022 07:07:58 GMT
Last-Modified
Tue, 05 Dec 2017 07:24:18 GMT
Server
Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age
1347
ETag
"1a8971-55f92b919fe23"
Vary
Accept-Encoding
Content-Type
video/mp4
Content-Range
bytes 0-1739120/1739121
Connection
keep-alive
Content-Length
1739121
si
googleads.g.doubleclick.net/pagead/drt/ Frame ECC2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220113/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 19 Jan 2022 07:30:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 19 Jan 2022 07:30:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 19 Jan 2022 07:30:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tagclouds_cards.js
x.123g.us/json/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/tagclouds_cards.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
668cd3b7df924975bfb814bd9509dd46c8c71229dd355aa1f8400619113cbf30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:19:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jan 2022 07:01:38 GMT
Server
Apache/2.2.15 (CentOS)
Age
647
ETag
"b20-5d5e9f4fef880"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
680
jake_test
Test_Pass
Expires
Wed, 19 Jan 2022 07:35:51 GMT
check_js_file.pl
www.123greetings.com/usr-bin/ 		19 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/usr-bin/check_js_file.pl?card_number=331849
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9eafbefd63a1ee491d2ee994ce417069d5af55407804d07ecf6758421d3d2d02
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.123greetings.com/send/view/12625721318002229286/r25
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:30:26 GMT
Server
Apache/2.2.15 (CentOS)
Connection
Close
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Content-Type
text/html; charset=UTF-8
summary
www.123greetings.com/send/fcp_track/343058306a7c617567796c0264766d564a7f6a70277a56/12625721318002229286/ Frame 5E6F 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/send/fcp_track/343058306a7c617567796c0264766d564a7f6a70277a56/12625721318002229286/summary
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/send/view/12625721318002229286/r25

Response headers

Cache-control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Wed, 19 Jan 2022 07:30:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Connection
Close
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9062cd4533343cfe31799c6daecb681a1072c054e403583630f03aba259b16cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26955
x-xss-protection
0
server
sffe
etag
"1106 / 302 of 1000 / last-modified: 1642547120"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Jan 2022 07:30:26 GMT
pubads_impl_2022011407.js
securepubads.g.doubleclick.net/gpt/ 		353 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
d4eb56f7f70a139f9e682f6dd317862b06238c31c02aeec7db56ec3b0f1b0ea3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 23:50:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121425
x-xss-protection
0
last-modified
Sat, 15 Jan 2022 00:13:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Jan 2023 23:50:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		432 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
fcb6420efeaa308b7c5433d85abfe58dd4a6fb159f5e4cfb3da1c83a310a4abe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
expires
Wed, 19 Jan 2022 07:30:26 GMT
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 0C1B 		400 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df243146a6d4f3c%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1b5c58034d716%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fseasons_greetings%2Fwishes%2Fwarmest_wishes_on_season.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:26 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
400
x-fb-rlafr
0
x-fb-debug
QhUVMw73ZdIgnpwuyW0J3VGXgTRCexykk+AdFrWWktTXT+cx116oXmXIr8iEOVXDFjcMVxaYinc1uT7cHn2c8w==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Jan 2023 00:25:51 GMT
1jFFo6R_tol.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yd/l/en_US/ Frame 0C1B 		518 KB
136 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yd/l/en_US/1jFFo6R_tol.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df243146a6d4f3c%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1b5c58034d716%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fseasons_greetings%2Fwishes%2Fwarmest_wishes_on_season.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14253a4fbb7ac2a582e69e9ab5587dce3300024a1427b98cdaeee6104323898e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ACkikymBeYoadHwKTfqKJA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
138512
x-fb-rlafr
0
x-fb-debug
KB7IlDYuc3KTiSq9k3QTnRSlqQyd/eNxMVUT1LmQ5zPaFfI8Hc4cIZV9bbTQEgoPOhcE8z6lOcvPYvLOmtb6bQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 18 Jan 2023 18:18:39 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 0C1B 		67 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1642577426146&t_start=1642577426146&t_domcontent=1642577426150&t_layout=1642577426190&t_onload=1642577426190&t_paint=1642577426190&t_creport=1642577426191&t_tti=1642577426150&lid=7054816327039092847-0
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df243146a6d4f3c%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1b5c58034d716%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fseasons_greetings%2Fwishes%2Fwarmest_wishes_on_season.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
NElmdZkASbsrQxAxVxoy8XnnckcNCGrpawgMA/67Sgb0aw/S3YraQY3p4gbwTnwWFGpw7ro3M28fAQYW4i9I/Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 19 Jan 2022 07:30:26 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame 4BF0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:11 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		211 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3896086241270521&correlator=1682512232917584&output=ldjh&impl=fifs&eid=31064138&vrg=2022011407&ptt=17&sc=1&sfv=1-0-38&ecs=20220119&iu_parts=46400095%2CDesktopWeb_Finalcard_LB%2CDesktopWeb_Finalcard_Sky%2CDesktopWeb_Finalcard_LowerLB%2CDesktopWeb_Finalcard_Preroll%2CDesktopWeb_Finalcard_FCPLarge1%2CDesktopWeb_Finalcard_FCPLarge2%2CDesktopWeb_Finalcard_FCPLarge3%2CDesktopWeb_Finalcard_Video&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=728x90%2C160x600%2C970x90%7C728x90%7C970x250%2C300x250%7C336x280%7C360x300%2C300x250%2C300x250%2C300x250%2C1x1&cust_params=site%3D123greetings.com%26section%3Dejan_seasonsgreetings_wishes%26page%3Dfinalcard&cookie=ID%3D23c11256663646c0-227e7a1422cd0014%3AT%3D1642577424%3ART%3D1642577424%3AS%3DALNI_MYhUhZHhaTFx_YFolAwvz85PBTYJg&bc=31&abxe=1&lmt=1642577426&dt=1642577426363&dlt=1642577424093&idt=2246&frm=20&biw=1600&bih=1200&oid=2&adxs=560%2C1114%2C310%2C410%2C332%2C650%2C968%2C0&adys=47%2C236%2C1664%2C536%2C1096%2C1096%2C1096%2C1858&adks=3337616149%2C1542450727%2C4029745640%2C3714999025%2C3462125275%2C1838853332%2C2455301282%2C2411661447&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&vis=1&scr_x=0&scr_y=0&psz=980x90%7C172x612%7C980x37%7C470x66%7C980x300%7C980x300%7C980x300%7C1600x1837&msz=728x90%7C160x600%7C980x0%7C470x20%7C314x264%7C314x264%7C314x264%7C1600x0&ga_vid=1791891534.1642577425&ga_sid=1642577425&ga_hid=426916259&ga_fc=true&fws=4%2C4%2C0%2C0%2C0%2C0%2C0%2C0&ohw=728%2C160%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0%7C0%7C0%7C0%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e533a3f0c66862b5ee15920786e98cc5de7565a7bb988c6385acc5bc70b3392f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29682
x-xss-protection
0
google-lineitem-id
5075419110,-1,237051975,-1,-1,5339838610,5339866447,5501288042
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271367694,-1,99278302815,-1,-1,138308197669,138307796510,138326033967
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 22A4 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 19 Jan 2022 07:30:26 GMT
expires
Thu, 19 Jan 2023 07:30:26 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame A732 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7Fj5emRhQqPNIRn-txZwLaobTbP-p-HIotpmbx95W-P50It2JxSWVJnAvZfL3pxf2rGvn1NtzMkKz4VrdKgrLdmG32CVXz7IYNLnz3lbODPewAnYVmy3atB9-dSSPBfPTKDUjh7Pg8bVrsb6wDOzT-liGIb1aOKajuYSRp30uiA_IY0z8wmfF_yqm7cp3DvTMh3EY-etspzUyBC23GlgNE0kyvmx9yPet2PijrLuODspHEtgjlRt_x2obo9GBknmdzbIoRMth0838jYCV5AmGZaqSyEMBx-hcjUprVQ0dhJjF419aYorKG8MRICshyjBX_693I3zRbx0o&sig=Cg0ArKJSzBnDdsNs3fZMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame A732 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
578bd7cdca280e0bcfd6d869ae001f3eee41ccc538655793607f9d26daf40b42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39643
x-xss-protection
0
server
cafe
etag
14170326510820133946
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A732 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:27 GMT
container.html
4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A1FB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 07:30:26 GMT
expires
Thu, 19 Jan 2023 07:30:26 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 26D1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufDnEczv0JnWcxth-MwXV3YQHBDjQbYvHaS0z7kVeiK3gKKlL02eaY96Q15heCHlkqgtBKfTz_rmSFIaTQHkgVSFLO6Zp0_xDJoFoawPOs9rngVMVDKe19Bq25XKVTM1xx9YCe2kvfIGBMADRofZz81fylg6jZrRarsZLFkdVPUQ-RerrP4krKMQ6WbP33__-7G-OrD8I4UIkU81GrLkNBmjLCFObzdGeJG9wsZh29D3uecl_ulWNnp9oEJThyHuAj9EBjLyj3B9jA5DAT3zeHAmBb-1z3nBfw3fFoIgqjEnRLJPRqulVpg7i8bj5hUG-H3ocdQU4I0r8lOIC5sw&sig=Cg0ArKJSzNhRulfEYoAVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 26D1 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c79cf644e562ab7e3864667eccd108b88625486a76e71c208be8b7d5fee028d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39638
x-xss-protection
0
server
cafe
etag
4622368108625865313
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 26D1 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:27 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111152338000/ Frame 7431 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55581
x-xss-protection
0
server
sffe
date
Sun, 16 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8559bae154d80579"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 16 Jan 2023 10:57:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 7431 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4994
x-xss-protection
0
server
sffe
date
Sun, 16 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b314c3eb801664ba"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 16 Jan 2023 10:57:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 7431 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28443
x-xss-protection
0
server
sffe
date
Sun, 16 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"976e6f5df80f4e35"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 16 Jan 2023 10:57:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 7431 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1727
x-xss-protection
0
server
sffe
date
Sun, 16 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"423ab13fb6ff63c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 16 Jan 2023 10:57:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 7431 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12843
x-xss-protection
0
server
sffe
date
Sun, 16 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08cf721d9e54e414"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 16 Jan 2023 10:57:33 GMT
css
fonts.googleapis.com/ Frame 7431 		4 KB
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 07:16:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 07:30:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 07:30:27 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012111152338000/ Frame 72B5 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55581
x-xss-protection
0
server
sffe
date
Sun, 16 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8559bae154d80579"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 16 Jan 2023 10:57:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 72B5 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4994
x-xss-protection
0
server
sffe
date
Sun, 16 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b314c3eb801664ba"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 16 Jan 2023 10:57:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 72B5 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28443
x-xss-protection
0
server
sffe
date
Sun, 16 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"976e6f5df80f4e35"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 16 Jan 2023 10:57:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 72B5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1727
x-xss-protection
0
server
sffe
date
Sun, 16 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"423ab13fb6ff63c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 16 Jan 2023 10:57:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012111152338000/v0/ Frame 72B5 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012111152338000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
246774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12843
x-xss-protection
0
server
sffe
date
Sun, 16 Jan 2022 10:57:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"08cf721d9e54e414"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 16 Jan 2023 10:57:33 GMT
css
fonts.googleapis.com/ Frame 72B5 		6 KB
670 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 06:33:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 07:30:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 07:30:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FD50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3UyqRW3ys9KXmZ1WO0CAR1NOJFmpRDKtdGARMlMvZen_xYPOQqaafA1h1G2Rq3LozKV0-7JQrfTQM9T66Ugd5AjFeg58SGn5-Hd1DKf6dL1zqQgcyyRoNvs549zbnSCvUTvC9fEv37M6_oa0Z6ycc1Hs3X3UgcyrbGPs2TJi9Eeabr5-pJOvzqE7os1Tf_2ws54bbmxiO_wlKk7MkmcBlaaZ-a8YBdnx6De1w42FyZIn7s0bTgKvBgtPI_UKnnYivwTsooc5F8626szFbHarhChqhqBVSWFPe-p8AD41iHS5ivbZ7Ko3ezhnqtaXHKcmnc_eGEl4sI5mlCj0dVcfrbcg&sig=Cg0ArKJSzCllrdjc-gpxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FD50 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
64d4dd6a3fe50413d80f98d5c2aa5a6eb55cbc6c22346cd69d03caa9ec512d32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52008
x-xss-protection
0
server
cafe
etag
5562494018977298905
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD50 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E215 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfp4FMA9afjDamJ2aQ7BBB929l0WLMlWm7yFf1vbVv3kK3HmgdhFmGqj5Dwpl-50Ctzkx220C5tO2MwI2bHyQHYmo6O32rzA9pt1ADU_CGTvdw38Hl18X-HMDJ1PqQozn99-um2LAQ07zTN-olTPRvSvoBwK56d9F-O5WMQqroHW_vG7KgRLAhWHiX4Ff9VB2AA8Pnpl_1EXjbUCx3qwi0l3U-CSSvve7scl7XPBBSIiYtk6OgLCOFF-MZ2F0GVirGg27uSiQUEAWfZbpBAr_c8sQkuZkiPM9IjUBp9VKtBZCYoaFEij_COitLwOYVJ1D2u10yvfvwgf7KaZ6Dfktv9uc&sig=Cg0ArKJSzLGgGNnkSBVxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame E215 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c774f99b409837d0c3e9e027fa0f52dbaa28ef0eca068bdf85375229db686023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52002
x-xss-protection
0
server
cafe
etag
16134212844901951892
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E215 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C7BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukId8kZNCZlMnZUml8v488RCKSk18ThBUnZhl71JIdzj3eYbYzkyajRY6JusLDHFfFVssTKYb00jee-RXk_DPBXei5mxlrhF6qCxp_Pr_sEsFDpDF7C5JCgJJDqwqT1jM6pOwGuHPzhO-KvAnK2JFZIT4Kj_3vpkphEJzORmXX7_PfBKhMifAytWFRWjZpZsmGNZPfY9aW6f6o-CcsQOQy5TSRXz6B3Nny-p7AAzE5v87z1xRnJutaHFejvlUA2uBt2UjcEi6CgmSX31go6VSnIFLZoOIGU1UtGSz4r64w6BT-NIi_f2ye1bJb2As_6s1KhUEU7G0UfVQO31Q4Gg&sig=Cg0ArKJSzL9rPcanSDQyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame C7BF 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding
gzip
last-modified
Tue, 20 Apr 2021 09:58:31 GMT
server
AmazonS3
age
11402
etag
W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
date
Wed, 19 Jan 2022 04:20:25 GMT
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
7pFkYmvVbnQyAZIszvj_wevFT59umtZs91bUhhM9JdtZGPFgqjAAxg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C7BF 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011407.js?31064138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:27 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7431 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
78529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 19 Jan 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7431 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
77842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Jan 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 7431 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0SaQ9peuV0zpyu4Pqob5ffbYOtAISb-uCQS4jUYpz0D-8YDNtaQddgHMAZUcgeENTqsuE
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
B26966257.323562368;dc_pre=CODj3eClvfUCFYpc5Qodj_0GrA;dc_trk_aid=515909901;dc_trk_cid=163309495;ord=2478435641;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=
ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/ Frame 7431
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323562368;dc_trk_aid=515909901;dc_trk_cid=163309495;ord=2478435641;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
  • https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323562368;dc_pre=CODj3eClvfUCFYpc5Qodj_0GrA;dc_trk_aid=515909901;dc_trk_cid=163309495;ord=2478435641;dc_lat=;dc_rd...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323562368;dc_pre=CODj3eClvfUCFYpc5Qodj_0GrA;dc_trk_aid=515909901;dc_trk_cid=163309495;ord=2478435641;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B26966257.323562368;dc_pre=CODj3eClvfUCFYpc5Qodj_0GrA;dc_trk_aid=515909901;dc_trk_cid=163309495;ord=2478435641;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7431 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCMkEEr7nYaf2HYy6x_APvPemsA_QucDyZ--sq7GbD-iqtpWLAxABIJyKsjBgleKQgqAHoAHc36GTA8gBCeACAKgDAcgDCqoE_wFP0JkvTHmH8ZdRu_90UnOWqopGNUDjjqdAuWa2-5U7kERdIrZN9ZD-AeU9uROLTe6YOCFlouRMnXe0S15dPdYgSvevpw_GhXXysB5xx9MDamFwxGB6dkjcNAZktf0nt7Hf8pUCu2HHxvXJ7muliNPIgW3PZpfVPtEfo1ltHetdIgUjrjFybGCAMxfwtMAG4dg1Infiilcqg_G0xGgF7gwq5uXqSc3IXPl4ybtrQ9A7UA_PQYmPk7TNYsOL8izoY9TxAAAiZG1yquh4nMLAvGPBzMeHBKlcain_8wBFu8t0p1Oe8Db-6yiBOK8F6m3yxEPABCAjXQNYAHO6GGXX6xXABMDb7vX5AuAEAZIFBAgEGAGSBQQIBRgEoAYugAeMoN5sqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQqtD-A9IICQiA4YBwEAEYHYAKAcgLAdgTDIgUAtAVAZgWAYAXAbIXHgocCAASFHB1Yi0yNjE2NzI5MzYzNzQ2NTYwGP_XFw&sigh=olPMpC-gi2Q&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 72B5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
78529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 19 Jan 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 72B5 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
77842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 19 Jan 2022 09:53:05 GMT
l
www.google.com/ads/measurement/ Frame 72B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnzSCsv_W5Fk2t5JQewIQ3679mWvqstVsH4AG8sm5e2kahSKzmGjPPhWLrD-VcLUudmT7e
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 72B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CCfhlEr7nYdv3HYy6x_APvPemsA_GhbjMZOGvh-yyDpqF7YvYJRABIO_2kCFgleKQgqAHoAG0yrqRAsgBCeACAKgDAcgDCqoEjAJP0H3byLLsKFXbPH3VIpY5UgNM8VG-lCxUZZIvCZJdzP8XhbvKynfGMwyypT6-t_oCFYWYPNAMFL7cX5QmTqR2plzMyq8ght-CvGh4VbSzB3dJMkqrnHZamncjpsIgDN5u9Kd9iCRLngPwEDQdLQXEYxQMA9DdcPjtCDSuVnkLJVhLHPBZhK61OPOMfacv-i-4puCvb92JkAGaOEC5piQqrJf4jKRuL3ZCpG8CIAUQC_B-zzfsCJ4PSFuunVaD87-_dCwNoAx02vHFlMu8zbv28eGpDU8b7_FdkL3Kn-vilS93IujxBbScBAU8-cmQT87muCxyeIEL0u2xLK9qopKhPWA0bijz85UTke35wATTuKr60gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHtLXF7gGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDngwTSCAkIgOGAcBABGB2ACgPICwHYEwyIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDYyNzUxNzY4MDI0OTY3MBj_1xc&sigh=ondGNfVEtTM&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ Frame A732 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31064115
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef979ae41636bb1112445e7c404cc3a34ccf4b32e7b9b556d6bdc7f464009d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104506
x-xss-protection
0
server
cafe
etag
5387996186767430246
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:27 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/13560672466127572508/ Frame 7431 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13560672466127572508/2076313506083323656
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69781eb4af75af316c4fa7c65234290ca1159f82d86ea732c2abe28a5916dea1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 18:57:46 GMT
x-content-type-options
nosniff
age
563561
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22818
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 17:49:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Jan 2023 18:57:46 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7892542367971975386/ Frame 7431 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7892542367971975386/downsize_200k_v1?w=100&h=100
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b7312c8fda8fc5a7ab55d89da51d97cbb4044165db41eb36e39acc371c1af06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 17:13:48 GMT
x-content-type-options
nosniff
age
569799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5636
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 17:47:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Jan 2023 17:13:48 GMT
truncated
/ Frame 7431 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 7431 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65b8e9e22d22eab677b4e151d77b71c1e737d45308f835f9c4113eab1b4c42a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 7431 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.123greetings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
567248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 17:56:19 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1854475582635991581/ Frame 72B5 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1854475582635991581/downsize_200k_v1?w=400&h=209
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a2390852ad3ab40c7ff26cd6e5f541367a8da987f828683913d82cd30d3a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 21:18:22 GMT
x-content-type-options
nosniff
age
123125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
x-xss-protection
0
last-modified
Tue, 23 Feb 2021 22:50:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 17 Jan 2023 21:18:22 GMT
truncated
/ Frame 72B5 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 72B5 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f91904518c5285ebb7805c6b884420d61a5156334c78977f7d74b19d98cdcef6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 72B5 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.123greetings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
567248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 17:56:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 72B5 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.123greetings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 17:58:32 GMT
x-content-type-options
nosniff
age
567115
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 17:58:32 GMT
truncated
/ Frame A732 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f98e7ba1103510609262a70374571c1be735154b5d8121758508fcf8ec757c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame FD50 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dddeb0371f942b4bf76346b0a67a9418d81cae0271169f83df8a6447f45f207c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
abc.txt
static.avantisvideo.com/data/ Frame C7BF 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:8:9ed9:9c40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a71c26b75aeb3585bcab8482529d66343de187fe39313f2caeb2c101aff697b

Request headers

Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 01:21:47 GMT
content-encoding
gzip
last-modified
Wed, 12 Jan 2022 08:26:34 GMT
server
AmazonS3
age
92880
etag
W/"ea64db68a6e4f329ba63a5ba0eb54c84"
vary
Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
mim_jvOikddPn6Vic48jMwnM9imoFS5sTp0Re71KzlDMwBnTSFoUUg==
via
1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
abc.txt
static.avantisvideo.com/data/ Frame C7BF 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2e00:8:9ed9:9c40:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a71c26b75aeb3585bcab8482529d66343de187fe39313f2caeb2c101aff697b

Request headers

Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 19 Jan 2022 01:21:47 GMT
content-encoding
gzip
last-modified
Wed, 12 Jan 2022 08:26:34 GMT
server
AmazonS3
age
92880
etag
W/"ea64db68a6e4f329ba63a5ba0eb54c84"
vary
Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
oYrefCO41RVKgbxZEmCbxTxRdhHrJQTqagIajbHKlr-ZkCS-y-YQUA==
via
1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ Frame 26D1 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef979ae41636bb1112445e7c404cc3a34ccf4b32e7b9b556d6bdc7f464009d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104506
x-xss-protection
0
server
cafe
etag
5387996186767430246
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:27 GMT
truncated
/ Frame 26D1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96534f356bbf04c65f5f6d8cbadd9803d73cde561f182cc89962555477fa4b33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E215 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bea82f5b931c8582b0d9d6f6ed17c067d3c5adc17af471985b75ad24b56454d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame A1FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQVj3Er7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhAJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNByQBsDgQteZQ80Z21kT0H9s6Hz3X3cHFqgLZ933wv6j4V6qg4C9b-AEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ2Mjc1MTc2ODAyNDk2NzAY_9cX&sigh=5biIacrJo7E&uach_m=[UACH]&cid=CAQSOwCNIrLM1J2jo_pKoxoh7k2_Vk-LnK1t3lnlEr9AD0jtLGUhes25jgc6KM-UVhOJa4SfBYM9Dxcb-zlBGAE
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame A1FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=U8DUEcY1oAHYBJ2DYgICAAAAoVE7jJl3H1JfklCBK-WvnBASvudhLzD4KtsGoKWw8iwAEg&wp=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
server
Kestrel
server-processing-duration-in-ticks
258858
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame DF21 		166 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Requested by
Host: 4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
URL: https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9a8ca8f9097539226e6458b0936e540b9f6531d05e789150e880aa8caa88cdf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=gpWM3drfaxPppo_HL8MPBiNki4F7Em9LmEkF1znltzQdFB_rCvTQYPjmMUSAF3p-gh-Ku79AhTic7FYTYEJ93qHdBVnLukW6FtiHJP9lF9DFBaPVS22yr2TnsmAokaS0AO3GGmGm1Pis2nAsxrpIGqj2pKQ07KJeeluQGCiqEUMjhkLSX00nEOESQu8_9XEO8eKn3zGotHYArYqK17JddWsw97fD5GI-LyjvsPhb0sLsa5cOQpCGk2cUUxas6XVjES8O-g"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
93121732
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame A1FB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js
Requested by
Host: 4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
URL: https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
170
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:27:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame A1FB 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
URL: https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:27:24 GMT
l
www.google.com/ads/measurement/ Frame A1FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbIG_5jFH0tzbkvubtPV6Qkwle_utcy6ceDrqQ6iei3AClVDcAYVJZrSa6uh_I1c8LKGAR
Requested by
Host: 4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
URL: https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A1FB 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
URL: https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 19:59:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Jan 2023 19:59:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A1FB 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
URL: https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:27 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ Frame FD50 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31064115
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef979ae41636bb1112445e7c404cc3a34ccf4b32e7b9b556d6bdc7f464009d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104506
x-xss-protection
0
server
cafe
etag
5387996186767430246
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:27 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/ Frame E215 		284 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef979ae41636bb1112445e7c404cc3a34ccf4b32e7b9b556d6bdc7f464009d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104506
x-xss-protection
0
server
cafe
etag
5387996186767430246
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Jan 2022 07:30:27 GMT
fcp_thankyou.js
x.123g.us/json/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/fcp_thankyou.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:22:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 May 2020 08:02:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
456
ETag
"f55-5a5bf5ae75580"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1026
jake_test
Test_Pass
Expires
Wed, 19 Jan 2022 07:37:52 GMT
truncated
/ Frame C7BF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d64628a7be79ad4fd5531bb2256e6600363db54e94edcc51811b123f7b5be749

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame C7BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJ9IKkZfMI_cH0PU4JcqCG2FnNtyj00Q6AkVQ_G5XEkJ01EsXRhntOYCw5y9Y8RFpe5cKFebKfNUrGHE-rY0bAW3GiGL0w0oQ99P24Op77kVdvr42z4evPdtuTaQQAeJlC8fNDAI0YYXMqMEy69yh8xrIB8FnYOLGgH3xz2UtS7YkIE-JPeEDFbnKv2SOjZEfOGjbjIHi76lXoZQu5hsCY-3Jsl7-Y6Q8QDzn9Cyn_fQ2uKCyl7zi4Ac1SCUv-Ro7CD99HEkHZSFQ1ape4AwbgWgMtPw5VT4iFfyB84Qbvf4L4YeVZlPfvw3qtf3yT4vsJXa3DCvfk9GZbuYq5dbyM&sig=Cg0ArKJSzB63B6pp27P8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 07:30:27 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame 30B5 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

content-type
text/html
last-modified
Wed, 08 Dec 2021 10:46:21 GMT
x-amz-version-id
mkXtqZN.sX1diyvNHzDOuWx2fzD7.NTz
server
AmazonS3
content-encoding
gzip
date
Tue, 18 Jan 2022 13:35:57 GMT
etag
W/"72b7eb0ed3b552f546f4240f3e4e9f26"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
iKv5O0baM6yL4Bd5iJFKHofS9k0ETzWtjyoy4tEAgWZIFVA9Mj0LrQ==
age
86751
cookie.js
partner.googleadservices.com/gampad/ Frame A732 		220 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
aab922fa9d47968bd242df4f844f269eb67d8671be51da1c0fb7317f9d670e89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame A732 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A732 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8B74 		57 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7a210094b91fb78d4f4ea620e63599c2478e04691171135e3f59aa30ed4e76e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 Jan 2022 07:30:28 GMT
server
cafe
content-length
23939
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
thank_sendcard_v3.js
x.123g.us/json/ 		591 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/thank_sendcard_v3.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0b2b11d728c887a6566abe914066c1b7631f12049c637109a995addcd8466d7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:22:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jan 2022 07:01:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
482
ETag
"24f-5d5e9f4e07400"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
329
jake_test
Test_Pass
Expires
Wed, 19 Jan 2022 07:37:25 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 26D1 		220 B
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
510c95d2386973b9c22d981fbb93d0ed9c1146f3be6888b45edb1c2d2f91f05e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 26D1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 26D1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DF79 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031645&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427659&bpp=12&bdt=157&idt=218&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=961455891&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1664&biw=1600&bih=1200&isw=728&ish=90&ifk=2957823516&scr_x=0&scr_y=0&eid=44753740&oid=2&pvsid=3511165836253204&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.4yjg6hq5u64i&btvi=1&fsb=1&dtd=231
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 Jan 2022 07:30:28 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ Frame FD50 		220 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
49b6e9ae0749149345ed59822128234c3aa026288c98c5f829f4194dbcec432e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
209
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame FD50 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FD50 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8D4D 		71 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4ef8182b6523bf59a4d35ba989ad21f5a027fb2dd4377a6b10728f62a57b215
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 Jan 2022 07:30:28 GMT
server
cafe
content-length
28107
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ Frame E215 		220 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9528e7fb833fbcb1dc0d86f7fb685b5fe1f970760f3c9d4c134eaae87fea8179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame E215 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E215 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 909E 		84 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ef8b6292700f2ac20302fb67a9a96ab9466992b072a9886f62d81ee72954b01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 19 Jan 2022 07:30:28 GMT
server
cafe
content-length
30008
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
geoip
avm.avantisvideo.com/api/v1/ Frame 30B5 		221 B
975 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:a000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
78f8498375316fc4cc548d4d318c82d401baac94641f9b7a35c3fc04f18dea0a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
221
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Wed, 19 Jan 2022 07:30:28 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
dkw_jHU8IO84-Ro9SN0e1MNOuRvxVq34-KZs_EC3kiD6MW4s8O0roA==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:a000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
x-cache
Miss from cloudfront
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
m5nlfHks1iadhVp4Gu_mLajfpl_vlx7p5NmFRSczzrwYY2hPmH62fA==
truncated
/ Frame A1FB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60b84d53020bb641f4f517e58d7ce3f2e47bbb078b05b761706c3d1d23a042ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
fcp.css
c.123g.us/css/ Frame 5E6F 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/fcp.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/343058306a7c617567796c0264766d564a7f6a70277a56/12625721318002229286/summary
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 06:46:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jul 2018 10:30:13 GMT
Server
Apache/2.2.15 (CentOS)
Age
521026
ETag
"2462e-1b92-57234f253d740"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2003
jake_test
Test_Pass
jquery.js
c.123g.us/js2/ Frame 5E6F 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/343058306a7c617567796c0264766d564a7f6a70277a56/12625721318002229286/summary
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 11:51:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
416353
ETag
"16f3a-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33449
jake_test
Test_Pass
Expires
Sat, 15 Jan 2022 17:19:31 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame DF21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Jan 2023 07:30:28 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame DF21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Jan 2023 07:30:28 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame DF21 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 14 Jan 2023 07:30:28 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame DF21 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sat, 14 Jan 2023 07:30:28 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame DF21 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=f5ZMYtCPUY8879B3DfguGMqQGAHRuO9CeFLQVT4PW1DWSP8PqHHNhTr01iZSonrwda_nOQzsOW_JJ2jNYpyKrY2pTimuKlyDeEUgVC5gA3Gr1kWIeaATd4t_D7dkHAYSz2L6-08KG1H9r1RqMRzc1DBog-ocMTDfmHmprVgJ6M6MMghterQbjNtK7kwYKiJsi7O2SjnzHVzzaR3GsaW9tYhuBcj0WgcT7ivxVdvLbHxZDJM6u7FbECVn7q0srnvaTFCO_uHsDkVk6YnUzFmpO6l7xuL-mPTcOZNKmj0yMCnMJUeXyqe8N6yFfhcyYypLydluJfQaj65SreMRWNjJHeXS9f5roUULoILSyQoRML61oI0q1zRjFNehvZlGTcHCQd-QQrzErauf5YJugeD29eADsk9XlmitIw1UkOJuR4T4vR1BP3bdS6S25l2B2FZlRsPOXg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:27 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
11021762
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
ejan_seasonsgreetings_thanku.js
x.123g.us/json/ 		48 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/ejan_seasonsgreetings_thanku.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
10642cc90634127e5030b161bdae2990b0ae3a376a97b3df56932bf968019a03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:07:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jan 2022 06:37:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1350
ETag
"c0e7-5d5e99e456ec0"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5895
jake_test
Test_Pass
Expires
Wed, 19 Jan 2022 07:23:00 GMT
styleopt_v2.css
c.123g.us/css/ Frame 5E6F 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/styleopt_v2.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 07 Jan 2022 15:38:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 10:50:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
1007495
ETag
"24665-b2be-582511f153a40"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8955
jake_test
Test_Pass
modal_window.css
c.123g.us/css/ Frame 5E6F 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/modal_window.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 22 Dec 2021 22:01:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:40:54 GMT
Server
Apache/2.2.15 (CentOS)
Age
2366958
ETag
"2468c-746b-54a227c0b1d80"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6107
jake_test
Test_Pass
print_card.css
c.123g.us/css/ Frame 5E6F 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/print_card.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 28 Dec 2021 08:49:14 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
1896074
ETag
"bbf-54da7c8112fc0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
824
jake_test
Test_Pass
Expires
Tue, 28 Dec 2021 09:04:37 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame DF21 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
129283
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0lK4oXGg5mcOkOMPgTqnxLQws3peTHqiMOo8vMfowtycsymNCatfH9r8Gtd54cjb8CoKGicGy6SSg9meP%2FnN13JDk1V%2BXkyBXgmJO7%2FZzOE1GLCd97FUfXwPOmB07%2F6yn%2Fh9ASofOrPzsbGVRuugbry"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6cfe5b9d9ad26977-FRA
expires
Mon, 09 Jan 2023 07:30:28 GMT
animejs.js
static.criteo.net/animejs/ Frame DF21 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Jan 2023 07:30:28 GMT
img
pix.eu.criteo.net/img/ Frame DF21 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=108&m=0&partner=90357&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F90357%2F211115%2F33300702bd0247d48074e3362ef06108_screenshot_2021-11-08_at_12.17.08.png&v=3&w=316&s=6AYg_2Et44Jxuwx67RQeqSp5
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3044563d9c817570c9f2c83dfa8a0e17a2c218ba7143a65977b68fda04c4f72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:52:38 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
59868
vary
Origin
x-cache
hit cached
content-type
image/png
cache-control
public, max-age=29023432
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
21002
expires
Tue, 20 Dec 2022 12:56:32 GMT
img
pix.eu.criteo.net/img/ Frame DF21 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1167546-_x600-nocrop.jpg&v=3&w=800&s=KoUUKAWq2H4WAfcVueGNhS0k&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
44bc4a17199ec4f353892cda3cdb02d401ba5fc9562aae091a1bf1f2fbf9151e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:52:39 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
59868
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=29218403
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
67224
expires
Thu, 22 Dec 2022 19:06:04 GMT
img
pix.eu.criteo.net/img/ Frame DF21 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1575983-_x600-nocrop.jpg&v=3&w=800&s=vY5bRcGGTmei48DUVvO5d0xF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
db35c9bbff5e19b0efea1a0b3398cb2e841863498653bb3625bcc75cbc535835
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 15:27:33 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
57774
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=29216478
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
34566
expires
Thu, 22 Dec 2022 19:08:52 GMT
img
pix.eu.criteo.net/img/ Frame DF21 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=90357&q=80&r=2&u=https%3A%2F%2Fcdn.reisenaktuell.com%2Fimages%2F1189029-_x600-nocrop.jpg&v=3&w=800&s=8bLzm3ZEAnLOYDA7yBbw_DAZ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3d1292177b010b1786177e8cc85bf1b510a598730a5b8ee011e3697e810da6a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 16:09:20 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
age
55267
vary
Origin
x-cache
hit cached
content-type
image/webp
cache-control
public, max-age=29214820
cdn-loop
Criteo
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
accept-ranges
bytes
timing-allow-origin
*
content-length
70990
expires
Thu, 22 Dec 2022 19:23:01 GMT
all
csm.eu.criteo.net/ Frame DF21 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=gpWM3drfaxPppo_HL8MPBiNki4F7Em9LmEkF1znltzQdFB_rCvTQYPjmMUSAF3p-gh-Ku79AhTic7FYTYEJ93qHdBVnLukW6FtiHJP9lF9DFBaPVS22yr2TnsmAokaS0AO3GGmGm1Pis2nAsxrpIGqj2pKQ07KJeeluQGCiqEUMjhkLSX00nEOESQu8_9XEO8eKn3zGotHYArYqK17JddWsw97fD5GI-LyjvsPhb0sLsa5cOQpCGk2cUUxas6XVjES8O-g&sds=2&rev=80076.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 19 Jan 2022 07:30:28 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DF21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Jan 2023 07:30:28 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame DF21 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 14 Jan 2023 07:30:28 GMT
ejan_whisperloveday.js
x.123g.us/json/ 		62 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/ejan_whisperloveday.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4bfa2fcd81f57fd26e761cfe7c11b723c739dfc1237fdf7859331a0f7e6e8d33

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:11:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 19 Jan 2022 05:37:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
1147
ETag
"f882-5d5e8c6715b80"
Vary
Accept-Encoding
Content-Type
text/javascript
access-control-allow-origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7644
jake_test
Test_Pass
Expires
Wed, 19 Jan 2022 07:26:46 GMT
css
fonts.googleapis.com/ Frame DF21 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 06:32:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 07:30:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 07:30:28 GMT
carousel_thank.json
x.123g.us/json/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/carousel_thank.json
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0c600de3ed9cbbbf7474781f018b51d08a0aaa7b2294070c59d128c859e8d1b9

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:21:46 GMT
Last-Modified
Wed, 19 Jan 2022 07:02:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
522
ETag
"130b-5d5e9f827afc0"
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4875
jake_test
Test_Pass
Expires
Wed, 19 Jan 2022 07:36:53 GMT
337101_th.gif
i.123g.us/c/ejan_whisperloveday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_whisperloveday/th/337101_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
84671abe796aa5664efd3a2f4cf291d202d1796f9a1f2ab6d304db6d1c5a6f4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 20 Dec 2021 16:50:33 GMT
Last-Modified
Fri, 18 Jan 2019 07:18:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
2558395
ETag
"1e84-57fb651efd1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7812
Expires
Mon, 20 Dec 2021 17:05:33 GMT
103679_th.gif
i.123g.us/c/ejan_whisperloveday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_whisperloveday/th/103679_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
afdaa1eb2520edc3eaadf201c0d99078588b02c81e4e4930e88bb06e28a9dacb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 05:31:32 GMT
Last-Modified
Mon, 24 Feb 2014 09:47:41 GMT
Server
Apache/2.2.15 (CentOS)
Age
439136
ETag
"1bc9-4f323dcd20940"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7113
jake_test
Test_Pass
Expires
Mon, 17 Jan 2022 08:38:05 GMT
112869_th.gif
i.123g.us/c/ejan_whisperloveday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_whisperloveday/th/112869_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
71ddf87a3a74886f8be847d075e68de4874c061e97192e3b7cf721fae27f2864

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 15:58:59 GMT
Last-Modified
Mon, 24 Feb 2014 09:47:41 GMT
Server
Apache/2.2.15 (CentOS)
Age
401489
ETag
"1f17-4f323dcd20940"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7959
jake_test
Test_Pass
Expires
Wed, 19 Jan 2022 04:21:20 GMT
closeBtn_h.png
c.123g.us/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/closeBtn_h.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 28 Dec 2021 08:15:10 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
1898118
ETag
"42a-54da7c7a66000"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1066
jake_test
Test_Pass
Expires
Tue, 28 Dec 2021 08:30:10 GMT
341617_th.gif
i.123g.us/c/ejan_seasonsgreetings_thanku/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_seasonsgreetings_thanku/th/341617_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c0452e178cdc6c7f11a560fa4a699a4d24a07a5bf0d2740754b79938fc9bf9b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 26 Dec 2021 12:02:07 GMT
Last-Modified
Mon, 16 Dec 2019 12:55:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
2057302
ETag
"1fea-599d1ba0a3900"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8170
jake_test
Test_Pass
Expires
Tue, 28 Dec 2021 15:50:14 GMT
348690_th.jpg
i.123g.us/c/ejan_seasonsgreetings_thanku/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_seasonsgreetings_thanku/th/348690_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8c51c23510c1cb4da4985465adfa79be4c926d5f1ea171843f9cf26625235602

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 16:18:35 GMT
Last-Modified
Fri, 19 Nov 2021 11:45:14 GMT
Server
Apache/2.2.15 (CentOS)
Age
400313
ETag
"1620-5d122cee8a680"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5664
jake_test
Test_Pass
Expires
Sat, 15 Jan 2022 14:37:47 GMT
120322_th.gif
i.123g.us/c/ejan_seasonsgreetings_thanku/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_seasonsgreetings_thanku/th/120322_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d98216e8465e10e522653c2db4323b5d20c94713a1e4e255861ee803da74bbad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 16:28:18 GMT
Last-Modified
Mon, 24 Feb 2014 09:35:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
1263730
ETag
"1fa4-4f323b29ed040"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8100
jake_test
Test_Pass
Expires
Tue, 04 Jan 2022 16:43:18 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame DF21 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 17 Jan 2022 21:17:17 GMT
x-content-type-options
nosniff
age
123191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45416
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:09:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 17 Jan 2023 21:17:17 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame DF21 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:03:04 GMT
x-content-type-options
nosniff
age
62844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46988
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:11 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 14:03:04 GMT
116792_th.gif
i.123g.us/c/ejan_chococakeday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_chococakeday/th/116792_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e0aa2901dd1c9902cece215ee32cea171018f237046f327fa3a46d082ab63eda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 03 Jan 2022 10:25:58 GMT
Last-Modified
Mon, 24 Feb 2014 09:43:28 GMT
Server
Apache/2.2.15 (CentOS)
Age
1371870
ETag
"1fa3-4f323cdbd9000"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8099
jake_test
Test_Pass
Expires
Mon, 03 Jan 2022 10:40:58 GMT
122345_th.gif
i.123g.us/c/ejan_chinese_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_chinese_wishes/th/122345_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
dabf1cd1e266c66c5fede833ce46ff6b0af8a34e000c1293258a391ac00ed829

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 18:39:20 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1083068
ETag
"1e7c-4f323de033640"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7804
jake_test
Test_Pass
Expires
Mon, 10 Jan 2022 07:56:26 GMT
341908_th.jpg
i.123g.us/c/ejan_daisyday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_daisyday/th/341908_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
688c2f272b15f5466e45e1a5e93871d231eee9d1d8899f3573948176b96ac6ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 06 Jan 2022 04:18:01 GMT
Last-Modified
Fri, 17 Jan 2020 13:01:17 GMT
Server
Apache/2.2.15 (CentOS)
Age
1134747
ETag
"1a10-59c5589868140"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6672
jake_test
Test_Pass
Expires
Thu, 06 Jan 2022 04:33:01 GMT
114129_th.gif
i.123g.us/c/ejan_chinese_fgreetings/th/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_chinese_fgreetings/th/114129_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5294861688392fb55c44216d8700a2362a2bc809a9576a8ffc352a72a44f04d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 04:21:34 GMT
Last-Modified
Fri, 14 Jan 2022 19:36:57 GMT
Server
Apache/2.2.15 (CentOS)
Age
356934
ETag
"12d0-5d58fed032840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4816
jake_test
Test_Pass
Expires
Tue, 18 Jan 2022 00:17:18 GMT
113208_th.gif
i.123g.us/c/efeb_groundhogday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_groundhogday/th/113208_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ae866075deab57718d586ba54073f6c2ee11df652c714f3b6afe8bac938a5598

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 08:36:44 GMT
Last-Modified
Mon, 24 Feb 2014 09:39:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
773624
ETag
"1fce-4f323c0639800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8142
jake_test
Test_Pass
Expires
Mon, 10 Jan 2022 11:07:44 GMT
345601_th.jpg
i.123g.us/c/ejan_chococakeday/th/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_chococakeday/th/345601_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
5e0758de83ed53a655b1a5ed1bcd2239da41edff35d438154cd444d545ea1f02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sun, 09 Jan 2022 08:03:54 GMT
Last-Modified
Sat, 23 Jan 2021 07:45:28 GMT
Server
Footprint Distributor V6.1.1162
Age
861994
ETag
"a9f2-5b98c7d0b3600"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43506
jake_test
Test_Pass
Expires
Tue, 18 Jan 2022 17:20:43 GMT
121190_th.gif
i.123g.us/c/ejan_complimentday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_complimentday/th/121190_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1cf4785000150c1c8256c6abd68fe3a49d2b862f803a7d31bde5670943d138c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 14:24:19 GMT
Last-Modified
Mon, 24 Feb 2014 09:40:41 GMT
Server
Apache/2.2.15 (CentOS)
Age
752769
ETag
"1fd0-4f323c3c95840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8144
jake_test
Test_Pass
Expires
Mon, 17 Jan 2022 08:31:26 GMT
116762_th.gif
i.123g.us/c/ejan_daisyday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_daisyday/th/116762_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
466e099bcc6114756da0169e0ba10e5a6a29e6ef07ec9c3f43458511ad84e4b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 20 Dec 2021 16:13:37 GMT
Last-Modified
Mon, 24 Feb 2014 08:14:03 GMT
Server
Apache/2.2.15 (CentOS)
Age
2560611
ETag
"1ff3-4f3228df628c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8179
jake_test
Test_Pass
Expires
Mon, 03 Jan 2022 10:41:00 GMT
316101_th.gif
i.123g.us/c/efeb_hugdayfeb/th/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_hugdayfeb/th/316101_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
587432ffed01dcaf5b9be44753e73c3b054e9de9a079fae0869bb3e907861c09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 21 Dec 2021 07:51:52 GMT
Last-Modified
Tue, 27 Jan 2015 13:00:14 GMT
Server
Apache/2.2.15 (CentOS)
Age
2504316
ETag
"109a1-50da1d5f43380"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68001
jake_test
Test_Pass
Expires
Wed, 12 Jan 2022 12:42:31 GMT
121714_th.gif
i.123g.us/c/efeb_supersunday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_supersunday/th/121714_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
89a6f9d65f3250723bfe68dd93b8ab7014876f6ce7c67c69737ca63991f5a148

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 09:39:17 GMT
Last-Modified
Mon, 24 Feb 2014 09:49:02 GMT
Server
Footprint Distributor V6.1.1162
Age
424271
ETag
"1fe5-4f323e1a5ff80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8165
jake_test
Test_Pass
Expires
Tue, 18 Jan 2022 13:49:37 GMT
327472_th.jpg
i.123g.us/c/ejan_complimentday/th/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/ejan_complimentday/th/327472_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c5cdfad2e7b1687a711364a54bbbae850b1239d729abd6527d6e70d8bff3d692

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 11:40:35 GMT
Last-Modified
Mon, 16 Jan 2017 10:30:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
1799393
ETag
"2118-54633ababe940"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8472
jake_test
Test_Pass
Expires
Wed, 29 Dec 2021 11:55:35 GMT
321044_th.gif
i.123g.us/c/efeb_roseday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_roseday/th/321044_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2c51ff8cf60a8b5aa4a6493254d054fa04a684377b2f75dde1dca6118999fa39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 15 Jan 2022 13:43:15 GMT
Last-Modified
Mon, 25 Jan 2016 12:39:25 GMT
Server
Apache/2.2.15 (CentOS)
Age
323233
ETag
"1ff3-52a27dbe71940"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8179
jake_test
Test_Pass
Expires
Sat, 15 Jan 2022 13:58:15 GMT
113096_th.gif
i.123g.us/c/efeb_supersunday/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_supersunday/th/113096_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
f0120acc05e65e1d1be5a3e3a995ad3a25b1cd31afa65b5ed2844d3b7b1be0ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 13 Jan 2022 04:01:03 GMT
Last-Modified
Mon, 24 Feb 2014 08:29:14 GMT
Server
Footprint Distributor V6.1.1162
Age
530965
ETag
"15fb-4f322c442ea80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5627
jake_test
Test_Pass
Expires
Tue, 18 Jan 2022 23:28:15 GMT
345719_th.gif
i.123g.us/c/efeb_groundhogday/th/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/efeb_groundhogday/th/345719_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f5ede0a3b5145183cd982d792213e71e3ebc1866727a683cf787ea0850e069d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Thu, 30 Dec 2021 10:06:00 GMT
Last-Modified
Mon, 21 Jun 2021 09:45:56 GMT
Server
Apache/2.2.15 (CentOS)
Age
1718668
ETag
"1937-5c5438a389d00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6455
jake_test
Test_Pass
Expires
Thu, 30 Dec 2021 10:21:00 GMT
12914462291344464087
tpc.googlesyndication.com/simgad/ Frame 8B74 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12914462291344464087?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkBIn-TXWYjGOil32O-2MKKT67__A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c422a15470556b1a9bf6cefc9fd2c65d9b22c483195a4d985317a2efaff499c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 17:58:55 GMT
x-content-type-options
nosniff
age
48693
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30213
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:00:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 18 Jan 2023 17:58:55 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame 8B74 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:15:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 8B74 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:27:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 8B74 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:27:24 GMT
l
www.google.com/ads/measurement/ Frame 8B74 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRv8mQ2zE6oL3dMVbL4xAagg5UMwglFoCWFGZ2douzxavIHTkeWqv-TGOuqjdXffCNdPGO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8B74 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:28 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 8B74 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 19:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11395
x-xss-protection
0
server
cafe
etag
13428216562775282503
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 19:03:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 26D1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_6RYrXpFjoX3v7sSws2PQpCqH6xt4JQUBMBefAwTaV6RF0RbCBI4oSAQyFIL5bpi1t0eTKAmiTECGRpfxSjnFNVNja1rrFggfKoH9bYX2I7Fyye0fGOmyw23sFLtIp_XnGVAEZVv8HoGXhsdAqc0-GFmEQFcrsg4yASKw7rX66gGs3DdoAnmABP_qQbEpftXt7-iJc29l2VMj99kJ4wwoeyztQVJuJWlqIwVzMrSB6bZS2qKDc27IjFLiI3DEdSsMLhBRnnJYZNPBsIPpbtncyl42VO1Zfu8mq_0cOdRFrx3fhlxDBRdI26uKy5K-ysGIjiC3ARif-KckWaT1BXHz&sig=Cg0ArKJSzK_ykeOezfoJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 07:30:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 26D1 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220113&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c5d8ca625b6b024f51dfe5f0efff5d5e30512bb373897c150fcf8dc691393e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9047
x-xss-protection
0
truncated
/ Frame 8B74 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ea6d10341205c9cc0f7bfd2ab762b2f629cb8aed940d60fba770b0aa71528f9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A732 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8hpXZGuImwO9sZk5CO6-ZGQuM1KSJDUrhrGXJFssJwEbfFhv6E2deqQ2MG4D02pYwyNTMrfMDsXVv35hjq15Cle3u3P_T-tLUC0vhNjRO6vxNB9iKFNEZGjPg-De1IHmi4Hw6pCSx4m7M-XgCm-piEYULQyccsBLyWXqfqW41nUbHv8tEKouZhpHvr31rhrHj2pncwmPY4TwW7m-exWDMmA6BS_FBV98bIrEk-uC_zjTdu6O9sn5x7HudN0GnKjaGvMg-G6NCKnzVvIQhtda3KZ0zPKGYLwDAtWudVLeykMXwGQvKsJf-2OK30CGI86nngiVLYe0rODMLJ9g&sig=Cg0ArKJSzHfW8Z78CQiMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 07:30:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A732 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220113&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b05753242ffe37ff05521a49195f74888ec6340b129b2c7d5e6e70f13daa6950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9133
x-xss-protection
0
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame 02E7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A732 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:28 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 26D1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:28 GMT
6217174234657797659
tpc.googlesyndication.com/simgad/ Frame 8D4D 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6217174234657797659?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnl-GTIazKRP0BkveyJxD82QMkSEQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
135b2416bf08d834251f98c72a53ce7a6747c562ec2e05463f06cd500c8e28a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 15 Jan 2022 08:27:53 GMT
x-content-type-options
nosniff
age
342155
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59096
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 08:02:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 15 Jan 2023 08:27:53 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame 8D4D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:15:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 8D4D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:27:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 8D4D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:27:24 GMT
l
www.google.com/ads/measurement/ Frame 8D4D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRSzuNUiDEqMONyXqLQXqfRgpCrauPUNZ1K_O2jOpurQqWqVmYzMV1u2KHi1Mh8YUS7aKag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8D4D 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:28 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 8D4D 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 19:03:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11395
x-xss-protection
0
server
cafe
etag
13428216562775282503
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Feb 2022 19:03:47 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8D4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6dcKE77nYYCdPOSAjuwPsL654AqkiI_BZ9vI6umYD64CEAEgheySAmCV4pCCoAegAdCou7oCyAECqAMByAPJBKoE4QFP0D-Q_93Un8mVJngBUI7y4k48LvMLAoApBVBvvKfRItbMBdyB_YGYmLN4xQ1jMO8RV0NMr4hUt700waIOG1sTOLENyXwfyFXa6AMonzp5nssfnRjM5SoZkSb9Bv4NdefeXTxUI1LjCfCnMy8odHF1Qx72Dc_IozpRD7wgDowQVVhx5FA0c-uopd77F9H-fSANELiEppRtwl6y9PU9UXrV_PkRiFcnBnMO02yioL7S3dQpOieU4pYpdHZNwgVuhGutQ5YtPXKRlZtmX9fv6e1dcXoLRrSZjdF5xBj7XAtgfl7ABNLYlvDoA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfl5IzPAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJLHBdIICQiA4YBwEAEYH4AKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi04Mjc1MzAyMTA3NjkzNjY0GAA&sigh=ExhvzCXDpus&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 19 Jan 2022 07:30:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ Frame C7BF 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4bdaf606d466858e8d5492447244188792dd2a7287c15b0dec3b36cc77d3c20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 23:58:02 GMT
content-encoding
gzip
last-modified
Sun, 09 Jan 2022 13:42:21 GMT
server
AmazonS3
age
27147
etag
W/"443ad5450046464c6992b243633a0876"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
mNhFGqZh3dLpQT9j_w0QvfoqndHEtE71
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-type
application/javascript
x-amz-cf-id
Rkf1fJN6T2UpfPIn4bvPugx14oyIylyC_5N-JnhvpNJ7vZeR7EWUWg==
video-loader2-cr.js
cdn.avantisvideo.com/js/ Frame C7BF 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45feae7d6f805f7383bfcae8655c37ad58107b07683cffb66ed1ee7dc7acda10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
0u0PASQDOPNzcJ.S6WRLKBv7GVcGfOkJ
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 10:39:45 GMT
server
AmazonS3
age
75038
etag
W/"8c83425e9864df55d10bca1569c1f48e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
date
Tue, 18 Jan 2022 10:39:50 GMT
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
EZeirDhlaTmeAQ2YJuT5Xed6IGL2xiKYtz3cMwPYIxBHUphuYGRiOw==
truncated
/ Frame 8D4D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e02b41e846b1a06b140b99a1f3ab99f613337823aae02e4a8f2c3211ef7551c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4bdaf606d466858e8d5492447244188792dd2a7287c15b0dec3b36cc77d3c20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 23:58:02 GMT
content-encoding
gzip
last-modified
Sun, 09 Jan 2022 13:42:21 GMT
server
AmazonS3
age
27147
etag
W/"443ad5450046464c6992b243633a0876"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
mNhFGqZh3dLpQT9j_w0QvfoqndHEtE71
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-type
application/javascript
x-amz-cf-id
usfFx-INrzmncPh-hSJyH-SGQ9FFdzC5aNA6HUw3O_qM988zwQIimw==
video-loader2-cr.js
cdn.avantisvideo.com/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45feae7d6f805f7383bfcae8655c37ad58107b07683cffb66ed1ee7dc7acda10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
0u0PASQDOPNzcJ.S6WRLKBv7GVcGfOkJ
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 10:39:45 GMT
server
AmazonS3
age
75038
etag
W/"8c83425e9864df55d10bca1569c1f48e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
date
Tue, 18 Jan 2022 10:39:50 GMT
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
5i6XjXh2zY_92YMY2wwmzNHc7Wauwq8MvkINkcFe2cG_K2huSUcbOw==
view
securepubads.g.doubleclick.net/pcs/ Frame FD50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWUfR4g-NaPtgsppWOyzPz5CPmZrFem0vuscWYS3nOdOg4yJrIA6qCWhIJUWRYt2U0sD-7dKzCQcfuSjtM26Dzb3GuoU7CXlkY_jvm3WrDXi82jiZ8PmoD572b7Lo5xDct5N33xdV1rMi1ieff8rC0p6V-XcnwKuVjnzWA58agIyp2uM6aJMd9gyZiWrN98TBZXAOBNxRNRVnKn4lUBh-znXxVcsIhBkfa21T6MwBUoeo6s8vU2cVDJ5ZQABHSga8XTGp-ZzBcaNglTgiF-_lvWYOXTGldyDA4FTn_y0RNkThrrG6TmayFwUtOrHEeoh38PxFe3VFsdnfmZgQFKjcQhh3MAQ&sig=Cg0ArKJSzJewy0-WeRhhEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 07:30:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame FD50 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220113&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b056d9b601f2f769b2614542f4cd7a3e908a0a85f8c422281438985fd2f7916f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9086
x-xss-protection
0
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame 61AC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427719&bpp=4&bdt=194&idt=221&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=2051049030&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=699670293&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=2756738487838263&pem=827&tmod=735&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.5uddfgw4rp06&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:11 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame 939D 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

content-type
text/html
last-modified
Wed, 08 Dec 2021 10:46:21 GMT
x-amz-version-id
mkXtqZN.sX1diyvNHzDOuWx2fzD7.NTz
server
AmazonS3
content-encoding
gzip
date
Tue, 18 Jan 2022 13:35:57 GMT
etag
W/"72b7eb0ed3b552f546f4240f3e4e9f26"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
PIp83K7x2f1sGWK7nmPE2BdOXvkBQu4B6LZx8Drq6KjFnObx-o-3iQ==
age
86752
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&eu=true&country=DE&hour=7&amp=false
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:a000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f314b0a98f3ded5609652c948463d5a3d79f821a2fca0b4f630d06af8445030b
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA56-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
0
access-control-allow-origin
https://www.123greetings.com
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
access-control-allow-credentials
true
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id
bMgZ779JqmFcCf29_pXcoG5wi7LEk4svduSYwJjZXl3A3IpXxZ1XaA==
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&eu=true&country=DE&hour=7&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:a000:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.123greetings.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
x-cache
Miss from cloudfront
via
1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
Rzgqm7fTM275zjF_QxqjP9ac8uci8auX7VnIfvspIvSAMkBPWlvbeg==
/
events1.avantisvideo.com/ 		0
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.195.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-195-144.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FD50 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&bust=31064115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 686F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 07:28:11 GMT
expires
Thu, 19 Jan 2023 07:28:11 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3F73 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9f4188b2433eae3927a0d1b04ced39435000547a37efd9cee5745360c6064143
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-20Dscuq69pZ5BfqNcGRfrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 19 Jan 2022 07:30:28 GMT
date
Wed, 19 Jan 2022 07:30:28 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-20Dscuq69pZ5BfqNcGRfrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EFF6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 07:28:11 GMT
expires
Thu, 19 Jan 2023 07:28:11 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 08B0 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bdd9dcb76711b2721b8074649beeded691b73c2057e726e3b625813a61697854
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-/UVdpHI0ruSwJm14fXgilQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 19 Jan 2022 07:30:28 GMT
date
Wed, 19 Jan 2022 07:30:28 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-/UVdpHI0ruSwJm14fXgilQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 909E 		4 KB
618 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 06:28:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 07:30:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 07:30:28 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 909E 		1 KB
889 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:14:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
967
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
server
cafe
etag
2277666839114365613
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:14:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3937 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 07:28:11 GMT
expires
Thu, 19 Jan 2023 07:28:11 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DE3F 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
05f6d30d6ed179a6c4ccf31e6074f1ed7879c51f00a06536996d8738df61ee10
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wahwQ0lmpuj8eNfUWnLefg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 19 Jan 2022 07:30:28 GMT
date
Wed, 19 Jan 2022 07:30:28 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-wahwQ0lmpuj8eNfUWnLefg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame 909E 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:15:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
881
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7881
x-xss-protection
0
server
cafe
etag
7605774008668088057
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:15:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 909E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:27:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:27:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 909E 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
184
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6473
x-xss-protection
0
server
cafe
etag
5124071950003790117
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 02 Feb 2022 07:27:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 909E 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37895
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1641990413359145"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:28 GMT
fccbdb50d0e11463e1edb3d8fcf7c364.js
www.gstatic.com/mysidia/ Frame 909E 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 19:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476196
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11411
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 18:31:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 13 Apr 2022 19:13:52 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 909E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6FauFL7nYZYkvY6O7A__2af4Bs-8nuRnlfXv47YN6Kq2lYsDEAEgheySAmCV4pCCoAegAcyM9ZoDyAEJqQKdKQweaf6yPqgDAcgDywSqBOMBT9Cg9f2ceuPPh0tCUDNxtTQZ5WmPeKbe0iBBBfM3nohCQOzw-xvdHGx4iRNUCVy9Sbk3w7IfB7tcexCBXQFAsEkkT9ICqEG8JxDBspYN9iGViP0VBC0hN8-j-s7JzitYq3j3gbiquPVKN0gV9GsjtoX7gogAVJqsmJWbjzBh8TGd8KTRs3rltCOOIzFXv5FWtPVq9Cec3He-x1hFmHvk8fkyDECACvKhnDvMGMEjmlYJumEJ9ZaiKNz0vzgpuiK3D1SE4KiIZspMb6Akc6EVRLTeZy7B3btjQCgx_cm9bWU-VNjABKv3qbKdA5IFBAgEGAGSBQQIBRgEoAYugAec84plqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQiNUE0ggJCIDhgHAQARgfgAoByAsBuBOIJ9gTDIgUDtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04Mjc1MzAyMTA3NjkzNjY0GAA&sigh=8rCuFId2Qn8&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 19 Jan 2022 07:30:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3F73 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220113&jk=996414976874094&rc=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 08B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220113&jk=3511165836253204&rc=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
downsize_200k_v1
tpc.googlesyndication.com/simgad/12996438871703352922/ Frame 909E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12996438871703352922/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adc1c22c3e344cd43bcbd1d98551155db58b5341b0e56a06a4de8d8cff3fc8c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 16:29:19 GMT
x-content-type-options
nosniff
age
572469
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10996
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 08:56:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 12 Jan 2023 16:29:19 GMT
truncated
/ Frame 909E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame 686F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:11 GMT
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame EFF6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:11 GMT
truncated
/ Frame 909E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06eaaaa4aa0c3bfb8a0bd6ace6b5be342b88f180c566f26eea53b5f89be339c9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame 3937 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DE3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220113&jk=2756738487838263&rc=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 909E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:02:00 GMT
x-content-type-options
nosniff
age
62908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 14:02:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 909E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
409840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:39:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E215 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdMt4uUISsUL43PFnzhrMN5DalbWHh5R-cq82EUcJBgPNr_2rtTXteDatgi1d9iB4DR9vUuLiXLYKPbe6eyBEE5Boc_kvoyAch2nk34wQo5RHiROCZZjjtKpz47UK4DsfZM165y50wSOPM02dgxOyDrKrExF3m8krjzJltzWcmruRA1UAcEHwB5_HvNJzleQIx3FaeqPWUMJhgeQhiHDntui24z5G1tYnmoE_uQNypXpzKEAOpknmv3bTnP45JUIS2kSvYw0cdQYuZlFnitjtDpTqDCPg20IDOYUndLevqKMC8WbTqvcqHDHLLjvZwRLK2vdDB2iAtfi0wYEaKQ2neLLJIXw&sig=Cg0ArKJSzFa2GjFhsH-SEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 19 Jan 2022 07:30:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E215 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220113&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9095aeb95b974beef260bf02d9d459ad5287df3f62fe494738bd153c1528e61d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9052
x-xss-protection
0
3.video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/3.video-loader2.1-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:5400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
455fbb0071232e9d6fa39adf37a0e586a4c2828bc62e13422963f4b1503a78d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
xGEdYKaQHi7W6c6dD7xic9Fk4fXZNG5J
content-encoding
gzip
last-modified
Sun, 09 Jan 2022 13:42:21 GMT
server
AmazonS3
age
69231
etag
W/"35de873b6c5727b72d96125505982db9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
date
Tue, 18 Jan 2022 12:16:39 GMT
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
eSx2XADUOzqni8s52-ihhaHSOGhULNQtWsaKiU5wFj_zmXX7XvxQOA==
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame 9845 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&fwrn=3&psa=1&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427737&bpp=3&bdt=209&idt=232&shv=r20220113&mjsv=m202201120101&ptt=9&saldr=aa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=1&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=1521150951&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=968&ady=1096&biw=1600&bih=1200&isw=300&ish=250&ifk=985233809&scr_x=0&scr_y=0&eid=44753740%2C31061690&oid=2&pvsid=1923946505788128&pem=827&tmod=304&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b6wissp9ej30&fsb=1&dtd=240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:11 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A1FB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss73Jrvesa6AlIQeXb7HnDzi70-LSH0yVCODlX6PG9JOP8kxKA5AqUTVIcma-wfIbebWhm9aFnvCIECcPFE4Uq6&sig=Cg0ArKJSzGiQ83LQwe2VEAE&cid=CAASF-RoHF3muNoT488-8ZUXr4GqGgleWr1C&id=lidar2&mcvt=1012&p=236,1114,836,1274&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1542450727&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642577427501&rpt=506&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/3.video-loader2.1-cr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:e300:187::2c79 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:30:29 GMT
X-GUploader-UploadID
ABg5-UyqeiaBU8ZbDqvmVIFpOQMCRQIBdrJ6ghgPVwl2IRo-5jpZCs3Z9z5RT8PJjHSThzQDfKEZgUjZGAMoHvk6qF8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2
Last-Modified
Thu, 14 May 2020 13:22:36 GMT
Server
UploadServer
ETag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type, range
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Wed, 19 Jan 2022 08:00:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E215 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:29 GMT
generate_204
tpc.googlesyndication.com/ Frame 686F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Xjaviw
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7431 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5ayfskRdmhbD6ciK-IRfnTxjGjdQPgLUS_oXh12WnqwBbgKTe3J7bkr-D-z-_8yeaFNSZTdlr7BjPFu9tkHeD-vp6NKvtXHVJmHNhlUpKsRFHISf1GxNH1hUGkpy8hmJ9_dNCenWr2_4Z&sai=AMfl-YQDhA3qVAa2JQ-FSR_KJwF9t5ZrUg6kmKSICOnjgvPo7rkELrZOCZh_pIJ1Pbn2hDA95cJ5nXtqXSlHticVKZmJhz9fQjnPycJMpqpQFbKhy7lNxP6jSoM0Qv4&sig=Cg0ArKJSzBC9GJ5KA-1PEAE&cid=CAASPeRownUUIG2qUBdoVHtuVFOg7_K3e5Pc81BuXVKgG-IrgAuB5ZBoWzu2F3tgzP3gvWPK6OBe59HmjdEhx3Q&id=ampim&o=495,536&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=551&tls=1562&g=100&h=100&tt=1562&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame EFF6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kZZ_Bg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.eu.criteo.net/ Frame DF21 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=gpWM3drfaxPppo_HL8MPBiNki4F7Em9LmEkF1znltzQdFB_rCvTQYPjmMUSAF3p-gh-Ku79AhTic7FYTYEJ93qHdBVnLukW6FtiHJP9lF9DFBaPVS22yr2TnsmAokaS0AO3GGmGm1Pis2nAsxrpIGqj2pKQ07KJeeluQGCiqEUMjhkLSX00nEOESQu8_9XEO8eKn3zGotHYArYqK17JddWsw97fD5GI-LyjvsPhb0sLsa5cOQpCGk2cUUxas6XVjES8O-g&sds=2&rev=80076.1&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yee-EgAHeb0IEd0MAAm7vCKEBT9BSEXnVNfhlw&u=%7C6UvrH0Ri0PlWR769cSxre3q1uvr%2FnmEQNGVZ57%2FeFyo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6XpDBaPhJ8cof9o4RENXMSPL1lbDt2rKo9ZUflLDsPFuP5YlX_9azUIlsAkRhnmTbimCxXwXiSYkAVQSc8PzDiE1nRaYoQkqvDdF3Fl-sYk8liJhQOk7jQzjWUomOOP_JKQM12Z2V8lYDdj8hHgLgfQDeAfloALRY0Tp1N-yFVAaj70Iih1vwXZyn-OxaoJHv6Ku5_OP63PW8ZRDGkfalVZgSw8NxkFY8u-aPm-ifFVQETmMdyPznRQE6VaWdQFHr7w0EjxwAt7ORfshU-K7ogQAAgDo0heRqO7zDGKdy2PeSZna7tZqhLQVWmXLQGipVZkUvZLYVfdI7UUAFkCc3SfJostEJtaZLEQJjBHOzgL9ZwuombWk4bsmVLZ6ABPP8wAadtnnbEtHM9V0jgMK2J0Ooa9ZB_dw2MBTF-amCoari5rU5iLOycE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeT9QEr7nYb3zHYy6x_APvPemsA_JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ2Mjc1MTc2ODAyNDk2NzCgAdW20uoDyAEJqQIS8NyoIv6yPuACAKgDAaoEhwJP0CyFpUqOl5HDLQO15ynISX4MuDML4qr5oeWtTVTTYZfhCbl0M3_ADqKbDflpuySF7ipevx7rWCJKaJtIqSHnNNgyJqURsbtjSGeKQq9m5kMbAwRenLgDclnL9ABSgPWmdiA-jMmVxU5GV2v7EBzTIecjS_NEwlUHkPyT5navDTcq3jlT72HxwYKc578EsIlZ_rQ-a8yMr_8-SuM80NkjFDN7OTms1d5u3FlCsHFEoeH3tYeksfZVUBy45hvn-xIY-p1hwcjWHyCVDlrSvsZ2mByijUY7bkh5yJdTNBzSBOFyxVgFUHKFz_rD7dmU4Wj96X0pDiq_r-BRMEG9zUYvKQSu0AjB6uAEAYAGw57kk5LBpJOjAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1brLouGkbbh65zerDvjEyifCw7oA%26client%3Dca-pub-4627517680249670%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 19 Jan 2022 07:30:28 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
aniview.js
player.aniview.com/script/6.1/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:e300:18e::2c79 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3d84cf6d64106537f99397ab19873c07b80cbd708b09e194c8da2940a4addd2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvc0-D-IibXQ9GM0Zo--4NiYgI5USTbS7uzTQ0NCWPg8tuzzpcXYOAlX2HenT4m9jyZsSW01-CuG6mU8WY4psO9Mk8-Ww
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9567
last-modified
Sun, 16 Jan 2022 15:14:18 GMT
server
UploadServer
etag
"ab0471e19a4973d125b542aa5853595b"
vary
Accept-Encoding
x-goog-hash
crc32c=7CO8dA==, md5=qwRx4ZpJc9EltUKqWFNZWw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642346058018345
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9567
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 19 Jan 2022 07:35:29 GMT
generate_204
tpc.googlesyndication.com/ Frame 3937 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D2DD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 07:28:11 GMT
expires
Thu, 19 Jan 2023 07:28:11 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 41C1 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b3b7d1c9be5f00eb1dbb6d6d2e135aaf6c62505fb1eca546e9953bbc2158a0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5fjPL1eWZxrs8dZ5buia9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 19 Jan 2022 07:30:29 GMT
date
Wed, 19 Jan 2022 07:30:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5fjPL1eWZxrs8dZ5buia9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame A732 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220113&jk=996414976874094&bg=!RUalRgLNAAZ_DxPPfw87ACkAdvg8WtNW4KwDmClkjhBBERisgr5fElzuwyeBEIE5nyXMGGU5wifttAIAAAEVUgAAAAJoAQcKAH0UnY-VnY9lXniGnS21Yv5n3QO3yFW6vm1sDY6PvYTsPFftPw2RMvrIYJ94vHsnVlgWfUYJqx4vmuE5o07bHE-g9GVyb-4x4eVimmn8PNlPgh5RF6NwW26flGnh9iaHvexlWu7-RW1oAgvrgaRCLeFDqWusOWm22ypOhlRJVpkC4Z4Rd2oIBFsfbhiWUAabURRmSKTgluy81jnYO3rTmJ3-hIGEtWINdj1Q3_IKNQOmNS36EHpgxvm1bTfbjSkrRhq2zct3twuuXwXRpYXdxqHpMHD1LJRyRINrE-low5I6sqvWnes7joooeOFfbMRpq15gyLuM_RO96nj7jHrTWGWG4VP_ofF8XnXCaDB6cD05HGxeI4cJ_QhA8t_d-71_JVeAy89CVPKI1fW-IhIjal4cBRywWOUtokaG5jZthZvZ9bwwZvGqZNqB900okbH78EYtfeFfNHeKxvTglTMjp86Y8HNhZs1sxRc7AHKIrLzAc-_Ok-7q40QrEaTJurT2W1wxVISGFiiGELFGkFFi5pU69ySTqCt2JFguVL-JkfjZfWVihM-yy6VWT5b2XgI4_9AXJn88B2-WGLDg-Q-D6MIiV-1QWskcPYW5IkoZ6LU_QYKDo3Xw-pL8MFNHGDQYFHRQb78QKBEQeudlLc7pFiG_ZUnnoB2VzkXk1rR5Wfaq28jQtA7UB62lzIlbkH1l9i31NOF63Qe76di07x8ejTpz_jX2FAwkZptAwyXK6OYM7auwT0uwX_G1WKAJS2XP2i5mi0AFuOlarenpdCpDBnuxKAsxRG25CvohaRfNJoOVMWXjhPAgWj-B47iRS2WXFhTC0i5J4Ij7XKYCDJ-kETwxfW3fAQUI9p4Vvp4jWTFiP6Wq5gohh7Id2nfeULXjMJdV60evBhs6CN8JG4Z42fN7XYKNzZmxNTHoTLZHAdubEXM2UBtRl2Cc2JMtlmZlT1C0tULumR_CPi8ThG1Yvxmmy-kyRys4md-HYH8ggHVUf0jrOOMEOt0ITYCL5aSuu2gXTLRI2sV9GkF3c59Qixx7WFY6MfCgmKtBriAsGNctz_hb6NW3Y6RWnfAZBxIC2Wfnx4s5c6CvjSIKVxeoMQe2qBlxoq5jNw-Vz6wZ08q6Zf9-AjPTFhRgrYw4PqR2HMEa
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 26D1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220113&jk=3511165836253204&bg=!W1ilWBzNAAZ_DxPPfw87ACkAdvg8WhFKwypzrII3s83nzUZy9FxB4geGOWtDtsw6KPukKDLRuNGtrAIAAAEoUgAAAANoAQcKAIvxpB8VRvCCUOMhojZgVgHqn6BpbiB1HseDaUXQliZF5MsRQYpC6MDXsdExfTCwiffUUPiHVS7i8IVuZTW6k4q8q4kiDjRWGo3ZmILyMn-NKQlm3b_KQU0Y1J_t2eP9sGJ5Gigj6hYyuNzIqNYz23NqjjLJz9noBTKp9iO24fwJVKOq1X1jmL8GOlSemQLQPGYmDnZHJLkaOo8mleZa504aIiLVOE6qsIdNmZpJg3y6C5D5SE6jcLArMsYDK5uYa_yXdUzvt2_4Fs8mvvc__Y-_fBOyOgzJJ8NbV8jE0oNKQBJJ-0zOpxiVvzD19JmDvBJOE87wkUwhhDb0PjZtqNYSwcGXZ16uq_8UD9xjQNntV4xw3SgqFiycDKKXashxXKuczcuelGjJGABjSctkssdD0CXJ1z6sUxUeAFFvtcEVjGF0vFhZUXAohqFBZS6iiwvvA3EmvLUrRXQVEiFxxtzR6Eg8eTOQd6BeHAjSslKFWGA-mqd4mJZwXfP7ag6zfA4A3g5Drl4SvVJkmh4oGOVUxSaMGmtgM-Sn9hTpReAEDB7mvPkTVhwLIKmK1TJ96ratM03YwDlqvienbBPSo-BfeEXgUeqUNvw1RMgWpXrSZGsegUfFGrrxEHfC7g9QddvpEV8P4LiEcWUw4f6piE7XZ2q-eoip9sumM1Z-lIZ60hxMSLIqKv1grylB98x2-7cFIfYGBL15TuAfS7onc4KOBDouOWMQI4pvZ7MZplB3vUzBCjTSsyruPXvzpeoUp2D5gmwhBjr1ohGk1eLRvZTawQ29hfbVbVtLXXjB8IEd7ml1D3PXcM4W_897vOhnjRj815lAKGSMWD7jLxTUKgrdKgN-rDccdb-kPfelSasfmC6eC7xPA9Wo9aos2C6O9NK-JI6eUqpIJ_v3tMm-mUNB2EocsPFRTkWuSH8G4hfDwoB6ZdBx5QubBgY6Vt5P-YQDCmxa_ffNfNdGPt3tUr8dNgxhjastYiuoGL83sqMooCB25LD_8fM7S1D2IPmn52ZVuUsKd21SJ8lnc8hkvfmziaMW8JxdQ0iEOEzBo_shEN5j8rQvTKPfx5gtnEZsTIKz9qfxsAj_adXj20yJe3C3tE3HF4fHZbqnKECiG49YrutCMmJZ64DLhNtVSLcF
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD50 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220113&jk=2756738487838263&bg=!PT6lPnrNAAZ_DxPPfw87ACkAdvg8WgadcAi0tTkB5FxKGpDAga7MEoVkWysfvmEUs58zHMU1UpmImwIAAADqUgAAAAhoAQeZAtZiPaSc62m6uwalPlLpyoL91wXwyj6SNDCFWE2k1E0TsCfhJnIIWHasUcoaMrqkSb_oxjmL6fLGJTyAejdq8hjua-Gw93oJePJG9n6g_gfAZndiKJHqdKAd9lGI6we2S60PIfXxt-vZe3IyhmJL1lnl8ZhHstL38Nvrt997_YKhHqH8KTfjEOZ6yfimJP83fpkEBsr6IjxE2lDJYhSZrLw1V5EOqFKim08ArswwKMEqJpbPWNsLKGzAAXwsVtwM24_mjCSCkZzEpxzGS9YlMIHCY8mJ1L9hl_9-b5Qit9nsaFGcZXXT-qM999z1_c0N_nO-bMOvTi3UOkPt_p-sCK7QNZGV3ALf8xeAz8FeqJ9xnjWWcA04m-c8kpGFd3aOV8btHcdT6V2ggZDs7XAuMgJ8nQBQIFONy5M_ciYVB91rBHUx2Cj9zK66zgWsW9tRJZ2-kQD-npKGt7tMmzyeG3K1z599EW2GAOO2uvcUQoR_NCQbEfoVCtWoO4BRzgxKNM-LGaPOJ0MIbF2CubfTHh14J3a8mBt64W53bBiaNN9aIdmMtViiaH7sCFAS0LGgvNFJ60Kiw_7jCMy8TBJba7pPvhV6zfWm1Tf5Wit6Gq5GRmlbintcZX8bWPaQu5HIsDzooJZkUjKzocKbNxKsp6eE04oC8hjQM5712tQUomi8GJvzbJaKkHTZwTLhmCd9zcv4nVsJfCpG8L9mZR2FwVuoGIkmo41EajSSVGMLlVAzYRWI84l4sK-cZWZCN6zBKhcShX-DO6gyH1rx6kOpIvJc7wP_p2ZrAGaCo3LaviUxi653USwP18XweEiQbmf5zYb4VaHJJPgkmGjjioGfnkvmXEdkcFQd2EU2Y8J_a3pDuPNI5qticndeqJIfIwjuV642nUJDqcWF9Yr5ZNVEz-QrknMG5v7GLUImuVuvp8R5hi3wX-46K6p9ZgyzbWDZk0klWFy5mXI
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame D2DD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 41C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220113&jk=1923946505788128&rc=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
AVmanager.js
player.aniview.com/script/6.1/ Frame 01EA 		347 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:e300:18e::2c79 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e9126e8b93d347b328196191cea7e2663506a0e66db75bc82b40afdd297af463

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduRYbcQ3Yz-1rUAMH8LrrptjVy2fm4I6akRieIzKtKK3vL1zsu-yRkIk4ez7S2chRjvcGwczHPNK6cKorK0fLU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99177
last-modified
Sun, 16 Jan 2022 15:13:51 GMT
server
UploadServer
etag
"a539e2b6a9077713b540f13033f629a5"
vary
Accept-Encoding
x-goog-hash
crc32c=GYzRHA==, md5=pTnitqkHdxO1QPEwM/YppQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642346031448105
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99177
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 19 Jan 2022 07:35:29 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&d36=6.1.2.98&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5e5bd1f528a0610dd725f7d8&stagid=&stplid=&e=inventory&vi=100&cb=1642577429363
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&d36=6.1.2.98&responsive=1&sver=1&avtoken=429363&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1642577429392
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.20.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-20-60.compute-1.amazonaws.com
Software
/
Resource Hash
eca06d059c5cb0322ce77c8bf02d2df5aa54e2c7bc5f03130e79e3b6a8cd4907

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Fri, 07 Jan 2022 17:43:49 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8B74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CYzxeE77nYYSxM9eFwuIPyfaG8AiN1LnxZ9nM7ob-DtSEu_uaAhABIO_2kCFgleKQgqAHoAHJ8pLGA8gBAqkCEvDcqCL-sj6oAwGqBOkBT9BK9TjrqrGvB4YHq3Yv3scSlU7fpx-4FWiuxm5mjxA6Nt72GnzKoZ0NeqcMch5yIJiBFsV5me_BhkyFKriI3xrVcBoRSw22JyGNc5ij5wNaXan46Mekuly8Je0DGScCtEwYzIUZGcd09sH_vttXHi01qEzUF438Tnf1eYcnLFO5HD5fv_804o_Zrv4F52eoNkjEA9rzO3YlKss-BWQAG8_j1UUGAnoBOr9f4JRgi8ZVFwMArkNMcecXw1MPv2KVbrp-YqRzHtRVsfk0ILOfMsF1w7-1LLcjr_eCtX80wPdvJR29kXWjDcnABKmZ7MOoA6AGAoAHn43tOagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAdIICQiA4YBwEAEYHbEJhX9tCf4z_SeACgOYCwHICwG4DAHYEwPQFQGYFgGAFwE&sigh=rui_xNFAvp0&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031635&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1642577427573&bpp=15&bdt=81&idt=213&shv=r20220113&mjsv=m202201120101&ptt=5&saldr=sa&cookie=ID%3D23c11256663646c0%3AT%3D1642577424%3AS%3DALNI_MbJWEEhOebhqEn6Np4ik0okPs260g&correlator=3187202617341&frm=23&ife=4&pv=2&ga_vid=1791891534.1642577425&ga_sid=1642577428&ga_hid=911353647&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3077564268&scr_x=0&scr_y=0&eid=44753740%2C31064115&oid=2&pvsid=996414976874094&pem=827&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1yoai7h42v2o&fsb=1&dtd=233
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 19 Jan 2022 07:30:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8B74 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbZSJXq4ZGU2h4IsFjx3NC4nR_rO5AeY45-G3NIZIUhIlvBFkCluwYjQPFEXnD-S0a4X9VzHbiD7yqwbI_RfXwZodyBy7YhzKbmVDMlcaTpSL99IXq3fei0uFper1OxoNOlJIT0s_yduVH0g&sai=AMfl-YR58oZvCuIXaV1CIRaNmqCRre-8_Sa2aHmwfPSFgYI0N3Qcrm2mAtMuficqDdBInz43DYCqo_Axoq8NCy1lLPY5793X_p8y3a6gSckxzRcJseZCd2qlu0SZbck&sig=Cg0ArKJSzIgflSX7AV0BEAE&cid=CAASPeRoUqVZ5JES6_AmVNERyJiac4dN0Necxq_XrUsbiLSG7eM2EpRkv7isu-DAlXCwod31FEpjZ5mV2HM--lk&id=lidar2&mcvt=1019&p=0,0,90,728&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1213354831&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&pay=1&rst=1642577427808&rpt=573&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.195.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-195-144.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A732 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqgXwh8Y_eYW9unuEguQFCp3pwdkBoMreh56XEXhkee9qnjMCZgfxSx90nVuVujtpPP0LlWsLf1LLeD5ApwkL8tSr59IFS5ByicAGFZZGmcRanwkLw&sig=Cg0ArKJSzGcC1d_lTIDTEAE&id=lidar2&mcvt=1005&p=47,560,137,1288&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220112&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3337616149&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642577427492&rpt=906&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame D2DD 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E215 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220113&jk=1923946505788128&bg=!Tk2lTQnNAAZ_DxPPfw87ACkAdvg8WtrudZoHnPhSR95u1i1kMqIjQOKubNAd_LzRnfFaBJJ8xoF_gQIAAACEUgAAAAJoAQeZAuaTSQq3S2PbfLOP0fd9O2yMCHgiPbnsCgWGX2d0oEz4KHaQxvijbpYsPRnVNBUYd72Z3DhnlJir6kLb7Q1YBVzWdUy5r6V2YnbZ1HuVD73YiOhXeGZ5MCsvYTsaocbcY9c0jHonWoLtUcDGoe3GY5Ed6oZB7a-_DiOnTJGHpHiYK_qj3qCCR0k29aTGp0QPekTU7jvcTViFJtYD7ML2yaTCOcOqLUa_n389NrpWonD7yJCcHWSuwWXQdu-_j4ILz7Ozeu7gMTbhFGoWGaj5M52auCLPYfMgNuUmRIhr1NmYbHLLMPGSuT-540RvUx--zTLKeU4vvWQkpl4HL1HthOJECPdCbdW-d7mIwOpp72jOaq3iS7lm0wlk-hwd0lOJuZEiy_I1PU_Ujd8lWTRJcSfohMmQuz9fJVVYlKXZFintvKCxJZz3vfiz52A230Q3DQ3NlRdxHTFFuxsz1Qv36LgGDHlhd6khPf3WdOjuoAZGQLRKoph_A2xwd-zWq08bQ4o4vHep2KHQNSvyUvNLWSQ15XzVOd9Vpzi24rXXQBQ3MzQNeA-EEr9D2q2hMl00qR2Tah5ssf8v0U271JsSAQhN_UWXBpVZE0LvVWlQsvkvb6dcZ5wUvwxh2i8e-BTQbhbRh0nprRRH8DMpkFub4rgDuaCouOuf5JknNanBdULltcE9S33F1S1aGVBh4tzI5SAgsc0T3sKPzLMXZUnSMIJyGwe4QadBi-txg4qnBYiBIZvdsKsWlPVc6szqwBM7ASkEtiaPVWnwcc_DjwHSkBNKLvAFPB40qzR2vpVd-p_hE73IOLKTGwMMZFSnurk9MiiXWT5-riE7aOyr6bk0jHAyrSDb7AR5Efxk3lYsOg1eIIF4MpPGW6raBSV8VbROQ-zQRGfc5xSD9Kpo0akU-nMpw6QCjCS32CzY37iLdnFJAnGRLAuOnqOe22yvrWVTwhZWnxLkjtp8SLnHs7MPnZKW01y7LKSf
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12625721318002229286/r25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
like.php
www.facebook.com/v2.0/plugins/ Frame 11A5 		48 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc8f28eaec6578%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1b5c58034d716%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fseasons_greetings%2Fwishes%2Fwarmest_wishes_on_season.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0982d0b9e56028862da572646d0bdb17
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8066f10ff6bf1fc8488e57846afb3059f476aa04cc64fa4c27a3a621cc0cfb7b
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v5.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
G2Gnqb8s4c6EfNoqhDPo0PBLHIdqtm/gFsmjW5F4dQN3nT/bzY1iG7E3b+/TzZd3bgPU/VdpmNMYisrOq7mRJA==
date
Wed, 19 Jan 2022 07:30:29 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
sodar
pagead2.googlesyndication.com/getconfig/ 		12 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220113&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
015253c84018c887328a1fd49e57706ef1181a5e3bb05ed6674ed286247ddb4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8968
x-xss-protection
0
cookiesyncendpoint
sync.aniview.com/ Frame 6AE6
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642577429653-918497249424-005525-002-000922%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1642577429653-918497249424-005525-002-000922%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1642577429653-918497249424-005525-002-000922&biddername=55&key=3315064801658763602
0
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1642577429653-918497249424-005525-002-000922&biddername=55&key=3315064801658763602
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.85.173 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

date
Wed, 19 Jan 2022 07:30:30 GMT
content-length
0

Redirect headers

Server
nginx/1.17.9
Date
Wed, 19 Jan 2022 07:30:29 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1642577429653-918497249424-005525-002-000922&biddername=55&key=3315064801658763602
AN-X-Request-Uuid
e178aa52-e3c4-4aaf-a13c-9630c9513fa7
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
merge
ce.lijit.com/ Frame 6FD4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=364161&3pid=1642577429653-918497249424-005525-002-000922&us_privacy=1---&gdpr=1&gdpr_consent=&location=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1642577429653-918497249424-005525-002-000922%26biddername%3D18%26key%3D%5BSOVRNID%5D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

Server
nginx
Date
Wed, 19 Jan 2022 07:30:29 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap3ams1
avpb3.js
player.aniview.com/script/6.1/ Frame 01EA 		314 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:e300:18e::2c79 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
28dd5351e2aa52056b10d3f771c4a60fe54d1968e7f9b620c5a4183a204a8c6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvcsEPOZOWn7mnV1kCqpH0NOXjBcUPSiJMfVpk7osAE5YMk5BEdOdyGwimmhL29NNWMuSvPfO3MBKaxOQeWcTM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
99493
last-modified
Sun, 16 Jan 2022 15:12:35 GMT
server
UploadServer
etag
"30bbe5f0e6bafe9f80485d4ce2024086"
vary
Accept-Encoding
x-goog-hash
crc32c=XUJX7Q==, md5=MLvl8Oa6/p+ASF1M4gJAhg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1642345955262662
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
99493
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 19 Jan 2022 07:35:29 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25&us_privacy=1---&cbb=2577429726&imp_id=fa1c544b-5918-4e30-8565-3c270deba60e
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 07:30:29 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bd5528c1-9a1f-4e0f-8176-832acaa227f0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=65911&t=1642577429&cip=185.213.155.162&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1642577429653-918497249424-005525-002-000922&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.98&cb=94945011291&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1642577429731&asid=6102687900a33569ec0d3097%2C5e9030afdc817965520eb855%2C6114f48c04b3691b08691b7c%2C6114f476dd0eb2621e735342%2C61b8c92ba5ebc972525ad694%2C61d6db213970457c513c96a4%2C61d572931e0dde05961caa34%2C61acd595e2e53b05166c911a%2C61acd61c22fdc8661860c732%2C61ac9eb382a28533147064e7%2C61ac9f41cfdd73594c3b27b8&ofpr=%2C%2C1.24%2C0.74%2C0.31%2C0.13%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201120101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 19 Jan 2022 07:30:29 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.225.48 -, , ASN (),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
94527ee306d38c3adc5f8257ddf372ea2ffc64c79917a50a45520a53eba7f9e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 07:30:29 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
db98adec-60d7-48de-a392-71f120920d05
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/243674/0/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/243674/0/mvo?z=1r&hbv=5.20,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
pragma
no-cache
date
Wed, 19 Jan 2022 07:30:29 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ 		36 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2271d031c76aca14%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12625721318002229286%2Fr25%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2285d590f987784c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B400%2C225%5D%5D%2C%22w%22%3A400%2C%22h%22%3A225%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.74%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.0.33.234 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-0-33-234.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fb0959589e8a2779e5c1db506c7a0cf76875e0279f3db7960210198dc11b8ae0

Request headers

Referer
https://www.123greetings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:29 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[185.213.155.162], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Wed, 19 Jan 2022 07:30:29 GMT
OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 11A5 		400 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc8f28eaec6578%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1b5c58034d716%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fseasons_greetings%2Fwishes%2Fwarmest_wishes_on_season.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
400
x-fb-rlafr
0
x-fb-debug
QhUVMw73ZdIgnpwuyW0J3VGXgTRCexykk+AdFrWWktTXT+cx116oXmXIr8iEOVXDFjcMVxaYinc1uT7cHn2c8w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Jan 2023 00:25:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F8F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 19 Jan 2022 07:28:11 GMT
expires
Thu, 19 Jan 2023 07:28:11 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
138
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame CC46 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ef927bcc3e0039144d908cfd4f9490b9364c6afc6104416f1cfb45442bfc039b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GriOs4Amo3xKlzLki/hvWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 19 Jan 2022 07:30:29 GMT
date
Wed, 19 Jan 2022 07:30:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-GriOs4Amo3xKlzLki/hvWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1jFFo6R_tol.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yd/l/en_US/ Frame 11A5 		518 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yd/l/en_US/1jFFo6R_tol.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc8f28eaec6578%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1b5c58034d716%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fseasons_greetings%2Fwishes%2Fwarmest_wishes_on_season.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
14253a4fbb7ac2a582e69e9ab5587dce3300024a1427b98cdaeee6104323898e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ACkikymBeYoadHwKTfqKJA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
138512
x-fb-rlafr
0
x-fb-debug
KB7IlDYuc3KTiSq9k3QTnRSlqQyd/eNxMVUT1LmQ5zPaFfI8Hc4cIZV9bbTQEgoPOhcE8z6lOcvPYvLOmtb6bQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Jan 2023 18:18:39 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 11A5 		67 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1642577429820&t_start=1642577429821&t_domcontent=1642577429824&t_layout=1642577429841&t_onload=1642577429841&t_paint=1642577429841&t_creport=1642577429841&t_tti=1642577429824&lid=7054816340762037773-0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc8f28eaec6578%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1b5c58034d716%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fseasons_greetings%2Fwishes%2Fwarmest_wishes_on_season.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection
0
pragma
no-cache
x-fb-debug
8YObOrRjKQc/59AeKPtCauNiiI62yxL6W+yYW6CGr4/b58a1wSBJkv9dv4W5Z3Iw+F2DDIhNoKWmQuY5vXDm7A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 19 Jan 2022 07:30:29 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
pagead2.googlesyndication.com/bg/ Frame 8F8F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VYSAmqkCqqI2p1vG7N0EZhME2mSBj47Ds8I6nIhDmP4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:19:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13526
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 07:19:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CC46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220113&jk=3896086241270521&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8F8F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?j5DCgw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=65911&t=1642577429&cip=185.213.155.162&sn=&tgt=0&osv=10&bv=97.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1642577429653-918497249424-005525-002-000922&cha=0.7&stagid=&stplid=&d35=&d36=6.1.2.98&cb=94945011291&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1642577430051&asid=6102687900a33569ec0d3097%2C61d572931e0dde05961caa34%2C61acd595e2e53b05166c911a%2C61acd61c22fdc8661860c732%2C61ac9eb382a28533147064e7%2C61ac9f41cfdd73594c3b27b8&ofpr=%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.16.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-16-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220113&jk=3896086241270521&bg=!-vml-b3NAAZ_DxPPfw87ACkAdvg8WpXkID_PSl7sB4CeWbRucwXQmi9KxM6r1QyTFJRFauAKD9JCIwIAAABsUgAAAARoAQeZAtEN7Lvuz7LPUQ3sSfy4kkSSrqttF5sqQSTrQm-SPkR9vlVGUst0NyqQ2LR239RJfWB230UKKpiWUeE294hD0KcsCs3iBzKKWqCkXwSQQzCd3oS1lGiYZeE35kFSxS2l99XTWB9jwCoReFWbHbLcbv8HdcbwsWztwHtaTc2LeTCm_WPkFo4tPDlFAWTxP-Ch4Ydu4ALTSUQuOcAd7rMPhUc5zMrhJCj3o2CHUGPLEj3zh_xMzJDb2TNDBZ9NultWJY3UcUbh0GdWo3mYVjvTXTirWAekhStUGHsWbU4LIZHa3WH1vmU3aJjBTNP0jvys2ssprIPtGZn0a0Q25J4OfEKOUUlTrnROK2WetB3EQdWk49zbk0hvf9wH4QELcN2NnzsJcS6Nf3BLc_3kCUFZ14A6PbPKdE1IASPWrdEHvmxU0S6gwRfh0HUcGsaKk2hJex7oD4PoWCw-LSUdGmfu2ZF6MX3K-IF861N-Y75s_MmwqzSvQRD6ruYevBroU7ByXca1dQsw7fPGLW7ruXUVfArBucEAytNpB9H5H33Fp8Ey9Rp_hTZciyhT51zplDpbB8TB4Ja6OyrQFBo1OwFOxnGRqmG-UXcM0aP-YpaNtid1OeXwTrV-uWR17N4GeKlIxYqyHGLZ5SrHDXMesbBQSjir7FTx1zOABgsmlHetThYZqxPbQxNgecCpjpTncc1LXOswDi0l5Ts0BhkxAmKp8k1EmYL-DLA1ID2X7DwwoCy0XDwpUbWxrUPdGAxZXqPF8Q5boBwSBiEW2M9uolrkb5c5ATdcOcqe61rJLoJFyy6Wy-OpSrcfXGpRlRORelo_qIusrAQ1UZCcanR8Q4sozsru9MkhRU48Z0kSMh7HzJfve8EbiAewhhCYCET1jYXcH9zNDuxvRic8T6HxKpJSs3qDXojr5K18HIDANCJE3ZvkPciysED31chCanTB8ZZp_TTW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 01EA 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127290
x-xss-protection
0
expires
Wed, 19 Jan 2022 07:30:30 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 80AF 		601 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
343941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 01EA 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jan 2022 07:30:30 GMT
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame D82C 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
343941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame 5D39 		601 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
343941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame E42F 		601 KB
195 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
343941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.495.1_en.html
imasdk.googleapis.com/js/core/ Frame FAA7 		601 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.495.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
199798
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 15 Jan 2022 07:58:09 GMT
expires
Sun, 15 Jan 2023 07:58:09 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 10 Jan 2022 19:32:44 GMT
content-type
text/html
age
343941
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ Frame 01EA 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 19 Jan 2022 07:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2FB4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.185 -, , ASN (),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 20 Jan 2022 07:30:32 GMT
Date
Wed, 19 Jan 2022 07:30:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2C40 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Wed, 19 Jan 2022 07:30:30 GMT
Connection
keep-alive
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=Yee_FgAGsd-y3wAF&_origin=0&gdpr=0&gdpr_consent=&_test=Yee_FgAGsd-y3wAF
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=Yee_FgAGsd-y3wAF&_origin=0&gdpr=0&gdpr_consent=&_test=Yee_FgAGsd-y3wAF&apid=UPae352192-78f9-11ec-b336-06608ab9860a
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=Yee_FgAGsd-y3wAF&_origin=0&gdpr=0&gdpr_consent=&_test=Yee_FgAGsd-y3wAF&apid=UPae352192-78f9-11ec-b336-06608ab9860a
Protocol
H2
Server
3.126.56.137 -, , ASN (),
Reverse DNS
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:30 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=Yee_FgAGsd-y3wAF&_origin=0&gdpr=0&gdpr_consent=&_test=Yee_FgAGsd-y3wAF&apid=UPae352192-78f9-11ec-b336-06608ab9860a
date
Wed, 19 Jan 2022 07:30:30 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=e2659c32-27f2-4cfe-8b7f-cab832ee0279&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=e2659c32-27f2-4cfe-8b7f-cab832ee0279&_origin=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.126.56.137 -, , ASN (),
Reverse DNS
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:30:30 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 07:30:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=e2659c32-27f2-4cfe-8b7f-cab832ee0279&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPae352192-78f9-11ec-b336-06608ab9860a
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPae352192-78f9-11ec-b336-06608ab9860a&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBhZTM1MjE5Mi03OGY5LTExZWMtYjMzNi0wNjYwOGFiOTg2MGE%3D
0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E55D 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 08:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4F84 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 08:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FD52 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 08:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4BB8 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 08:00:17 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F5B9 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 07:00:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 19 Jan 2022 08:00:17 GMT
async_usersync
ib.adnxs.com/ Frame 2FB4 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 19 Jan 2022 07:30:30 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ca57f61e-fa54-4727-b054-4016444e5fd9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C036
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
668e0507fb36989daed37b145b97e3605feda868e8bb8849a1bf6ca3e82aebd0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|39|230|81|156|47|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Wed, 19 Jan 2022 07:30:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 19 Jan 2022 07:30:30 GMT
Content-Length
1662
Connection
keep-alive

Redirect headers

Server
Apache
Content-Length
343
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 19 Jan 2022 07:30:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 19 Jan 2022 07:30:30 GMT
Connection
keep-alive
rrum
dsum-sec.casalemedia.com/ Frame C036 		0
0
dcm
s.amazon-adsystem.com/ Frame C036 		0
0
casale
match.adsrvr.org/track/cmf/ Frame C036 		0
0
pixel
cm.g.doubleclick.net/ Frame C036 		0
0
p-Z8PuJEk6U7Hyq.gif
pixel.quantserve.com/pixel/ Frame C036 		0
0
cookiesync
bttrack.com/pixel/ Frame C036 		0
0
ping_match.gif
pm.w55c.net/ Frame C036 		0
0
bridge
cm.adgrx.com/ Frame C036 		0
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame C036 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?Yee.Fh24x8VUrjJWXiPRMwAA%261133
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Wed, 19 Jan 2022 07:30:30 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1155
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Wed, 19 Jan 2022 07:49:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?yS3MYg
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?T7vjnA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBhZTM1MjE5Mi03OGY5LTExZWMtYjMzNi0wNjYwOGFiOTg2MGE%3D
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Yee-Fh24x8VUrjJWXiPRMwAABG0AAAIB
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Yee-Fh24x8VUrjJWXiPRMwAABG0AAAIB&gdpr_consent=&us_privacy=&gdpr=1
Domain
pixel.quantserve.com
URL
https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
Domain
bttrack.com
URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Domain
pm.w55c.net
URL
https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1

Verdicts & Comments Add Verdict or Comment

478 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 function| $ function| jQuery object| swfobject number| showmore_time number| showmore_time1 object| pos_arr number| start_x string| user_server_IP object| aImages string| base_url string| base_url_new string| loginpop_url boolean| tellafrnd_flag string| cardcustommusic object| extraopts string| studio_mus string| logged_in_id string| logged_in_email string| logged_in_name function| checkEmail_site function| setCookie function| getCookie function| setSessCokieNew function| getSessCokieNew function| getCardType function| isIE function| detectIE object| googletag function| NewDFPADCode function| PreRollAd function| embed_flash function| load_json function| loadTopNav function| showMore function| closeMore function| clearCloseMore function| showMore1 function| closeMore1 function| clearCloseMore1 object| CardRating function| showViews function| showSent object| CardRelevency object| CardTags function| Tab123 function| blankOnFocus number| nl_timer object| nl_vars function| nl_email_validate function| nl_setTypo function| preload function| addthis_click function| showSearchTagClouds_New function| showSearchTagClouds function| showCardsTagClouds function| showCardsTagClouds_new function| showYouTubeCard function| embedswf_swfobject function| show_embed function| makeCopy function| setCookie_new function| showPreview_new function| showQuickSend function| quick_send function| LoadMusic_New function| changeAudioMusic undefined| v_api undefined| a_api function| Load_Video_Card function| video_callback function| Remove_Video_Card function| Remove_Audio_Card function| changeMusic boolean| mopTipFlag boolean| openMopTip undefined| mopTipW undefined| mopTipH string| mopTipID object| mopTipFunc undefined| mopTipPin undefined| mopTipContent number| mopTipTime object| contact_arr object| contact_email_arr number| is_photocard function| showHideComments function| sendFeedback function| unescapeHtml function| get_evcal function| set_evcal function| setUserPref function| getUserPref function| setSessCokie function| getSessCokie function| addCommas function| selectMusic string| mus_vol function| PlayMusic function| StopMusic function| SetMusic function| GetMusic function| showcard_takeover function| shareFriends_init function| showFriendsAddr function| showLoginBar function| showLoginSignupPopup function| loadConfigData function| SetAsBookmark function| showHPCustomBlocks function| getUsrCountry function| loadCustomMusic_Studio function| LoadHeaderMenu function| socialMediaShowHide function| ShowMantle function| getCookieConsent function| showSpecialExitAd function| CheckAD_Blocker function| Show_Animation function| ShowSearchAutoCom function| getInternetExplorerVersion number| start_y number| startx number| starty string| scroller_html function| callOnPageLoad function| showBookmark function| clearCloseMore_new1 function| closeMore_new1 function| showMore_new1 function| clearCloseMore_new function| closeMore_new function| showMore_new function| showNavPanel function| showMoreCardsHP function| Tab123_New object| timer function| NLSubscribe function| HP_scroller function| QuickSendHP string| sort_op function| FAQ_validate function| showCardno function| showPaging function| showResults function| sortMembers function| printCard function| print_init function| FCP_Sender_Block function| showThankBlock function| showThankBlock_Popup function| showSendAnotherCard function| showSendAnotherCard_Popup function| DoAfterVideo function| buildFullFCP function| ShowFCPThankCard function| ThumbCarousel function| buildThankPage function| Track_Thank_Scroller function| Thank_Scroller function| Show_Thumbs function| Show_Icons function| showFCPQuickSend function| showFCPQuickSend_New function| getPlugins function| v function| w function| smus function| tmus function| play function| LoadMusic function| LoadMultipleMusic object| a object| b object| c object| d object| f object| g object| h number| player string| defaultmus string| agt boolean| ie boolean| win object| mt string| nse string| p string| n object| email_uid function| showBoxContent function| getHappyBirthdaySubCat function| getAnniversarySubCatNew function| getHappyBirthdaySubCatNew function| showCardData function| showPreviewCardData function| showFbUserData function| checkDate function| fillDay function| fillMonth function| fillYear function| fillFullDay function| fillFullMonth function| getStatusCodes function| Show_Contact function| Add_Contact function| Edit_Contact function| Delete_Contact function| Import_Contact function| Do_Signup function| Do_Login function| Do_Logout function| Do_ForgotPwd function| Check_Login function| Validate_Login function| SetTypoVal function| Validate_Signup function| Validate_Newpwd object| allcontacts_arr object| allfriends_arr object| allpendingfrnd object| allmutualfriends object| all_imcontacts object| all_friendsactivity object| all_myactivity object| all_artists object| connect_data function| Show_Allcontacts function| Show_Allfriends function| Show_Pending_Frnd function| Show_MyFriends function| Show_MutualFriends function| Show_MyActivity_New function| Show_FriendsActivity_New function| Add_NewContact function| Edit_NewContact function| Edit_RemiderContact function| Delete_NewContact function| Delete_ContactNew function| Pending_FrndReq function| Pending_FrndReq1 function| Get_MutualFrnd function| Confirm_Email function| Confirm_Email_MyPage function| ChangePic function| ChangePicMyPage function| ImportContact object| filterArr function| Filter_Contact object| all_birthdays function| Show_Birthdays function| getFullDate object| all_reminders function| ShowReminder function| ShowReminderPrint function| SaveBdayReminder function| SaveAnnivReminder function| getSelectionText function| selectElementText function| copySelectionText function| AddtoSendCard object| eventids object| allevents_arr object| addevents_ids object| delevents_ids object| delidsarr boolean| isMyEventsCalled function| events_init function| events_init_mypage function| getMyEvents function| Show_MyEvents function| Filter_Event function| Add_Event function| Delete_Event function| SaveEventReminder function| Show_Artists function| Delete_Artist function| Follow_Artist function| Follow_Artist_Mypage function| Show_FollowArtist function| ChangeTemplate function| SetPreview function| ShowFriendList function| AddFriendManually function| fillTime function| fillHours function| fillMinutes function| SetHiddenVars function| AddCalendar function| ShowInviteeInfo function| DeleteInvite function| SetJoiningOpt function| SaveRespond function| SaveInvite function| Validate_AcctSettings function| Validate_AcctSettings_MyPage function| AddNewFamilyMemberRow function| Validate_FamilyMember_MyPage function| SetTypoValFamilyMemberMyPage function| Validate_MarriedFamilyMember_MyPage function| SetTypoValMarriedFamilyMemberMyPage function| AddNewFriend function| Validate_NewFriend_MyPage function| Validate_Event_Reminder function| Validate_ProfileSettings function| AddNewFamilyMemberRowSettings function| AddNewMarriedFamilyMemberRowSettings function| Validate_FamilyMember_SettingPage function| SetTypoValMarriedFamilyMemberSettingsPage function| Validate_AddReminder_Manually function| Add_New_Reminder function| Validate_Manual_Contact function| SetTypoValManualContact function| init_scheduled_card function| Validate_AddReminder_Logout function| Validate_AddReminder_Login function| Validate_AddFriendsReminder_Logout function| Validate_AddFriendsReminder_Login function| Validate_ChangeMindReminder_Logout function| scrollToAnchor function| dropDownMonthDayChanged object| track_dataarr_received function| callAjaxMyPage function| SaveNewPassword function| SaveBdaySettings function| SaveAnniversarySettings function| SaveEventSettings function| SaveFollowUpdatesSettings function| SavePrivacySettings function| SaveNewEmailAddress function| ResendEmailVerification function| RemoveSecondaryEmail function| UpdatePrimaryCommEmail function| SaveFBConnectSettings function| Do_Blockuser function| Show_Paging function| Show_Paging_New function| DoExtra function| ConnectBlocks_in123g function| CallPlugin_api function| connect_blocks function| Show_ImportfrmCookie function| Show_EmptyAddrBook function| Show_PendingFrndReq function| TimestamptoDays function| showDateTxt function| Show_Thank_DeliveryDtl function| showContactsInvites object| bubble_data function| getServPath function| getCrossDomainMsgPost function| showNotificationCounts function| connectNotification_init object| sendCardData object| recvCardData undefined| sendCardDataCount undefined| recvCardDataCount function| showRecvdCards function| showSntCards function| showMyecardsSuggessions function| showUpBdays function| showBdayReminder function| showUpEvents function| showEventReminder function| showSuggessions function| ShowEventsCards function| connectWithFacebook function| LinkAuthed function| DelinkFB function| InviteFrnd function| InviteFB_Friends object| jQuery18208158983977994547 object| card_contents string| affId string| cardId string| user_card_no string| cat_q1 string| sub_cat_q1 string| receiver_email_enc object| isPhotoCard boolean| pdf_highlight object| qs_params string| q1_thank number| left object| others_cards string| is_sender object| animation function| unblockCallFunc object| adsbygoogle object| FB function| publish function| publish_pint function| getpdf function| addCalendar string| site_rtn_overlay function| gtag object| dataLayer object| config_data object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| google_llp number| c2 number| c1 number| google_lpabyc object| card_details boolean| isopen boolean| flag object| boxFunc object| top_menu object| tagclouds_cards function| loadQ1Json number| offset number| end object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| list object| details object| more object| generated_time object| cards object| q1_dtl object| music_dtl number| int_more_cards object| $e object| avntsWebpackJsonp number| avnts_player object| avntsQ function| avPlayer object| storageAni object| GoogleGcLKhOms

12 Cookies

Domain/Path Name / Value
www.123greetings.com/ Name: config_data
Value: CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=1
.123greetings.com/ Name: _ga
Value: GA1.2.1791891534.1642577425
.123greetings.com/ Name: _gid
Value: GA1.2.1874489788.1642577425
.123greetings.com/ Name: _gat_gtag_UA_3076315_1
Value: 1
.trkn.us/ Name: barometric[cuid]
Value: cuid_1113db80-e98b-4043-a28d-4be7b8ac31fc
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUl2AVu7s_dpVvHVuPtiADAnpyJisvq9AOoYW9-cXSbceX_jHVL34WT_rEfk
.123greetings.com/ Name: __gads
Value: ID=23c11256663646c0-22465c5123cd00c5:T=1642577424:RT=1642577427:S=ALNI_Mb4XnY0Vi4WX0UNf5dvQwOgKWBBUw
.aniview.com/ Name: aniC
Value: 1642577429653-918497249424-005525-002-000922
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GVQf85+*!]tbP6j2F-XstGt!@D`]$k9UE
.adnxs.com/ Name: icu
Value: ChgIqqx5EAoYASABKAEwlfyejwY4AUABSAEQlfyejwYYAA..
.adnxs.com/ Name: uuid2
Value: 3315064801658763602

2 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4a51ee209efa86b8ac11599fb781d29f.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ads.adaptv.advertising.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
assets.pinterest.com
avm.avantisvideo.com
bttrack.com
c.123g.us
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.avantisvideo.com
cdn1.avantisvideo.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
htlb.casalemedia.com
i.123g.us
ib.adnxs.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.advertising.com
pixel.quantserve.com
play.aniview.com
player.aniview.com
pm.w55c.net
rtb.nl.eu.criteo.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.avantisvideo.com
static.criteo.net
static.xx.fbcdn.net
sync-tm.everesttech.net
sync.aniview.com
tag.1rx.io
tpc.googlesyndication.com
track1.aniview.com
trkn.us
ups.analytics.yahoo.com
v.123g.us
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.123g.us
bttrack.com
cm.adgrx.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
match.adsrvr.org
pixel.quantserve.com
pm.w55c.net
s.amazon-adsystem.com
tpc.googlesyndication.com
142.250.186.130
142.250.186.162
142.250.186.38
15.197.193.217
151.101.2.49
178.250.0.139
178.250.2.148
178.250.2.150
18.208.85.173
184.30.20.185
184.30.20.241
184.72.244.154
185.33.221.13
185.33.221.15
213.19.147.42
23.0.33.234
2600:9000:223e:a000:3:748e:7940:93a1
2600:9000:223f:2e00:8:9ed9:9c40:93a1
2600:9000:2251:5400:1c:38a0:8a40:93a1
2606:4700::6810:135e
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a02:2638:1::11
2a02:2638:1::2
2a02:2638::3
2a02:26f0:1700:785::1931
2a02:26f0:e300:187::2c79
2a02:26f0:e300:18e::2c79
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.56.137
3.217.20.60
3.69.225.48
34.195.16.202
52.59.67.60
54.186.195.144
54.205.137.106
67.27.157.124
67.27.233.252
67.27.235.124
72.251.249.9
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
015253c84018c887328a1fd49e57706ef1181a5e3bb05ed6674ed286247ddb4a
043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da
05f6d30d6ed179a6c4ccf31e6074f1ed7879c51f00a06536996d8738df61ee10
06eaaaa4aa0c3bfb8a0bd6ace6b5be342b88f180c566f26eea53b5f89be339c9
089822305b9af8e8bf8797060fa68e6d18068b4fd7e8938f30b125ab6f61a2b9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0b2b11d728c887a6566abe914066c1b7631f12049c637109a995addcd8466d7c
0b72b40d1f0732b188a3f536854c57ca8460312086725a227a2869153d1b0e18
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c5d8ca625b6b024f51dfe5f0efff5d5e30512bb373897c150fcf8dc691393e0
0c600de3ed9cbbbf7474781f018b51d08a0aaa7b2294070c59d128c859e8d1b9
0ce879cfe7244a0a086ea8a95996d7ac5838d30a9b1cd8e85f045f51c41d0df8
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa
10642cc90634127e5030b161bdae2990b0ae3a376a97b3df56932bf968019a03
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
135b2416bf08d834251f98c72a53ce7a6747c562ec2e05463f06cd500c8e28a7
14253a4fbb7ac2a582e69e9ab5587dce3300024a1427b98cdaeee6104323898e
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cf4785000150c1c8256c6abd68fe3a49d2b862f803a7d31bde5670943d138c5
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1ef8b6292700f2ac20302fb67a9a96ab9466992b072a9886f62d81ee72954b01
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693
273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
28dd5351e2aa52056b10d3f771c4a60fe54d1968e7f9b620c5a4183a204a8c6d
2c51ff8cf60a8b5aa4a6493254d054fa04a684377b2f75dde1dca6118999fa39
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
351195aeda319fcc0796c0aff345990ada8d7e925c7d524d0855bc7c84245bb5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3871f25eed1fca463e93e7ec415f3d0261d2bbd775e2fa277dcebb42d057671c
3d1292177b010b1786177e8cc85bf1b510a598730a5b8ee011e3697e810da6a7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d84cf6d64106537f99397ab19873c07b80cbd708b09e194c8da2940a4addd2d
41f99c5f26f5c73f5b6ebe1d407d71a68e40aa6ddc4888f3b2ac97cb4dccb2b6
425b48211e0ebe795b6ead9ec2f1bcd9e04e9930a7dd30e08cdb2fef0bcb834c
42f9e1454594114ac69809f4d5e48510936150a2384c892228e8685a468bdc82
44bc4a17199ec4f353892cda3cdb02d401ba5fc9562aae091a1bf1f2fbf9151e
455fbb0071232e9d6fa39adf37a0e586a4c2828bc62e13422963f4b1503a78d8
45feae7d6f805f7383bfcae8655c37ad58107b07683cffb66ed1ee7dc7acda10
466e099bcc6114756da0169e0ba10e5a6a29e6ef07ec9c3f43458511ad84e4b5
49b6e9ae0749149345ed59822128234c3aa026288c98c5f829f4194dbcec432e
4a93a248fbb0020232b9e6832021c2fc5a8fb494b258182bc77ed4109620fd5a
4adcc15753ff8901c2b9545b2243c482e74bb4a3680ca97b21fca4b0e23c64f9
4bfa2fcd81f57fd26e761cfe7c11b723c739dfc1237fdf7859331a0f7e6e8d33
4c422a15470556b1a9bf6cefc9fd2c65d9b22c483195a4d985317a2efaff499c
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e012a3b95a44b7627384b790fa49ef64906299f7d1c0ca2bd2e643c100eba2f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
510c95d2386973b9c22d981fbb93d0ed9c1146f3be6888b45edb1c2d2f91f05e
5294861688392fb55c44216d8700a2362a2bc809a9576a8ffc352a72a44f04d7
5584809aa902aaa236a75bc6ecdd04661304da64818f8ec3b3c23a9c884398fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578bd7cdca280e0bcfd6d869ae001f3eee41ccc538655793607f9d26daf40b42
587432ffed01dcaf5b9be44753e73c3b054e9de9a079fae0869bb3e907861c09
5b7312c8fda8fc5a7ab55d89da51d97cbb4044165db41eb36e39acc371c1af06
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e0758de83ed53a655b1a5ed1bcd2239da41edff35d438154cd444d545ea1f02
60b84d53020bb641f4f517e58d7ce3f2e47bbb078b05b761706c3d1d23a042ab
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
64d4dd6a3fe50413d80f98d5c2aa5a6eb55cbc6c22346cd69d03caa9ec512d32
65b8e9e22d22eab677b4e151d77b71c1e737d45308f835f9c4113eab1b4c42a6
668cd3b7df924975bfb814bd9509dd46c8c71229dd355aa1f8400619113cbf30
668e0507fb36989daed37b145b97e3605feda868e8bb8849a1bf6ca3e82aebd0
688c2f272b15f5466e45e1a5e93871d231eee9d1d8899f3573948176b96ac6ab
68c52ed14a891a2b39e90f6a6f17a204c548012e64eb693451942b76a69ec00f
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b
69781eb4af75af316c4fa7c65234290ca1159f82d86ea732c2abe28a5916dea1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f98e7ba1103510609262a70374571c1be735154b5d8121758508fcf8ec757c6
71ddf87a3a74886f8be847d075e68de4874c061e97192e3b7cf721fae27f2864
71de12712521c56d29ad6ed1174d233e948907276d3db355290367027e166054
74f13681845f836d18c360c4d2f885f560c72efc93122154df4e134ec24a6e0b
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
78f8498375316fc4cc548d4d318c82d401baac94641f9b7a35c3fc04f18dea0a
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7c79cf644e562ab7e3864667eccd108b88625486a76e71c208be8b7d5fee028d
7cbb28d68036f8527b38d1597c8172789ffeeee4d6cdee3f0c6345b842a6ee68
7ea6d10341205c9cc0f7bfd2ab762b2f629cb8aed940d60fba770b0aa71528f9
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8066f10ff6bf1fc8488e57846afb3059f476aa04cc64fa4c27a3a621cc0cfb7b
82bd02cee2c77b75a28a94f51c1163035315c09ef8eafe6fa5f79f35b97424e5
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
84671abe796aa5664efd3a2f4cf291d202d1796f9a1f2ab6d304db6d1c5a6f4e
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb
89a6f9d65f3250723bfe68dd93b8ab7014876f6ce7c67c69737ca63991f5a148
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4
8c51c23510c1cb4da4985465adfa79be4c926d5f1ea171843f9cf26625235602
8e3a2390852ad3ab40c7ff26cd6e5f541367a8da987f828683913d82cd30d3a6
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9062cd4533343cfe31799c6daecb681a1072c054e403583630f03aba259b16cc
9095aeb95b974beef260bf02d9d459ad5287df3f62fe494738bd153c1528e61d
90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905
94527ee306d38c3adc5f8257ddf372ea2ffc64c79917a50a45520a53eba7f9e6
9528e7fb833fbcb1dc0d86f7fb685b5fe1f970760f3c9d4c134eaae87fea8179
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
96378daf42904c9714d60928ed7cdbabd70c0c219a352a8bd268782d67325133
96534f356bbf04c65f5f6d8cbadd9803d73cde561f182cc89962555477fa4b33
9a71c26b75aeb3585bcab8482529d66343de187fe39313f2caeb2c101aff697b
9a8ca8f9097539226e6458b0936e540b9f6531d05e789150e880aa8caa88cdf1
9bea82f5b931c8582b0d9d6f6ed17c067d3c5adc17af471985b75ad24b56454d
9eafbefd63a1ee491d2ee994ce417069d5af55407804d07ecf6758421d3d2d02
9f4188b2433eae3927a0d1b04ced39435000547a37efd9cee5745360c6064143
a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4bdaf606d466858e8d5492447244188792dd2a7287c15b0dec3b36cc77d3c20
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aab922fa9d47968bd242df4f844f269eb67d8671be51da1c0fb7317f9d670e89
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
adc1c22c3e344cd43bcbd1d98551155db58b5341b0e56a06a4de8d8cff3fc8c6
ae36a06a38cf0dc7ff3f85990fc45bd5983fda8517494345df59733bf20e2f08
ae866075deab57718d586ba54073f6c2ee11df652c714f3b6afe8bac938a5598
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848
afdaa1eb2520edc3eaadf201c0d99078588b02c81e4e4930e88bb06e28a9dacb
b056d9b601f2f769b2614542f4cd7a3e908a0a85f8c422281438985fd2f7916f
b05753242ffe37ff05521a49195f74888ec6340b129b2c7d5e6e70f13daa6950
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b277171297bfc840b62b9f160060bf8fc630389b0dee3aadcbb0e855ac7ecbc8
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b4ef8182b6523bf59a4d35ba989ad21f5a027fb2dd4377a6b10728f62a57b215
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdd9dcb76711b2721b8074649beeded691b73c2057e726e3b625813a61697854
c0452e178cdc6c7f11a560fa4a699a4d24a07a5bf0d2740754b79938fc9bf9b6
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c5cdfad2e7b1687a711364a54bbbae850b1239d729abd6527d6e70d8bff3d692
c774f99b409837d0c3e9e027fa0f52dbaa28ef0eca068bdf85375229db686023
c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1a70d3d0a0be27194afd9b941c1a644db2a1acfc6754ab69f85150aa428f75b
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d4eb56f7f70a139f9e682f6dd317862b06238c31c02aeec7db56ec3b0f1b0ea3
d64628a7be79ad4fd5531bb2256e6600363db54e94edcc51811b123f7b5be749
d710994daead7ca6c8619139d55ffd246d8cc6e90994cbe52ad65903c7e277d3
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d98216e8465e10e522653c2db4323b5d20c94713a1e4e255861ee803da74bbad
dabf1cd1e266c66c5fede833ce46ff6b0af8a34e000c1293258a391ac00ed829
db35c9bbff5e19b0efea1a0b3398cb2e841863498653bb3625bcc75cbc535835
dddeb0371f942b4bf76346b0a67a9418d81cae0271169f83df8a6447f45f207c
e02b41e846b1a06b140b99a1f3ab99f613337823aae02e4a8f2c3211ef7551c0
e0458cac31340b2af62029e777d002d2274bf1c77af66477faf88d0ebf9254d9
e0aa2901dd1c9902cece215ee32cea171018f237046f327fa3a46d082ab63eda
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3044563d9c817570c9f2c83dfa8a0e17a2c218ba7143a65977b68fda04c4f72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b3b7d1c9be5f00eb1dbb6d6d2e135aaf6c62505fb1eca546e9953bbc2158a0
e533a3f0c66862b5ee15920786e98cc5de7565a7bb988c6385acc5bc70b3392f
e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1
e7a210094b91fb78d4f4ea620e63599c2478e04691171135e3f59aa30ed4e76e
e9126e8b93d347b328196191cea7e2663506a0e66db75bc82b40afdd297af463
ea6883243d3b8bc4d5890f404e6aacd73e92f75ff9e5d1031ba35d355877dfa5
eca06d059c5cb0322ce77c8bf02d2df5aa54e2c7bc5f03130e79e3b6a8cd4907
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef927bcc3e0039144d908cfd4f9490b9364c6afc6104416f1cfb45442bfc039b
ef979ae41636bb1112445e7c404cc3a34ccf4b32e7b9b556d6bdc7f464009d01
f0120acc05e65e1d1be5a3e3a995ad3a25b1cd31afa65b5ed2844d3b7b1be0ab
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796
f314b0a98f3ded5609652c948463d5a3d79f821a2fca0b4f630d06af8445030b
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5ede0a3b5145183cd982d792213e71e3ebc1866727a683cf787ea0850e069d5
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f91904518c5285ebb7805c6b884420d61a5156334c78977f7d74b19d98cdcef6
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
fb0959589e8a2779e5c1db506c7a0cf76875e0279f3db7960210198dc11b8ae0
fcb6420efeaa308b7c5433d85abfe58dd4a6fb159f5e4cfb3da1c83a310a4abe
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fde9b4ba3eae8432f78755a9384858151ba7664bad3fd0f781fc78ca906e5438
fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4