urlscan.io logo urlscan.io
SecurityTrails logo

www.123greetings.com Open in urlscan Pro
184.72.245.68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.jpada.com/cgi-bin/click.pl?cid=nl010445202102&lid=197638&uid=204098279
Effective URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Submission: On April 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 4 countries across 23 domains to perform 375 HTTP transactions. The main IP is 184.72.245.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.
This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.73.249.63 14618 (AMAZON-AES)
1 1 50.16.190.13 14618 (AMAZON-AES)
1 184.72.245.68 14618 (AMAZON-AES)
22 67.27.233.252 3356 (LEVEL3)
13 67.27.234.124 3356 (LEVEL3)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 54.152.99.44 14618 (AMAZON-AES)
7 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
8 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
46 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2.16.107.18 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 34.251.107.229 16509 (AMAZON-02)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
26 2a00:1450:400... 15169 (GOOGLE)
3 95.101.27.36 20940 (AKAMAI-ASN1)
6 10 142.250.74.194 15169 (GOOGLE)
4 8 104.76.200.247 16625 (AKAMAI-AS)
6 15 37.252.172.38 29990 (ASN-APPNEX)
2 3 35.244.159.8 15169 (GOOGLE)
8 142.250.185.130 15169 (GOOGLE)
6 54.76.195.29 16509 (AMAZON-02)
8 44.237.126.120 16509 (AMAZON-02)
6 34.206.12.133 14618 (AMAZON-AES)
17 54.214.163.233 16509 (AMAZON-02)
6 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
19 54.234.206.105 14618 (AMAZON-AES)
2 35.171.145.49 14618 (AMAZON-AES)
2 35.170.116.13 14618 (AMAZON-AES)
8 185.94.180.123 35220 (SPOTX-AMS)
16 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
10 142.250.185.66 15169 (GOOGLE)
2 64.233.184.154 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 142.250.185.162 15169 (GOOGLE)
375 48
1    184.73.249.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-249-63.compute-1.amazonaws.com
www.jpada.com
1    50.16.190.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-190-13.compute-1.amazonaws.com
m.123greetings.com
1    184.72.245.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com
www.123greetings.com
22    67.27.233.252 (United States)

ASN3356 (LEVEL3, US)
c.123g.us
x.123g.us
13    67.27.234.124 (United States)

ASN3356 (LEVEL3, US)
i.123g.us
2    2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    54.152.99.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-99-44.compute-1.amazonaws.com
trkn.us
7    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
gcdn.2mdn.net
8    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
46    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
4    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
29    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2.16.107.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-18.deploy.static.akamaitechnologies.com
cdn.avantisvideo.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
15    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    34.251.107.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-107-229.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
6    2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.avantisvideo.com
26    2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    95.101.27.36 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-36.deploy.static.akamaitechnologies.com
cdn1.avantisvideo.com
10    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
8    104.76.200.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
15    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
8    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
6    54.76.195.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
static.adsafeprotected.com
8    44.237.126.120 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-126-120.us-west-2.compute.amazonaws.com
avm.avantisvideo.com
6    34.206.12.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-12-133.compute-1.amazonaws.com
dt.adsafeprotected.com
17    54.214.163.233 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-214-163-233.us-west-2.compute.amazonaws.com
events.avantisvideo.com
6    2a02:26f0:10c:48b::2c79 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
player.aniview.com
19    54.234.206.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-206-105.compute-1.amazonaws.com
track1.aniview.com
2    35.171.145.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-145-49.compute-1.amazonaws.com
go1.aniview.com
2    35.170.116.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-116-13.compute-1.amazonaws.com
sync.aniview.com
8    185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
16    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
7    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pubads.g.doubleclick.net
2    64.233.184.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f154.1e100.net
bid.g.doubleclick.net
6    2607:f8b0:4009:805::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2a00:1450:4001:4c::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5e6nzs.c.2mdn.net
10    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
87 googlesyndication.com
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
393 KB
59 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
pubads.g.doubleclick.net
bid.g.doubleclick.net
254 KB
39 avantisvideo.com
cdn.avantisvideo.com
static.avantisvideo.com
cdn1.avantisvideo.com
avm.avantisvideo.com
events.avantisvideo.com
241 KB
35 123g.us
c.123g.us
i.123g.us
x.123g.us
804 KB
30 2mdn.net
s0.2mdn.net
gcdn.2mdn.net
r4---sn-4g5e6nzs.c.2mdn.net
867 KB
29 aniview.com
play.aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
376 KB
18 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
279 KB
18 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
2 MB
15 adnxs.com
ib.adnxs.com
secure.adnxs.com
17 KB
12 google.com
adservice.google.com
www.google.com
2 KB
10 gstatic.com
fonts.gstatic.com
csi.gstatic.com
86 KB
10 ampproject.org
cdn.ampproject.org
216 KB
8 spotxchange.com
search.spotxchange.com
8 KB
8 casalemedia.com
dsum-sec.casalemedia.com
8 KB
7 googletagservices.com
www.googletagservices.com
228 KB
3 openx.net
us-u.openx.net
830 B
3 trkn.us
trkn.us
3 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 ytimg.com
i.ytimg.com
8 KB
2 123greetings.com
m.123greetings.com
www.123greetings.com
9 KB
1 google.de
adservice.google.de
313 B
1 googletagmanager.com
www.googletagmanager.com
38 KB
1 jpada.com
www.jpada.com
284 B
375 23
Domain Requested by
44 pagead2.googlesyndication.com securepubads.g.doubleclick.net
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
srcdoc
29 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.123greetings.com
cdn.ampproject.org
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
imasdk.googleapis.com
26 s0.2mdn.net www.123greetings.com
s0.2mdn.net
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
imasdk.googleapis.com
21 c.123g.us www.123greetings.com
c.123g.us
20 googleads.g.doubleclick.net www.123greetings.com
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
19 track1.aniview.com player.aniview.com
17 events.avantisvideo.com cdn.avantisvideo.com
16 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
13 i.123g.us www.123greetings.com
c.123g.us
11 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
player.aniview.com
10 ade.googlesyndication.com
10 pubads.g.doubleclick.net imasdk.googleapis.com
10 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
8 search.spotxchange.com player.aniview.com
8 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
8 googleads4.g.doubleclick.net www.123greetings.com
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.123greetings.com
7 www.googletagservices.com c.123g.us
securepubads.g.doubleclick.net
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
6 csi.gstatic.com imasdk.googleapis.com
6 dt.adsafeprotected.com d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
6 static.adsafeprotected.com pixel.adsafeprotected.com
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
6 static.avantisvideo.com cdn.avantisvideo.com
www.123greetings.com
6 pixel.adsafeprotected.com d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
5 player.aniview.com cdn.avantisvideo.com
player.aniview.com
5 cdn.avantisvideo.com securepubads.g.doubleclick.net
cdn.avantisvideo.com
4 secure.adnxs.com 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
4 d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 us-u.openx.net 2 redirects googleads.g.doubleclick.net
3 cdn1.avantisvideo.com cdn.avantisvideo.com
3 www.google.com 2 redirects d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
3 trkn.us 1 redirects www.123greetings.com
2 r4---sn-4g5e6nzs.c.2mdn.net
2 gcdn.2mdn.net 2 redirects
2 bid.g.doubleclick.net imasdk.googleapis.com
2 sync.aniview.com player.aniview.com
2 go1.aniview.com player.aniview.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 i.ytimg.com www.123greetings.com
1 play.aniview.com cdn.avantisvideo.com
1 adservice.google.de securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 x.123g.us c.123g.us
1 www.googletagmanager.com www.123greetings.com
1 www.123greetings.com
1 m.123greetings.com 1 redirects
1 www.jpada.com 1 redirects
375 51
Subject Issuer Validity Valid
*.123greetings.com
Go Daddy Secure Certificate Authority - G2		 2020-04-29 -
2022-04-29		 2 years crt.sh
*.123g.us
Go Daddy Secure Certificate Authority - G2		 2019-06-21 -
2021-09-16		 2 years crt.sh
edgestatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2		 2021-01-19 -
2022-02-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
content.avantisvideo.com
R3		 2021-02-22 -
2021-05-23		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2020-09-09 -
2021-10-09		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-01-06 -
2022-02-04		 a year crt.sh
*.avantisvideo.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2020-05-20 -
2021-06-20		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-03-30 -
2021-06-08		 2 months crt.sh

This page contains 57 frames:

Primary Page: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Frame ID: A840B393870F7767C55C5648505E15EC
Requests: 119 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: FE41FFFA878B99FE124C6582A791E6FD
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: D2826727571720661CE1FCE205765A9A
Requests: 15 HTTP requests in this frame

Frame: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 96255A3D4A5BD0A6831CBE8BEEC58D5E
Requests: 19 HTTP requests in this frame

Frame: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4C171C7291C7547963EA42CE6B6143CE
Requests: 19 HTTP requests in this frame

Frame: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 37EA4FB0899119D09CB626887CA447FE
Requests: 20 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOCyLMjznkfczBHUo-HXZthDaoc3gA3ifXZx4a2LLu_v8ccnytVlvfrdygnWFXxIR-_GRLbKuBKw29144EmuxYftYYoIX3zCmBPVjMUCTHQBXr43iBw6YDE7nT5TBcmnR9ph-KU8n3SEzII9_LONgiT89U6isGKSIvXeygyJ5-viwbeqvWH_9XMmdEOlwO3T22KvjC004EgGerTCo-_tU7FWeD57NDqxx-x_gD0to4f2vSqLKGpD0U_9_9g64k8ISf8hXSQ53Vi4YtSY5Wr0r_V76u8TesKoIt8H6W13TsdkLweIxzsQ5h7bErpRQnzoiVKycK-g&sai=AMfl-YSusYuxELK6Cf7C5tkfHicP516xLq58G3KIBi1wEAWa25KSvLg-hnZzPrxZmMzVBFdSUVPafFJE5TtgghePYNC9VOxz8kVi4s7wU30PF89IgOdtFNdT4PzrAmg9fWwo&sig=Cg0ArKJSzE-6pyEHEVUQEAE&urlfix=1&adurl=
Frame ID: A88BB3A7E58D984A2824B91415A56D4C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvnEmqbII5w4yjILq6xYa25bxGnIl3Nk5AhYYt6rrZsiqhxl7ARMjhFHoyxDOwyYxjr8-twK9QJLbdj8MHTdqRilIQI5ADo2_GfkXAaGm2Zx5ETBWgE82LN_Yk_luPjX39h_ytCRzOS9ztKz20jHwdzApAC7POhgPdCG5uT2ZdbMOkfkNFtyMCNQGbFMOOEM6ZC0wEvMbKdMWs4R6fYTsn9GUSfllEsaRryteOB5pi9Z30ox4-XCZLX34TGv03cNAQR2bKnK9Q3aRBSbMdAn1JVHx8sD0ncU-67Ry38hhgK9ZVzMlSJugM6Kk2E3Abse8OrKWQQnt-LoRzwbW8QQ&sai=AMfl-YSlhmQ4hW-xosYtQs746Y0QA_PRgrtC7xd5sypfQYcZzSLXmH56hRTx7b4vhIL23M9_9b_QVt01D8GPSrSmLvX4Cv3AGCN8x3C-NyOEFDsxMQdzFt69eo9PLrpkzKig&sig=Cg0ArKJSzNZQ9YuW50fREAE&urlfix=1&adurl=
Frame ID: 578E88E73972B3DBB6F9DA382F926754
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXfDjAw7G75GYDf_Z1CaxPiPUoRCCUi0mN3KDoiXo6klEzkcS3jNCkdygUO4uZX0_D0A4BHBdI1SzbjGR6bcjabJ3brXw
Frame ID: A5E31283CE726E6E8EE2CD3504C02F8E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXQWcQ50JQhWyWCJr5n7buP3DvVLtiSC_R5PBWI0Yy210A8PR-FD1sJD1TmfMqVUU7Zc8izPz5mYUfXqaX1WLcrMoPbyQ
Frame ID: 1B140C30DA901020BFE2097931479297
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNX4w4BaAzBRYxe8B3vwcG--RCTzFwZRMdf9U_02n_VPw18d2EmfcCpWLYKaoZ9BMKnLY_GHS2h-vZUFZPfEvVNokqzGfQ
Frame ID: E720A44248AF93C1F9DA78102356D517
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7DA169847CC9B9259B87E7DF2F936270
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: E80FD7ABCB77EAADCB1C2A03BFAA0E59
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: FD655421C25DED8324C1F8AE2A9D004F
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=Nfj17OI8eb&t=1&renderingType=2
Frame ID: 3D2B6819F46A5F9139956D04EE9ED99B
Requests: 8 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=nBWzMdl9Wx&t=1&renderingType=2
Frame ID: 677DA2A8C9CE506C9C89D5857C3AFBC3
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=0Av6gUKgpO&t=1&renderingType=2
Frame ID: CE65C0352DB8E065E63648054010430B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E698488E3B9457DB57F08F9C91306A96
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A64E2F180015FF1B8894D075C6B366AE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 41C477414EC731B13D446A5D7213187D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: E7ACDEAE16633D990949850AF80CB8DA
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: D13FE33BCEB3115E78D0ED4FFB839C95
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 37628A5CC06F5181D6C8D2FA370F33CD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Frame ID: 36C7C7697A3F23F3DA9396976AE46CAF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Frame ID: 86885534A0CC5BFDF9D728E471C9A5F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Frame ID: E87CE8DD393366C125A854A96D11A745
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 5A05E1DD195918E87D2A331AD92B3ACF
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: C4266F8B438BE39E115B1CEEB1C1E8D1
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: C5DD72DC21598CD6253359C224942D27
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1618002303888-974353354871-020252-006-006895&biddername=55&key=7621382829360555052
Frame ID: 963B1A29E342D8BB5C30372FE56A1112
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1618002303888-985888694871-020974-015-008521&biddername=55&key=3270019702657243340
Frame ID: 9C687FF7D9993B859B0381974BC89C2C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 6CF03604BACCCE2DB9AED23475DE2FB5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 023FD6492237A25BBEEC6B09746CCFA7
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E50CBEBA6714605E0D94A5E0161EABFF
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A14EB611DF8B3865DDCF1A22BC3340B5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 340D1D03A4C03E2AE9FB7836E5E5F98F
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: D0E5405F862B642E775873626958D63C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 429479C7562BB72CB0B44479B11B4360
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0669561118DB3DA64758C3F684FA4A25
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 3881611FCBE80F7CD74E9499D4D53FF1
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 24FF721DC0B045A58022F791B8E0D2A3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 676C71EFFD8690CB43D2EA520A611EB2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 21797B063BF6416910AC2B5B02BBD6A7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5209A106CEE411460A9BB5A20A75C3A7
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 6DD3B4AAABBACD31DEE92E0D986EF5BE
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0B86F8187773134C4BEA8E1DE359D29F
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 16E78210D407E895AF034D8485D0C8F6
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 4B4AE85ED8207496C4802CEA986F2FFE
Requests: 21 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 418DE76C33D8031000BD9BBF62809DDC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8CF6CB7D4DCD8D4DDBEF2E6A47AA2863
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: E9B16DF581EE2A1A9CDEFE4BDAE92BC3
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Frame ID: 84CBBE831315EDF6D2CB686BBB8679E3
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C9FCD7B37DDFB4CD03464530D20CCE18
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A663A33C7A2A92E4CDCAE3A0F4265EC8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1EC68071E8E947F3CAD0BC1B561200C2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: FAE23213089910D4DF8EEE3295780DFC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 0A702EA588527368DFBA5466F630B59C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.jpada.com/cgi-bin/click.pl?cid=nl010445202102&lid=197638&uid=204098279 HTTP 302
    https://m.123greetings.com/??utm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2 HTTP 301
    https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

375
Requests

100 %
HTTPS

48 %
IPv6

23
Domains

51
Subdomains

48
IPs

4
Countries

6285 kB
Transfer

24548 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.jpada.com/cgi-bin/click.pl?cid=nl010445202102&lid=197638&uid=204098279 HTTP 302
    https://m.123greetings.com/??utm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2 HTTP 301
    https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=7930270602.75008&ref=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dvis=visible HTTP 302
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=7930270602.75008&ref=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dvis=visible&ip=185.236.201.148&cuidchk=1
Request Chain 86
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 89
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
Request Chain 135
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHDBfGgDEXvCbFNVpgzIHgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
Request Chain 138
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHDBfGgDEXvCbFNVpgzIHgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBfyHfgC2gqRLsmrHa3-K98&google_cver=1
Request Chain 140
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDM5ODA0MjI2ODI1ODU3Ng%3D%3D
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEER5mXcEydSreKkwokjrEzE&google_cver=1
Request Chain 142
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDVlNjdkMTAtZWEzNS0yNWM2LWQ2NTMtNjU1ZjUxOTliNThj
Request Chain 232
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618002303888-974353354871-020252-006-006895%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1618002303888-974353354871-020252-006-006895%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1618002303888-974353354871-020252-006-006895&biddername=55&key=7621382829360555052
Request Chain 239
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618002303888-985888694871-020974-015-008521%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1618002303888-985888694871-020974-015-008521%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1618002303888-985888694871-020974-015-008521&biddername=55&key=3270019702657243340
Request Chain 324
  • https://gcdn.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8F8089FD72CFFA4B4CD8754B993D886438D6B5A8.C72C49395A10B8E0EDEBBD0C178F139B19AB399/key/ck2/file/file.mp4?cpn=y9sWExivgaXClGCP HTTP 302
  • https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3A43DF7FCC80D58EE4F734CE75193C62EA251EA3.290B67662166D6454513E517BD0384DA889EF60C/key/cms1/cms_redirect/yes/mh/HP/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1618002022/mv/m/mvi/4/pl/49?cpn=y9sWExivgaXClGCP&file=file.mp4
Request Chain 329
  • https://gcdn.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/8F8089FD72CFFA4B4CD8754B993D886438D6B5A8.C72C49395A10B8E0EDEBBD0C178F139B19AB399/key/ck2/file/file.mp4?cpn=xXHkVTbIkxKmKkSD HTTP 302
  • https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0ED56E8DE1CD77A3E3BF3984469F95A6ACB916A0.083D151D79081B073C027881D077CA89CBEC9C99/key/cms1/cms_redirect/yes/mh/HP/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1618002022/mv/m/mvi/4/pl/49?cpn=xXHkVTbIkxKmKkSD&file=file.mp4

375 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.123greetings.com/
Redirect Chain
  • http://www.jpada.com/cgi-bin/click.pl?cid=nl010445202102&lid=197638&uid=204098279
  • https://m.123greetings.com/??utm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
  • https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
36 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec04f5116abfd269c31ae2a44429a232d08152968738380158b702b1dca3af84
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.123greetings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 20:51:44 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
8614
Cache-Control
max-age=900
Content-Encoding
gzip
ETag
"8e2e-5bf904f2b8000"
Last-Modified
Fri, 09 Apr 2021 20:50:08 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
X-FRAME-OPTIONS
SAMEORIGIN
Expires
Fri, 09 Apr 2021 21:06:44 GMT
Age
794
Accept-Ranges
bytes
Set-Cookie
SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

Redirect headers

Content-Type
text/html; charset=iso-8859-1
Date
Fri, 09 Apr 2021 21:04:58 GMT
Location
https://www.123greetings.com?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Server
Apache/2.2.15 (CentOS)
Content-Length
395
Connection
keep-alive
home_R1.css
c.123g.us/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/home_R1.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1d44594c1739a91182d57a302cf6345f311a73a9dfd2b2a28b6a22d6488f490b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Mar 2021 22:30:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Aug 2019 12:56:58 GMT
Server
Apache/2.2.15 (CentOS)
Age
1377268
ETag
"3a7f-59104b0f07a80"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3305
jake_test
Test_Pass
Expires
Fri, 02 Apr 2021 12:31:24 GMT
346137_th.jpg
i.123g.us/c/emar_spring_wishes/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_spring_wishes/th/346137_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a962a303befd0ac2d2fcf4761144b74ba8886a185f0a81433ee101aba1ae449c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:08:28 GMT
Last-Modified
Thu, 04 Mar 2021 08:53:48 GMT
Server
Apache/2.2.15 (CentOS)
Age
546990
ETag
"1557-5bcb21b133f00"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5463
jake_test
Test_Pass
Expires
Sun, 04 Apr 2021 20:32:58 GMT
333131_th.gif
i.123g.us/c/birth_happybirthday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_happybirthday/th/333131_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
632ef26ae5fddbaf66f6654d41e70be07225f325e8f2659e226fa1564a15d69f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 07:34:47 GMT
Last-Modified
Sat, 17 Feb 2018 06:15:13 GMT
Server
Apache/2.2.15 (CentOS)
Age
2035811
ETag
"1fe4-56562623e3e40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8164
jake_test
Test_Pass
Expires
Wed, 24 Mar 2021 09:28:40 GMT
122395_th.gif
i.123g.us/c/eapr_aprshowersday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_aprshowersday/th/122395_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7353d254f9839a38752e417a7d130d5d4d4b987848140de71aa43cb9200d39b9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 30 Mar 2021 06:21:47 GMT
Last-Modified
Thu, 13 Apr 2017 11:25:47 GMT
Server
Apache/2.2.15 (CentOS)
Age
916991
ETag
"1fe6-54d0a961c44c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8166
jake_test
Test_Pass
Expires
Tue, 30 Mar 2021 06:36:47 GMT
343820_th.gif
i.123g.us/c/birth_happybirthday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_happybirthday/th/343820_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fb4bd5945ceedfa61085a9645c5e708eea82c796d043dfd8cdb9a5bfb7df50bb

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 09:31:07 GMT
Last-Modified
Sat, 04 Jul 2020 07:54:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
2028831
ETag
"1fc3-5a998f24fea40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8131
jake_test
Test_Pass
Expires
Wed, 17 Mar 2021 09:46:07 GMT
342903_th.gif
i.123g.us/c/birth_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_wishes/th/342903_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f38e6fe3de9aa55cd5e979abade60d68e885131107f0b26b4fc9e66f4725fe1

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 07:58:56 GMT
Last-Modified
Sat, 04 Apr 2020 04:34:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1775162
ETag
"1ef5-5a26f8b518b80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7925
jake_test
Test_Pass
Expires
Sat, 27 Mar 2021 07:05:37 GMT
110780_th.gif
i.123g.us/c/eapr_aprshowersday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_aprshowersday/th/110780_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3d814ed0ad4f0f11374df1807a971c63a1c5b32269ec9b0a0935975a2fa93145

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 30 Mar 2021 06:19:27 GMT
Last-Modified
Wed, 05 Aug 2015 15:07:58 GMT
Server
Apache/2.2.15 (CentOS)
Age
917132
ETag
"1fc1-51c91c49ccf80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8129
jake_test
Test_Pass
Expires
Tue, 30 Mar 2021 06:34:27 GMT
319072_th.gif
i.123g.us/c/birth_happybirthday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/birth_happybirthday/th/319072_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3af61fbbc448701180217224c95ed0949549e882d8d9a2322b598fd70bbb4b3f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Mar 2021 07:47:42 GMT
Last-Modified
Fri, 25 Sep 2015 13:29:49 GMT
Server
Apache/2.2.15 (CentOS)
Age
1084637
ETag
"1f5e-520925781ed40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8030
jake_test
Test_Pass
Expires
Tue, 30 Mar 2021 14:38:51 GMT
1.jpg
i.ytimg.com/vi/z1dN8Ycqby4/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/z1dN8Ycqby4/1.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc6af120d25e80e0b255f9904dd8127248abdcf10a3d83aee74a9a431d2606f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:08:40 GMT
x-content-type-options
nosniff
server
sffe
age
6979
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4840
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:08:40 GMT
2.jpg
i.ytimg.com/vi/laPhvAZ_2m4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/laPhvAZ_2m4/2.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
601b6089c539aff226f8978d0ad7c90efc412d1efe86aa91aece192703faad08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:39:48 GMT
x-content-type-options
nosniff
server
sffe
age
5111
etag
"1594746722"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3213
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:39:48 GMT
346251_th.jpg
i.123g.us/c/gen_morning/th/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/gen_morning/th/346251_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
92a0d49fe99fd78ef700b38555b1c6c88ae7c628f5f620e6779e948cc735b6d1

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 11:34:39 GMT
Last-Modified
Thu, 18 Mar 2021 09:47:28 GMT
Server
Apache/2.2.15 (CentOS)
Age
1935020
ETag
"1167-5bdcc7cc7cc00"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4455
jake_test
Test_Pass
Expires
Thu, 18 Mar 2021 15:48:40 GMT
346261_th.gif
i.123g.us/c/anniv_anniversaryetc/th/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/anniv_anniversaryetc/th/346261_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
95de438f33df29fcc0af2e830df1ef7dd81cfa4ac429736fa770241d76e47b8b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Mar 2021 10:43:16 GMT
Last-Modified
Sat, 20 Mar 2021 06:40:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
1765303
ETag
"10ac-5bdf21aec91c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4268
jake_test
Test_Pass
Expires
Thu, 08 Apr 2021 09:27:46 GMT
346478_th.jpg
i.123g.us/c/gen_morning/th/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/gen_morning/th/346478_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
74bcb4774171fd12c6b5fc427958839bc2a5287776d2c445dcee84c6e61762f6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 12:11:23 GMT
Last-Modified
Wed, 07 Apr 2021 10:23:34 GMT
Server
Apache/2.2.15 (CentOS)
Age
204816
ETag
"2220-5bf5f52b5d580"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8736
jake_test
Test_Pass
Expires
Thu, 08 Apr 2021 12:09:50 GMT
cal_block.gif
i.123g.us/images/special_block/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/images/special_block/cal_block.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4545946e62b8e831756006b646fbf7e97b5fb8b85e52b625bdcc8b5d83745eb2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 04:49:33 GMT
Last-Modified
Tue, 06 Apr 2021 04:16:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
317726
ETag
"5268-5bf4613e5da80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21096
jake_test
Test_Pass
Expires
Tue, 06 Apr 2021 05:05:01 GMT
jquery.js
c.123g.us/js2/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 19:24:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2079611
ETag
"16f3a-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33449
jake_test
Test_Pass
Expires
Tue, 16 Mar 2021 19:39:48 GMT
jquery.ajax_autocomplete.js
c.123g.us/js2/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Mar 2021 04:36:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 08:18:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
2219296
ETag
"7f11-5b19d2e943540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9770
jake_test
Test_Pass
Expires
Mon, 15 Mar 2021 04:51:52 GMT
swfobject.js
c.123g.us/js2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/swfobject.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 05:07:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2044673
ETag
"261f-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3868
jake_test
Test_Pass
Expires
Wed, 17 Mar 2021 05:22:06 GMT
123g_utils_v1.js
c.123g.us/js2/ 		123 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_utils_v1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0d78f0e275929c1a9f449acaf371294207f532a67d6fcf109cb4385664cec099

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 12:06:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 09:08:50 GMT
Server
Apache/2.2.15 (CentOS)
Age
1328304
ETag
"1ed68-5bc4dbba1cc80"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30675
jake_test
Test_Pass
Expires
Mon, 29 Mar 2021 09:25:29 GMT
hpmain.js
c.123g.us/js2/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/hpmain.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
df593244193c3cf046b26a486cc6d9b03d94406e3ace812307bdc3d9e0e54b9d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Apr 2021 12:14:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Sep 2020 13:13:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
636603
ETag
"e33-5b05f6e82c980"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1217
jake_test
Test_Pass
Expires
Fri, 02 Apr 2021 12:31:08 GMT
rakpanel.js
c.123g.us/js2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/rakpanel.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Mar 2021 08:20:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Aug 2018 13:50:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
2292281
ETag
"d4c-57300e747f440"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1626
jake_test
Test_Pass
Expires
Sun, 14 Mar 2021 08:35:19 GMT
jquery.bxslider_new.js
c.123g.us/js2/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.bxslider_new.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 09:03:13 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1684906
ETag
"2c44c-50ba-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5210
jake_test
Test_Pass
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
65928fee7f92926a22e6ac5eab54b535fda42118d7767eea610f86928f6a32df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:04:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39120
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:04:59 GMT
styleopt_R1.css
c.123g.us/css/ 		80 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/styleopt_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/home_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6fa7cc9128819e7ca7402c739772daba7df959fd0ff1e62cd39e6ad73a08f976

Request headers

Referer
https://c.123g.us/css/home_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Apr 2021 19:13:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Mar 2021 13:14:14 GMT
Server
Apache/2.2.15 (CentOS)
Age
611514
ETag
"13f83-5bcb5be751580"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16152
jake_test
Test_Pass
Expires
Sat, 03 Apr 2021 13:29:39 GMT
modal_window_R1.css
c.123g.us/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/modal_window_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/home_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Referer
https://c.123g.us/css/home_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Mar 2021 07:51:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 09:39:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2466831
ETag
"8220-5a7b79d367980"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6727
jake_test
Test_Pass
Expires
Sun, 14 Mar 2021 08:31:01 GMT
request.js
trkn.us/info/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=7930270602.75008
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.99.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-99-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
d3ab39caa3e13dce4db1292f5d99f7aaafc5405ecd8aee36ec2c2e807a77d591
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:04:59 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
731
Expires
Sun, 01 Jan 2014 00:00:00 GMT
123g_master_bg.png
c.123g.us/images/ 		145 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/123g_master_bg.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Mar 2021 22:14:14 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
1378245
ETag
"91-54da7c7b5a240"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145
jake_test
Test_Pass
Expires
Tue, 30 Mar 2021 16:04:06 GMT
master_img_menu.png
c.123g.us/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 07 Apr 2021 10:25:11 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
211188
ETag
"9d023-1861-54a227b81c940"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
icon_set_R1.png
c.123g.us/images/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 12:44:46 GMT
Last-Modified
Mon, 18 Nov 2019 12:30:19 GMT
Server
Apache/2.2.15 (CentOS)
Age
1671613
ETag
"230cb-5979e1c4d2cc0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143563
jake_test
Test_Pass
Expires
Tue, 30 Mar 2021 10:53:09 GMT
big_img_sprite.png
c.123g.us/images/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Mar 2021 15:51:53 GMT
Last-Modified
Wed, 11 Sep 2019 08:42:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
2524386
ETag
"9cd35-21653-5924300b6d700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
master_icon_set_2.png
c.123g.us/images/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 18 Mar 2021 07:17:31 GMT
Last-Modified
Tue, 16 Feb 2021 07:04:27 GMT
Server
Apache/2.2.15 (CentOS)
Age
1950448
ETag
"9cb9c-15fce-5bb6eb68c54c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90062
jake_test
Test_Pass
master_icon_set.png
c.123g.us/images/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_icon_set.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/home_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4

Request headers

Referer
https://c.123g.us/css/home_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 00:31:29 GMT
Last-Modified
Wed, 03 Jan 2018 10:30:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
592410
ETag
"17326-561dcb51f9ac0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95014
jake_test
Test_Pass
Expires
Sat, 03 Apr 2021 00:48:03 GMT
addressbook.js
c.123g.us/js2/ 		400 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/addressbook.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8caeb1059ac2c4d2c9b19fca77f965680a7c875362e4321d0473e0ae02ca3a1f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Mar 2021 15:03:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 10:16:40 GMT
Server
Apache/2.2.15 (CentOS)
Age
1144884
ETag
"2c7ca-63e50-5bc9f25969200"
Vary
Accept-Encoding
Content-Type
text/javascript
Transfer-Encoding
chunked
Connection
keep-alive
jake_test
Test_Pass
gpt.js
www.googletagservices.com/tag/js/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3f02c00360712f19741829b5db7dc0f8e081bea9713cfa9a3b5d2d09c286bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"838 / 155 of 1000 / last-modified: 1617995140"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20428
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:04:59 GMT
123g_mantle.json
x.123g.us/json/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/123g_mantle.json
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7bf16b091c6f992f6427231147a5aaee5dd60fb941ea0f05fb784c383ec72b7a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 20:44:10 GMT
Last-Modified
Fri, 09 Apr 2021 20:24:33 GMT
Server
Apache/2.2.15 (CentOS)
Age
1249
ETag
"7e3-5bf8ff3ad4240"
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2019
jake_test
Test_Pass
Expires
Fri, 09 Apr 2021 20:59:11 GMT
closeBtn_h.png
c.123g.us/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/closeBtn_h.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 29 Mar 2021 13:29:17 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
977742
ETag
"42a-54da7c7a66000"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1066
jake_test
Test_Pass
Expires
Mon, 29 Mar 2021 13:44:35 GMT
mantle_loader.gif
c.123g.us/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/mantle_loader.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b91d59c4bdd90f11c17f875ae27b15c1efe83d42182702f51570fcc2063fd24

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 19:01:17 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
1994622
ETag
"9d011-855-54a227b81c940"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2133
jake_test
Test_Pass
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
4560
date
Fri, 09 Apr 2021 19:48:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Fri, 09 Apr 2021 21:48:59 GMT
connect_config.js
c.123g.us/js2/ 		201 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 06:10:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1695275
ETag
"2c454-c9-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
jake_test
Test_Pass
pubads_impl_2021040802.js
securepubads.g.doubleclick.net/gpt/ 		294 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
bc542b1a6b82e2ec539fae662e4d5cad3bd8db4f0a2f1d7a28477da16b6c3973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 18:01:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105846
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:04:59 GMT
collect
www.google-analytics.com/j/ 		2 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=877563475&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&ul=en-us&de=UTF-8&dt=Free%20Greeting%20cards%2C%20Wishes%2C%20Ecards%2C%20Birthday%20Wishes%2C%20Funny%20Cards%20%26%20Gifs%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1439324310&gjid=1164722249&cid=1023543622.1618002299&tid=UA-5085183-1&_gid=546187674.1618002299&_r=1&gtm=2ou3v0&z=1411778332
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:04:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-5085183-1&cid=1023543622.1618002299&jid=1439324310&gjid=1164722249&_gid=546187674.1618002299&_u=IEBAAUAAAAAAAC~&z=320040967
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 09 Apr 2021 21:04:59 GMT
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
eapr_petday_mtl_01.jpg
i.123g.us/c/eapr_petday/mtl/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_petday/mtl/eapr_petday_mtl_01.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
85fa671de07a815cbbf410723bfe4f16629310278430ec3334f870074c088712

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Apr 2021 12:38:19 GMT
Last-Modified
Sun, 04 Apr 2021 20:15:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
376000
ETag
"63f4-5bf2b3dddd380"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25588
Expires
Mon, 05 Apr 2021 13:09:33 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		163 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=302553558252211&correlator=1717234400541509&output=ldjh&impl=fifs&eid=31060312%2C31060550%2C31060764%2C31060371%2C44739387%2C44740387&vrg=2021040802&ptt=17&sc=1&sfv=1-0-38&ecs=20210409&iu_parts=46400095%2CDesktopWeb_Homepage_LB%2CDesktopWeb_Homepage_Mrec%2CDesktopWeb_Homepage_LMrec1%2CDesktopWeb_Homepage_LMrec2%2CDesktopWeb_Homepage_LMrec3%2CDesktopWeb_Homepage_Video%2CDesktopWeb_Homepage_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C1x1%2C1x1&cust_params=site%3D123greetings.com%26section%3Dhome%26page%3Dhomepage&cookie_enabled=1&bc=31&abxe=1&lmt=1618001408&dt=1618002299383&dlt=1618002298806&idt=552&frm=20&biw=1600&bih=1200&oid=3&adxs=560%2C970%2C332%2C650%2C968%2C310%2C310&adys=47%2C208%2C1539%2C1539%2C1539%2C1978%2C1420&adks=2032713241%2C2007386566%2C3432605083%2C3556053958%2C327677147%2C846720090%2C4041757002&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90%7C320x262%7C980x301%7C980x301%7C980x301%7C983x1970%7C980x0&msz=728x90%7C300x250%7C314x264%7C314x264%7C314x264%7C980x0%7C980x0&ga_vid=1023543622.1618002299&ga_sid=1618002299&ga_hid=877563475&ga_fc=false&fws=4%2C4%2C0%2C0%2C0%2C0%2C0&ohw=728%2C300%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
c947d4065c3991b929389c0e6a6d0aa40e1c8899b2be0c3210e67bbbbf26cf90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33089
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,5501288042,5461263814
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,-1,138326033967,138321279906
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
trkn.us/info/
Redirect Chain
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=7930270602.75008&ref=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr...
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=7930270602.75008&ref=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr...
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=7930270602.75008&ref=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dvis=visible&ip=185.236.201.148&cuidchk=1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.152.99.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-152-99-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:04:59 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Fri, 09 Apr 2021 21:04:59 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=7930270602.75008&ref=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dvis=visible&ip=185.236.201.148&cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
eapr_petday_mtl_01.jpg
i.123g.us/c/eapr_petday/mtl/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_petday/mtl/eapr_petday_mtl_01.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
85fa671de07a815cbbf410723bfe4f16629310278430ec3334f870074c088712

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Apr 2021 12:38:19 GMT
Last-Modified
Sun, 04 Apr 2021 20:15:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
376000
ETag
"63f4-5bf2b3dddd380"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25588
Expires
Mon, 05 Apr 2021 13:09:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=123greetings.com&host=www.123greetings.com&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame FE41 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
35947
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:05:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame FE41 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
36165
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:02:15 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame FE41 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
36165
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:02:15 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame FE41 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
36165
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:02:15 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame FE41 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
36165
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:02:15 GMT
css
fonts.googleapis.com/ Frame FE41 		3 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 19:37:27 GMT
server
ESF
date
Fri, 09 Apr 2021 21:05:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 21:05:00 GMT
truncated
/ Frame FE41 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22b1c2331651968db0e0de90bc25809a690ef103138c939a59bf050395320d38

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE41 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 05:29:43 GMT
x-content-type-options
nosniff
server
cafe
age
56117
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Sat, 10 Apr 2021 05:29:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE41 		295 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
78009
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 09 Apr 2021 23:24:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame FE41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrJVme8FwYOe4Ha3C7_UPj9u0aMiC_rhhr-7envEMwLCA7JACEAEg7_aQIWD1lc6B4ASgAYa3zsoDyAEBqQJwFZa9cBuyPuACAKgDAcgDCqoE4QFP0FWjMJb7lgbs1tqHY_MZwGjdc2MKr1iEsaJgnNXiGxS_bZbcHarAD9LRKAh-AxnXe9d3xc1rO3oQPJWeQBxPPvHDst_LaqBfZnDxOF4q70U1K7ianUYpAL-iq4wPCU3grBZj1NhS5EEy_U6j_CaKCs3emaOxhEDxohdqsdtwHg3arjkZk-bAxYO7BGUcudBTlS6vnjb5y42xNf1BMcXo1eVvao5v8BVaV7PWaLLl2JCY0XCsT81p9YNgW3TQNCFgaYjwnEWSwXGkny30-xSLZUVvb0enEWIVOecgjCQcFHnABLuny42XA-AEAZIFBAgEGAGSBQQIBRgEoAZmgAfiyLE1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEJ7BLdIICQiA4YBAEAEYHYAKA8gLAdgTC4gUAdAVAYAXAbIXGgoYCAASFHB1Yi00NjI3NTE3NjgwMjQ5Njcw&sigh=ovOTvgtnUxs&tpd=AGWhJmt1OZ7iadWyo8kK8gmgFG6OwSawznwEE23KqLpfX6l1-g
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame FE41 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
154918
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 08 Apr 2022 02:03:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame FE41 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
39683
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Sat, 09 Apr 2022 10:03:37 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame D282 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
35947
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:05:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D282 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
36165
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:02:15 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D282 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
36165
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:02:15 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D282 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
36165
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:02:15 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D282 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
36165
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:02:15 GMT
css
fonts.googleapis.com/ Frame D282 		3 KB
646 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Apr 2021 19:49:20 GMT
server
ESF
date
Fri, 09 Apr 2021 21:05:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Apr 2021 21:05:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D282 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
78009
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 09 Apr 2021 23:24:51 GMT
truncated
/ Frame D282 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2a17c32be59cdbe4ce2f2f19dfd21c43098fae1b80370de1d94b9fc744c7d39

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9625 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 21:04:59 GMT
expires
Sat, 09 Apr 2022 21:04:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4C17 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 21:04:59 GMT
expires
Sat, 09 Apr 2022 21:04:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 37EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 09 Apr 2021 21:04:59 GMT
expires
Sat, 09 Apr 2022 21:04:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame A88B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOCyLMjznkfczBHUo-HXZthDaoc3gA3ifXZx4a2LLu_v8ccnytVlvfrdygnWFXxIR-_GRLbKuBKw29144EmuxYftYYoIX3zCmBPVjMUCTHQBXr43iBw6YDE7nT5TBcmnR9ph-KU8n3SEzII9_LONgiT89U6isGKSIvXeygyJ5-viwbeqvWH_9XMmdEOlwO3T22KvjC004EgGerTCo-_tU7FWeD57NDqxx-x_gD0to4f2vSqLKGpD0U_9_9g64k8ISf8hXSQ53Vi4YtSY5Wr0r_V76u8TesKoIt8H6W13TsdkLweIxzsQ5h7bErpRQnzoiVKycK-g&sai=AMfl-YSusYuxELK6Cf7C5tkfHicP516xLq58G3KIBi1wEAWa25KSvLg-hnZzPrxZmMzVBFdSUVPafFJE5TtgghePYNC9VOxz8kVi4s7wU30PF89IgOdtFNdT4PzrAmg9fWwo&sig=Cg0ArKJSzE-6pyEHEVUQEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame A88B 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1be60b5a71bfa25af7110940b8d511410b158a723d455f72dd7c4ad89b674d68

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
i9Wy1fiAICJwzzbqWhnMuMEeESYpQpqF
Content-Encoding
gzip
Last-Modified
Tue, 16 Mar 2021 11:55:25 GMT
Server
AmazonS3
x-amz-request-id
ETZ6PZESD6ACKYK9
ETag
"75d58198b4bd6637fe901ffbb58c64bf"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Fri, 09 Apr 2021 21:05:00 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
21168
x-amz-id-2
LHlwJJgPLZmp2Igx50vmAgmznPJ8i65yteKWQIO0fk/neaoXKV8p2TmjA7HhUpceN3n9unUuWwc=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A88B 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 578E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvnEmqbII5w4yjILq6xYa25bxGnIl3Nk5AhYYt6rrZsiqhxl7ARMjhFHoyxDOwyYxjr8-twK9QJLbdj8MHTdqRilIQI5ADo2_GfkXAaGm2Zx5ETBWgE82LN_Yk_luPjX39h_ytCRzOS9ztKz20jHwdzApAC7POhgPdCG5uT2ZdbMOkfkNFtyMCNQGbFMOOEM6ZC0wEvMbKdMWs4R6fYTsn9GUSfllEsaRryteOB5pi9Z30ox4-XCZLX34TGv03cNAQR2bKnK9Q3aRBSbMdAn1JVHx8sD0ncU-67Ry38hhgK9ZVzMlSJugM6Kk2E3Abse8OrKWQQnt-LoRzwbW8QQ&sai=AMfl-YSlhmQ4hW-xosYtQs746Y0QA_PRgrtC7xd5sypfQYcZzSLXmH56hRTx7b4vhIL23M9_9b_QVt01D8GPSrSmLvX4Cv3AGCN8x3C-NyOEFDsxMQdzFt69eo9PLrpkzKig&sig=Cg0ArKJSzNZQ9YuW50fREAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame 578E 		61 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1be60b5a71bfa25af7110940b8d511410b158a723d455f72dd7c4ad89b674d68

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
i9Wy1fiAICJwzzbqWhnMuMEeESYpQpqF
Content-Encoding
gzip
Last-Modified
Tue, 16 Mar 2021 11:55:25 GMT
Server
AmazonS3
x-amz-request-id
ETZ6PZESD6ACKYK9
ETag
"75d58198b4bd6637fe901ffbb58c64bf"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Fri, 09 Apr 2021 21:05:00 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
21168
x-amz-id-2
LHlwJJgPLZmp2Igx50vmAgmznPJ8i65yteKWQIO0fk/neaoXKV8p2TmjA7HhUpceN3n9unUuWwc=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 578E 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D282 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
45723
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 10 Apr 2021 08:22:57 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D282 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcPSZe8FwYOi4Ha3C7_UPj9u0aMiC_rhhr-7envEMwLCA7JACEAEg7_aQIWD1lc6B4ASgAYa3zsoDyAEBqQJwFZa9cBuyPuACAKgDAcgDCqoE6AFP0NRtGilnaN7zoApwQYD-sdW7z84qUwsf-fSTyhWeVrthG8wdIXcsn68f2Nm8vLcMx8KcCX8tv7DwVWiACrw4xDKDMOganhJw6YBH3t1ABOBtiGOYXbHSW1vKCqm_S6MeDUCmVNvRpgNS7E8BXVrGPWxgamf7VzVBevu530-U4d7jwpBElmCNfBy_i8aaUX3BTBptx_VgJ8Z0k5y-u9ZsiZxvVAM9qS-Jft_WR5K6iaT4ij5blidOpV8i9QoK-oU1q_R_srmf4DP42uo6b1jURy_HFxGuu3_gdPM-jzTIYdpcUZvkptsAwAS7p8uNlwPgBAGSBQQIBBgBkgUECAUYBKAGZoAH4sixNagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCs8y3SCAkIgOGAQBABGB2ACgPICwHYEwuIFAHQFQGAFwGyFxoKGAgAEhRwdWItNDYyNzUxNzY4MDI0OTY3MA&sigh=V-8ZjJz467c&tpd=AGWhJmuFDX-eWOnSt_rbqjgJsA86ozoZgJvzC08moyQ8k9Gy0w
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795245888949"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040802&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47304303f0ca316cbe5c65701d18d346647a6249f86ee84e399e641efab9acfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6592
x-xss-protection
0
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame D282 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
39683
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Sat, 09 Apr 2022 10:03:37 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame D282 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
154918
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Fri, 08 Apr 2022 02:03:02 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040802.js?31060764
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame FE41
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 09 Apr 2021 21:05:00 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
truncated
/ Frame A88B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f36de792907cb5860c4b4b732895ae9fff50fa642cc027cac068c5d2106b6c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 578E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1cf61716edef5a3a568306c7ad460ce38511aaade3a138fa8584b9cd8dec630

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame D282
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 09 Apr 2021 21:05:00 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE41 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 05:29:43 GMT
x-content-type-options
nosniff
server
cafe
age
56117
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Sat, 10 Apr 2021 05:29:43 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FE41 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
78009
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 09 Apr 2021 23:24:51 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D282 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
78009
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 09 Apr 2021 23:24:51 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A5E3 		478 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXfDjAw7G75GYDf_Z1CaxPiPUoRCCUi0mN3KDoiXo6klEzkcS3jNCkdygUO4uZX0_D0A4BHBdI1SzbjGR6bcjabJ3brXw
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXfDjAw7G75GYDf_Z1CaxPiPUoRCCUi0mN3KDoiXo6klEzkcS3jNCkdygUO4uZX0_D0A4BHBdI1SzbjGR6bcjabJ3brXw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmCJv-Kky6A1SuJmQ0ayBcLpzsHMftJUktYhf8OP-InZVpYJNNZVi38co7a3XI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 09 Apr 2021 21:05:00 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 37EA 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApKt6jeqcHNrEoEL0oMXlPjVx-qNeKFK1DXpgXPGUPCvV-ygi1sinB0NN1Rkb0qAFWV_N4vgdNsXapwfmdEmUgCKdkcLMPPZqF09RiQBkgnFKbHr3tNUQbroXkUQSIP7GGpPGx51bh9JsJnoLVbvTV3M0kYA&dbm_d=AKAmf-DBLvOLo5dsjn7ibfSNbrmiL_NKnqyIrol7wOP7dTeEz88McncX9qmNI9qbGBzJ6CjmsS3hElgJ6nyEkddLtKEmWceyYZWXsy4jKI6NPdtVlkOFTxRYiRQkser94yEXp1hKtOHsgz2S0RTHq5hTFyAU1Po3InoB0tJrkg0sgUgdXO1DBUGqcFzrJj18RXGby79sV4el45xhf-6YlRJru-y_OtoVoq0ZjY9aIDK_tDul4A6EU1eZ3zgUI6i-_RsPMWK7LXx4MBgVRc1fC8TilkEtJkBhQg2_JJFf1Qq_nr3e47CFzCQrjMMdyQQmOXY5vpxCDTBiZoh4sBKSJsIsj_1GuwzCeCortPcmEAiYXVySxinvcKRPyRMHfGA5DX84j2qlebzi03aiFRZSXuE7UcrkgnFOc4S57ooAAMwmDm6fay8nstfVs1gcHG0qQQ4xk7x8Bu5K6-nujC7PfMs3Xsf-1bJIHtzLeCz4lunzlCAH1bGSBYHjlwsGqKobp1f5Lr35eazZi0sJqMps82dXIg4FGeev_sYrQo_sNfzadW_-Q1ZsVlxsIO89ZI_1dzlXn7ftcqexkSlUL5E9qO6WCE9-4_uQxrW4CsHWIqUGIkFHYRgsMguk5vl5dJtbGtyvo95U9IUWe7NPMaRWdVHOB7SpPU9iMmOA6_Qh_I8BGXaQUlXq8tOWPvUQdBRCJ1g8e1Dpv4T11Laj_-oGSUJL2gG3AoTCk-gB4DI7d19oPwKXHVONnufTjg_PhynOkNDUzVVoWdzDf-d6MJzepMaLhw2RdfuXCMIvz5HTqym_UGXa7OuVoT1bIZcKLE72xbL44JDk6iHPK9CsDhMJm_4xK1DZmxVfKilzWdh_JtyzZUW6Hl14-rywOKgonXafyAAOUMkk1B29H7qkFiwpbfQKF-UDNFp57QlgXQmeJvdFlf2DlapHWam88lW5EAVx0Z0ITOoOh3iFVD293Fv-WL8VWYPiuN4V0WKfmT_kd54lLfaBjrnMxGpVaVjnlUqhLMmx1pmaZMt5DPfjusdU_Szup3h3YC2St_IBkWZPvyYqxFk46y939HrlowQSBO7INuMaCKFQ3KGjLieX-niyuhzQSGVFyyuDRbq51qO9RoSdnv_Exgb3pBVQWCCzSnk1BPkJ_tmPTyN8w66EIkIPZyeFqrXjQdX7UVtqPp_u54degsIOQ3HarrToMMAFrux_IagPwUKVDCwUSyiULteOoul53zv-TPD5V9M0sgAcqrU-SBr3azPu5QUI8FsuvnZHODALbPupVi_2BqV1kbHA7WoY2UmtvJY6TB3nBzlKY6rRaxBu_fr7bzLe4Oc1ptbtbDMkmh5OpU2QyOl4QGqKrTDf4Qn3gK0uKj5UXkr6j7zoUbziVm6Owp1P1FThc4Cg6nyUWbQLSvpKBIdlGxVQngf6Vwr7dENcsxWNFiw9h_zmzJMeqTYZLv6USlHcl4-RcfBJmGr8bIwoLtxfZ-XKXLjRFHbpFpssfRcqvMgztslB6fLeWZVgfZ1iL321BlITc1ujP5_4ICZsxWwa6GcxhKB62yAAA5t41W3zkrTvDKqOjRN9BYglkGGnwctNNDhcaFNg4X4YKPBzCENUAg1H1MltSLvCNYqn_v9dYJenqtGKzNr2YctGKQmTYCLIPvXR2TMtLp6QDisVc6PQA4l83yDqjxxZPJ83sG1I1GPkKv_YJBi5KFqahoJXIwx1L414enIora3MFmgeIRPsMVrWuPa96T9lM1H8WMzRcFEgjH7hYApRaS7VTPHCyLzUUWFaE462aXwfpFac8V8Zz0fIVcIOpEj7GW7WiA-_cn2BOJb1Rgy44BTWW-_fS8tx6-FK8LkbHpK3MdhT4v2NYwt5rFa8jtVOXU7cEFg-DNk_jtV_KnmB_X8JBSAgOv7Yd32D6cshhYTzCm0NEQ7b06AeZMs0KPZvaomfR16WphKypwfB_Qgk-3PMtUTbBrY5v0saSowyL2xqIfjYEoiJJGG3Hlo95BxNZvRlAauypmaXIZfPXm9PNSd6HaO0tiwH3C2JxxtbhMNgQeeUEDmxpJplbQKw-s0ME5wekzfdNiaxR2B18wMvVCjyu_ubIVILni3yTzdh0rCqRAEscLERDQLSPn5zY_6fCKI8k0sDV18izjntSXW5_qDWvIPDHGaX2lT4RNiY2D8Ohlu5k65rP7wZLp_EnVHh6fLF07_ZnixpbajsnRDU2OP4ii1dvCA7jZvFkujE7Yx1e8oX3NDbgZQRRB4olYlE66iQufF3ZOfL_3tZwaR0r_mvuR4cF8UhEKKaG7ppw-lCMriwxSdC5nf9ZO0bVtPaJjIonyX70cBSlI9wno_lpgoKc5UAqOI6MUGfxriE4JjUwU3BcWSz5rSaw-2zTDGvooTnJzajWOO6uyy56P-3IwSf-lVADZkiqr_hRwLPKXjP-0mfp0K7GaSu5hHl7-4rqVxFpCpjJi-N9OObGwrL-d5rxu8el0kEGrtV8XT2FwQzrhIh82FndkfGfZNt6uRWpy8Fitdnt6opHWnDr41wDuCV0h0T1mJnZV5KKkGCtSxaFss8dl8QfhsZgHfHarMtFr_Pa8Hrfd6zXTms7hFWzhjZUr_hPybKtrEf0Fz7ccDcLP-dLuSqJKxE1jD0ZvxsKkeHeaGSdZSB_Zjtm_6Vsjy-Z2ET9Ik8TcWqe9g7ONnZeZlq_D06V2xIdf9ST-Zxc6wRRj3t7AJPbjF7dN4L6rmEN8xmXLS7i8tj7atTLfFgs3aRrYktBYNQsAnHfCBItwDmVYXKI3Z3sMXepJcRGMlqZlhSNgenD5oPK-6TKMFngC9gNfQuq3YCmNzpTBSA1sI9x48dtRNS60qGRjqWn66PtxTHt4fyKX4D2RTmUKns1-fJTA96T-3sieiqWGVPT5zDzM8bXlUeJyD7BKixRaf1QykUPMm8cPYGsDti4pai24HIO1lBS3PZZG9LXii32Go9W92nJ-70VSAPjrA9KOKVOA37JRZRdGwLYEah5PQLWLLwUPgKyfANV94MbIXh4sU8RWKPnEpmdSyJbwYzVz2O0b0uXRkAKb-s7Fjxxx6z1JxyhiYlbM3QoO4qFToB08JchurfwyvYkdkePnaV-JF9MH0ASG376AMRT9RLVo2P8h0mVtBuMRqycbENueZvaGiSpn_ImUxv-GyWCXaElMbo-io&cid=CAASPeRo0geQRQHtbde7MeiCPqatz3kA59rbsXYuq8sjmPn1qtG124Kr64ataXVCiNYgM1JDWCEL-kS3kkkzscc&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f3159a453a23f76ab3e4d9ecaba14486a4390bf88454e7e6cdab50a8cd4f637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23694
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37EA 		42 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BJQOK271xFKRdXlcDW6w4QWtibuyLqhlCGOHkXLC5kZa4axg32eWpmMppshe653gatU7leFVvP4WwZI9jJIT22HVWO4rq5soB0J2lDqYC0Wx-Bfvs
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 37EA 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930701&advId=5673933&campId=34339388&pubId=1&placementId=322571529&adsafe_par&bundleId=&dealId=&bidurl=https://www.123greetings.com/
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.107.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-107-229.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8fb98d3b3e4b59c071e34ac3743525615c0b4ff1d4677d8730de4ca73cb2becb

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-server-name
app18.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 37EA 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 21:04:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 37EA 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 37EA 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 21:02:08 GMT
l
www.google.com/ads/measurement/ Frame 37EA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQM6MNEuXAWxTIP0uwQmFRik1L07xsORmS4xHkFrRFB8kKt1k1BgbXXruBqlzdSwUBR8oP
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1B14 		478 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXQWcQ50JQhWyWCJr5n7buP3DvVLtiSC_R5PBWI0Yy210A8PR-FD1sJD1TmfMqVUU7Zc8izPz5mYUfXqaX1WLcrMoPbyQ
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXQWcQ50JQhWyWCJr5n7buP3DvVLtiSC_R5PBWI0Yy210A8PR-FD1sJD1TmfMqVUU7Zc8izPz5mYUfXqaX1WLcrMoPbyQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmCJv-Kky6A1SuJmQ0ayBcLpzsHMftJUktYhf8OP-InZVpYJNNZVi38co7a3XI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 09 Apr 2021 21:05:00 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4C17 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMQTaZFu-ruZZynSJuKnO5ktWyosy6oB4X2NnSabgFbfv-mhSzsJT-K0Nu9TNojG0pvM7sXHZXD0udOmXgzxGltncjldgZbKfM6fWMKpQWrUY5gY-KXW4EPPMeKEEhPWGNDB0aHbro5JLsMd997Rv8BTFZXA&dbm_d=AKAmf-AhuOhu2t-OlFrvrkBvTFIuTvf0UWBWbvbTVJf8GanTizk8J2uwNgkCJ_bubHqSWrq6A-NC6Z_C-bDmNgdJp76ptsfGF-2RZiXShD2UJw1mplhnAXTOPHCt-Kczctbeha4Gjr6tBB6Uh9_tznYAkQJnB-Aua0H5Dpik9VBmxT96ZdzW7v-HXNdw2I_h3pnhkDq0wGBztAR-QdxEaNqCBfuqsBXMUXVA9kFDoGQGrPFcMbz5KY0iq9n7lMF-nKexvGqc_i0mKpPrbmaE_Ga71CBiHJuEG2Jh0Ep7EddfqVxTXiD6EUShXeXLtT8mXalY0mN5sAVpBQTvqMTRj1X--hIRHMkZIhbdO0SDwPGlFany-Vj9auXtRtwZRHTNRr0O7JjleAypffvuhuTDH6aDIP5qTHaExDzuWS7hoq4rRa9LhEZpXzxpmJHGE8iCMAFjzWsT9uLqafawmBx1CtbLBPcHCnDZ1oQDfxmrjCSBJsMQN48lFVxl1T4u9WW-gfpybPy3dD2UaIQMoaHjWOkcqnLAQgOnatGl2Pan0Y5EOTNjV_JtdbdPoypLx1_3KccotYtMhmEwUkCnqC5calfDcgaJHaREYEtSpmq1kk3H1hcwZB2MnmMZUaUof7V7-0ojOHaW_lvFouUFlK2p6LR6yLQdrVKVeG3BWAaaAaiN7xlQJXORlW2GN0wRAmUZpVrmunY3y7XGUfpAf92TQzKpXbtN0brzRh1K7IwIPKj2ah6QL9Hy8u7O4KlgNB8eW9MkYRRwYwZksycG6h2x8beCat2T6SQfsmra0-cHSXd_qGZJS2SzB6vR0W5KCDkM1F6MIGmnZA_z9Df0hpKb1YvYTN50opPZhEe3lSCfxTjd_6VyIBGp7v4z1nve14oiBlhx9xNTAMIaoMC5y11GAOdgT7-hLdwEd300oQLKjtR--rBtIPUi_CLEYcwK2HR68ge0nqwqUgrsVSfwKrhK10Rc-Yim5bu-fHl-ek1ZEnOl56eFTpxgfxIY2y2Ou82DVWwACDBi2_uoT7U-FPOJ76rH44FfcBoup5IIzrOyGxPETU9TkP4_iTKik-14PuFeS90gVoRm5BEGOOReyuxrp-i2PUHS66lkk3aHi5PVYSU5mjAzCMdZ52hYwHPMOfA6OQs96flp5ZxK0iizO4ZTQcel05bqx1necIdCzNaQYO4nF1fUCzNuKF8WmTOw7O4yTtgvq0aMM3QjLWrulvh5DVEC-RxMdtVgsL1WcIOoH3dLQzZOFRQtWHeKPLGOpj1yc8UY5x8w-5AGvynvrbrgStXKWkGaoYZTjWC_RmldsL5jIf0o11TdZwsirgY6bcCk6xbqL3vAZ17XMsvIIDTPzv31yYFUf_Q8M-TQCD5JAYhhPmuSKbr95HTFN-4YvXVJFH0TX295RBrMSEcKoQGUQNsayVVhx6HACNC9gbV1NqkiJEJdZjXZkZhnqGfigDGY9o-oLAcLkrSXt7aXiRNqyVwR75e2J48QsC0kyb-W0Qe_3g9zoExYXqFCGtt6darspCuVFsB0FM2Sgyi6cIa7TdudDsnP4flycROOtAbaSiA3KD393-tZbKpZOKn8pPt_3cYZHyX3fLIMxCzGiyGxqP0e_hYBd0fhnNKF-7CeuZ4a7RhAtf3ytcPxwnsn-5Mdnhbr-VIjaBsGQG0w7b3v_zHAMSeQMmCVD9rmPEufoCLVBqH5Cack8rh5DeMhNag_k_sV12gmv8Xd9_zhjyfjfdLvhLfwJtG4QprtU-PvSu5ldlyepFvCGavPSq9MsP2G8R4WKoy1O6-xOE-bDXqheDwAdmWYwWuMn8b6mcUmQtCOWIO4F55X36IQtyV-cWZCzYhpE7qqxSvDPjbp6L1E3rSfBndV-9iIbx8AmlqoDIQ3FIli7rHO4Dn6_XMqYBmULjmMtAl0g47CQZWBZZw-kigZd3ibGBKI8jeRUOZtXsH0xp6cnSAgGxw56qi_WncdpKYnFeZPYDcsmAFylYXLLC8VwUOECffoKt0D-l92vpBN7DHKHXcOJLf6TeW3nKtMCUCSsBvGIuQieTq_geF6GFA-wSMdycp0T1sqQ2rbAUHlmEMg1s5Bablhfy44K-Ef2yMxs2cWzpU5VQxG6NGXJ1DNIju-j9U9AwI2q_3dFrOp7uFQn6MzzyA2deDMxmBxBf5hdl0rcicBaK0--FfSUctLL2jNZEv7xf49jkgF1FKyULgm844Y48gGha9zs4FssQ4pXUyOFMUBlScW5CMJMAzxDYXnpAyKUY0u8P29Gs-a6V2NnJNhxdORgyQBuHZ9gudKc7UTt70rg_JqxrXr7IN9ELPdBPbNfctpgUrgaeu3-37Q3AVA9ojijOrVerYIym2hpo4Y5SWHc_a9Otqz4uBawYmwqBLlj5BYI5aoMEo6M2HDkswRdyUvOY-EOAbMEU665xqhDTVMmQwBTXQbUWbQtCf7jW4Y1QW2asfByqaXVSvazr_TbIRltt0LM9XA_1s0dQFvXSN-NZjKTmveG3QlEEdGsWXSrpzMD9YKbyzIJj22F4priiOb_fmBXEp02EviihEcLy29tEuQ9Iqyt7IHCo1YW8s646wPjRkCjin9_5BbXhwzEzjfXyVcIYtPlhMmd5ZdD1_00TatPuBL5bUss0gDoLZWkC6hmpTF4l8YBZYA3a3ZRvqTg0h72GPWr-nN4ziNDIlaVp0sRgrkM2y-DV-U6Ql8K3__x7_3vbtO62ZJPJ6XKolJFw9Qtj1KyuvKW7_ldrrNUaXac5BVnz3b-AlK7aq9bwieBZwu5-bqwS5PhuOHrWzzqvq7yfBtZX2c07AmxaKpxagCDsA1-ttc0CPole5qVF52CNXeKcYtdzJSwq2rrsLfZE9_8IRRCjO2ttpWCbnSTv-kBaeLZzMlt1R8WzUQZUiPWwiU35YsuadYD-dVmBVKsoPEVmMhSF21edBvm47z4O2arfTHwFi5oC5Yiu05s3zEWwXXhU1P0e5tiK9iBrzI1U9g5HadVKyXIt1VfpqEZ9ScJH79afC5c4ShkpvV4ypPmTIi-sRcYS9mZHDG2hFE758uxHMJDw7oXktRp14KD5pcIIxtKOQVngFY0-Qx6VizqXn8Ae192B6-zhKSd87HxB3m1xVBHbo6Bh2ztcL_S8XKZ8dp5zyDJGkeYi9D4tYKLongWyH_8ypEysht6ok&cid=CAASPeRocRKiYbU8aTJE22U7k0PEJPcPsh5qvZ5yZx6YxDIok4FsM1M-NXdtBZntGj_V8lHaI5fbl_bhBFYLdHw&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed21722adc27b8f2274c4617f5448d1c9312f83accbc9b7be6bd823f2e719cf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23753
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C17 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5yCmJOwMbqiWxoeRaDCsh_uPcbPc1oguEeaSd3taUTL0D2D5H6G3HXVI8dsHPIRxe_eE-oKdiuPPPEKrXWdS9rhWTIsro4bdCuS3E4iLfaC4MyFY
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 4C17 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930701&advId=5673933&campId=34339388&pubId=1&placementId=322571529&adsafe_par&bundleId=&dealId=&bidurl=https://www.123greetings.com/
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.107.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-107-229.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f76661d58bf5e79e76039c7b311e08225476eb3457afc673635ec51786fdc0b0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-server-name
app29.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 4C17 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 21:04:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4C17 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 4C17 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 21:02:08 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E720 		611 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNX4w4BaAzBRYxe8B3vwcG--RCTzFwZRMdf9U_02n_VPw18d2EmfcCpWLYKaoZ9BMKnLY_GHS2h-vZUFZPfEvVNokqzGfQ
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNX4w4BaAzBRYxe8B3vwcG--RCTzFwZRMdf9U_02n_VPw18d2EmfcCpWLYKaoZ9BMKnLY_GHS2h-vZUFZPfEvVNokqzGfQ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmCJv-Kky6A1SuJmQ0ayBcLpzsHMftJUktYhf8OP-InZVpYJNNZVi38co7a3XI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 09 Apr 2021 21:05:00 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 9625 		58 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8IhM5e5XK6Td8mEFFmeZd_tbYd5TSGFQb7-imeR5z-rHRa2YAp21mfdCEWJsgcMNH-uJSV7-CXQN5ud1e7QB1-XSUSY1H-BYK5is1Gd81_eR-voI8bX5BmuqPnBORmzUqLXAF76-4-Mw7gZ11KAuOjARH4A&dbm_d=AKAmf-BJ6Z2Kf-k55OJZMYxPJFrjvH78TDdnpp9MMOz6QtT46OfpKZx45DvdE2K8GFpT0EO7dnuULBF6xJ0sgN6Cff0f3WOhQnJh90uOXfp2o4QA7o0x26BvbYmQM5IK0jWaMKGBt2Plvh19rnZWykimWwzrIfiU6RdYIk4f023r8EAGkeyzR8r1sjVwHRZ4MkSK1sNsvZqGwhnfmQ6vLZ8wY0Z7PCEun3uOuq2EpYJNlcwpLM_OmtUb3wTOBTet4YDg55_aIp1U8Zd6UHY9Htf9_hXA9D4QQb-QB0VmYa0ZZolkdW7cvdvvwUVeOnxTWL_7RXX_nBA7F3hJzquRXQZk2_24QPm_AlVaKbo8p4Exkaxjw6SkjUCXfOrT7bInua5dtbKg2aHZn2ml51l-EbpdxDVo1JX0DxEpm1vHddTrJGXs9qTMGbstjAv8hZT3XhGFJuMZTzpp2Y1-VOO4RWE45uhuUw5mtshZ1j3T-4q31NDMz6iude7m8TMkLeMNZfXvQSZtGFIZPqhBZ0HAcO4k8GzCz14TEK_liLWEn1D0RwpRq2eOUsnBYAmroMcoPgAOxE__XwqotBxba4CrUwDAE1JIM78WfRtT6EZ-zOncumFNCvU_ZaQ4FQk-XNK4Cff59Olwd5LIUUY-5Jid1_q4WvEv8MsJap48AI0QEd1w8IMqFHQlqE7IMi9EraoGkGBvvILplZlCaUwEkJMy7bPlobZ8EvAL8aUA5cW6tY97rI63mSO7M4f9dWvMbvCVvSWCuiWRB9DpXLCphrWqfQ8vpk0qIwaK0q61pF1wnkaydInhYkn7mIoGS9auUmAjtXWZOS5HCjQzl_kLReGayh_cpNPdDV6dO8aniRJkrIDXOHdu2iqpOolLdGPMAg2dYvFSxYTyEYqvJNoPn_0v_V61NHZaGNZrjSPlsltdOLXMRne7aC3Q19M8B5H5P-btsLtsdyWjKKuRxLhuu0XvH0BlzdYt4Mf6qZz67RGKFF4HGZTBKdG9fHZcUs_DCbu10KC459wnOmS2KddbZOPPRhviGq8zaWNPTgPnpHBPUJM2rn8PgRxZolV1liseddAwu7--KYe9vojJl6-NtZrdAceyCNP7SIOWhH5M6ae3-VyaJM6Ri5VqXlfSKS2uq70dHtBWEIHV5mqkeqftwKui0KbF2UYsp2IkQL0LLakwYQS-U_3uwY78TzQ4q1HX8fLfsSuN6r6c6BvNkulLCbudW5cgIMpZyT7ErOXVzmuTCZxeIwInvF8vgsdBVpRnpRUt_XX7X5GOyMFRjBxTEGt1_smunC26rOiaX2LdkjabygapUBpBd4E7ZMv488E5rIW21NMdq4ww-vJw02wNPhC--5lVoXaldEqfO900UwQqvhVbfYl-VMDmiEi5-c23jAXIoWNQUrXEzrDjahYAH931RcQVlY2fh5z3llqJpwexgPl4WaVRJyy6NTUUIY__OsmYh16YzfSsjrBFhl9V5dSdL1wOmF8XdVBHkwoC1LUoUGm50rUrb46g_Tz4rRwFbbyw_XGhH6AWNLU8bt9cQtgEWcK5JHDhPzrO8-f-1kiipoZbnDry-4NEBzUyeMoIWz1-tqvJi-du68ec0Rq0gj8RrlPBagqT9iZpPcWYMnjjTvnXv9G9JQDp8PD74R9OodcVKtkQI4OADpl08xnt3gw8FYJxCtpv01BJgzoHM-gz5s3b8pb9ZKttE4weMaKfgemjxrVvTK9XuYaGHw7AChQEt3In-L1wf7hWlZTX_9IMUNu_L2DYavrYxp-smG80nSmVMAlMtzlRFxBwKCTuus3l71zBvuAmeJA3_i9lEJ8a9JLwQSdcw0heBJx7AbJUsIxIzc7GG98M29iBpHoEV-X5U2nXMCXQWxsr1cI1On5aj58jxK581YGc03QWAlJyvnQNqP5DYUUnK86zxxCc0bYKbwMlCcqLYx9uZllSii0v9n9Mrm66Dz8RextGZpIavQ9YOk7JkkO1k0ObQVdd0-qcI_kHZACKzXRquwOYxgAr-HumHLf-C6vfsnnpJiVc3DLrDAg7BT-7sZeIWZP8wZ5QkxgjMD7lLZ5BKt9u1PYDH-Y9O3KeFkTd1VGK9zSly3-nlI03EHul-bgR2EQmsEO3_ox3xKiCef8M8xwvxEcHNfdGwqCUsVDLGco4URO8ygw7RpTVS1eZxzFJqimlpIrXwKE-yEhQonr2_dJ_KmAohoKjq7VnIyAXdmIYSPJyTchBgE8HqJ9DZ3H_8g0uFEPrY8E3fZnTTCBOFvIQJ0WxVU7DRAfI0E7jiUqAsWxo_9v0koITlDZBSZGvjmsvjrMU-8hofOJNTguIEVjrTCVfHevCJaiBuD19CVTjl9saPh1z8IWHHgve3JE-mgpCSI2D1ZfQUmmnpPSrDn1fUhrb1--UpXyLKK1ZX8g8bmPh0F9nQu0PgfFGK4J2GMbeS9LnJpe22rtdqtYzwylbPsOJr8REXKpOjnAvsG8w88ZaIn8M1iNOM7OQyf8KjPJCOGaIaFNri8aJcrg1IY0hVPyVpHA5zMVFnLnAT0YyR5ZHv2BemXMP7v8Pks9Kz0JJ4dRyyrIzY7qSRkQGqRAxCxDyHRl9ApqHTbFec8cu-uALeVGAsb3QNWKrMkHFmjLAE91mkrUILzrX-PLPvpd0EXYT-rmGs2bDPiKg2aO9Bkcd4uxEhcCCQS1s6bdQvmgZeyX7PGkQ8eMrOBIal45mr6W4EdtERThw1nqdEdKDqMMIUqR5Vd1D1HOeOryh6AwqglQhqY33P8TmfKzknEhhH1cmS2Ry-pfM7ppTy-jWKs--OQmikz3oZ0XcNUvVvoxUMs5HVdkdJIcXb19XnqKD2lcWn3AKa-fEAbrt1YAWKG16QU58HRwt9HP7buS3JDioydYtRGXo0WC1-QAKD2DgETpfiXdBMpsJM35URpgELwdW2ZLu_rPJLGnFXkAm6Y0uSlbHOoJjJG8NV6f1fw9Uu-3jGltyWN77NziZyxU4SDrZtoHHEJtnG1Hq5MQq9HWNjj7pW6tJQewZcunhgxm47qzlkvfN936SQqdJrqmCAewJILlAoF-XpbaPeqSgY0OpSW2t7XDnjWU-evqs37NP4oItaeUxSaWxqucCCSLnZAPxS5I1_oE-YaZADv1miH_WusBqc3PyHiHGY4KdIBDm8ZKax4t5de_r9wpkcnw&cid=CAASPeRo7aEJm_pr-_oB_DgNdD7L5IX_q9YLtOptEoyAhi_XHi7mxPYWNvEf4WLPLYku3Q8BsHK_-wCTu7oyygw&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a98e591964c7cebda67d7470d2fa3d5d14d44fc22bf452bcb1eaee1e91e0a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23241
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9625 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DEqkYZNvjlp3pOs-L9tJZ199nfQ-pigXUqsKjTE4RmtA4I6yx1y_B6VtV902pVuQ21zq85Rm6MIl5DQQmOkIPRdFzMORAivbwG0m9d2rUx08oKcc8
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 9625 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930701&advId=5673933&campId=34339388&pubId=1&placementId=322571529&adsafe_par&bundleId=&dealId=&bidurl=https://www.123greetings.com/
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.107.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-107-229.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b3467944d5ee4cefef7001118b2a683126bd6a14c3ef8b8f4e3de317d9212298

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-server-name
app21.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 9625 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:04:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 21:04:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9625 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617795240117122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:00 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 9625 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:02:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
172
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 21:02:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7DA1 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 09 Apr 2021 19:27:18 GMT
expires
Sat, 09 Apr 2022 19:27:18 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
5862
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abc.txt
static.avantisvideo.com/data/ Frame A88B 		33 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1007009952286ca4d5dedf9ec66c3769c45589ac29b42cc9512c3cb766b72d5

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Apr 2021 09:01:06 GMT
Server
AmazonS3
x-amz-request-id
N74205HH5465XKWK
ETag
"0669e597f82bc13d9a4dc6475739b80a"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
7176
x-amz-id-2
rt1ybroJbQJUiciwyUafH12Bgi/9y4dB9TW3DBV6lX0wk1kGk6nAs9Po0P60eSvt42BL00r62So=
abc.txt
static.avantisvideo.com/data/ Frame A88B 		33 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1007009952286ca4d5dedf9ec66c3769c45589ac29b42cc9512c3cb766b72d5

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Apr 2021 09:01:06 GMT
Server
AmazonS3
x-amz-request-id
N74205HH5465XKWK
ETag
"0669e597f82bc13d9a4dc6475739b80a"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
7176
x-amz-id-2
rt1ybroJbQJUiciwyUafH12Bgi/9y4dB9TW3DBV6lX0wk1kGk6nAs9Po0P60eSvt42BL00r62So=
abc.txt
static.avantisvideo.com/data/ Frame 578E 		33 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1007009952286ca4d5dedf9ec66c3769c45589ac29b42cc9512c3cb766b72d5

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Apr 2021 09:01:06 GMT
Server
AmazonS3
x-amz-request-id
N74205HH5465XKWK
ETag
"0669e597f82bc13d9a4dc6475739b80a"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
7176
x-amz-id-2
rt1ybroJbQJUiciwyUafH12Bgi/9y4dB9TW3DBV6lX0wk1kGk6nAs9Po0P60eSvt42BL00r62So=
abc.txt
static.avantisvideo.com/data/ Frame 578E 		33 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1007009952286ca4d5dedf9ec66c3769c45589ac29b42cc9512c3cb766b72d5

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:00 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Apr 2021 09:01:06 GMT
Server
AmazonS3
x-amz-request-id
N74205HH5465XKWK
ETag
"0669e597f82bc13d9a4dc6475739b80a"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
7176
x-amz-id-2
rt1ybroJbQJUiciwyUafH12Bgi/9y4dB9TW3DBV6lX0wk1kGk6nAs9Po0P60eSvt42BL00r62So=
view
securepubads.g.doubleclick.net/pcs/ Frame A88B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxKWSXomPQAuzCYTwDMDNvwXbb812n7WfYtgJpyJEMLXCkVF1LW2MxHVp-YAMx1WAiHBbWW4QyZ8uUJmTPqHGsYGsqs2MuTBR35dDz5RydwuV3bE6trHL98fiirHapWckDhb_hWDnf8ix_688bghMRO-33OQpnWQRFcKEDifsnq0Pn0YPVOyh3uh6JHPKkBKrx_Qkqk9lnRz472WTcj6YOqFyX_5g2j9uvAIaUOJ3g1C0y7fZ9r4jChGw3TbYnRSFbG-JTVMHp__4JLpx7wqnnETJmymKr1DmtvQoQyGgFyTRy96t1qFGTc06_B-YjRwR8meSQjEQ5&sai=AMfl-YRtEndOTfctd7CmUqsOMTVQ0gk67KvvsO4kaDb0dh5XYbc1z60mVd3_6gDAk106DSJxwU22vCaBwa7Zhv6iER9RXYQX13RmM_SyExDoAvPUX4QNezjyUCtebsMxpH0J&sig=Cg0ArKJSzFehdxilpFePEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 21:05:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 578E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKjjbkFYhZCk6KHHFcfs44kpNfI6gHj9EEOxE91rt0sOoeXt2nW2B9XBEB4qWp-ewMySzqoyRB7X2aXF1_2f9Vkvba7cTtfJrq9ua16JzdH9DEvp688tla9qw76IzN9fU2tR_9uDek7ks0oPOtgLpy3o80nOlopg7AVZGX2oAZ4y9gZHpi0lr6trI5eZeeJcON6W6Tz9Kxvdz0J0nlp71dU4Oevdn6OVkvz3mSRFTxbpnAmBszqlugEr_y1m-DdT_yDwbn8X4WHnr-nuQFjQ8T0XwgE11tL9sFrBG6NAlWHlVrZaHRFTyUOYtPBmjuLkfz3s7EQzB2ow80UBAsdV92&sai=AMfl-YTE3vRv2yD5EtBh5LxfaLQ7XmyTfIb0EcUw8X5nXrgxsdgG-Ffakd8B2tD2ZAfVb0RVxZUkJILXX_LHvRNoGHa1xZv_BWb8IiqEogmOaFojViAsDnVmGLh_eMvwFT1F&sig=Cg0ArKJSzPtMo8hJcwp2EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:00 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 09 Apr 2021 21:05:00 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 37EA 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38309
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 10:26:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/ Frame 37EA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApKt6jeqcHNrEoEL0oMXlPjVx-qNeKFK1DXpgXPGUPCvV-ygi1sinB0NN1Rkb0qAFWV_N4vgdNsXapwfmdEmUgCKdkcLMPPZqF09RiQBkgnFKbHr3tNUQbroXkUQSIP7GGpPGx51bh9JsJnoLVbvTV3M0kYA&dbm_d=AKAmf-DBLvOLo5dsjn7ibfSNbrmiL_NKnqyIrol7wOP7dTeEz88McncX9qmNI9qbGBzJ6CjmsS3hElgJ6nyEkddLtKEmWceyYZWXsy4jKI6NPdtVlkOFTxRYiRQkser94yEXp1hKtOHsgz2S0RTHq5hTFyAU1Po3InoB0tJrkg0sgUgdXO1DBUGqcFzrJj18RXGby79sV4el45xhf-6YlRJru-y_OtoVoq0ZjY9aIDK_tDul4A6EU1eZ3zgUI6i-_RsPMWK7LXx4MBgVRc1fC8TilkEtJkBhQg2_JJFf1Qq_nr3e47CFzCQrjMMdyQQmOXY5vpxCDTBiZoh4sBKSJsIsj_1GuwzCeCortPcmEAiYXVySxinvcKRPyRMHfGA5DX84j2qlebzi03aiFRZSXuE7UcrkgnFOc4S57ooAAMwmDm6fay8nstfVs1gcHG0qQQ4xk7x8Bu5K6-nujC7PfMs3Xsf-1bJIHtzLeCz4lunzlCAH1bGSBYHjlwsGqKobp1f5Lr35eazZi0sJqMps82dXIg4FGeev_sYrQo_sNfzadW_-Q1ZsVlxsIO89ZI_1dzlXn7ftcqexkSlUL5E9qO6WCE9-4_uQxrW4CsHWIqUGIkFHYRgsMguk5vl5dJtbGtyvo95U9IUWe7NPMaRWdVHOB7SpPU9iMmOA6_Qh_I8BGXaQUlXq8tOWPvUQdBRCJ1g8e1Dpv4T11Laj_-oGSUJL2gG3AoTCk-gB4DI7d19oPwKXHVONnufTjg_PhynOkNDUzVVoWdzDf-d6MJzepMaLhw2RdfuXCMIvz5HTqym_UGXa7OuVoT1bIZcKLE72xbL44JDk6iHPK9CsDhMJm_4xK1DZmxVfKilzWdh_JtyzZUW6Hl14-rywOKgonXafyAAOUMkk1B29H7qkFiwpbfQKF-UDNFp57QlgXQmeJvdFlf2DlapHWam88lW5EAVx0Z0ITOoOh3iFVD293Fv-WL8VWYPiuN4V0WKfmT_kd54lLfaBjrnMxGpVaVjnlUqhLMmx1pmaZMt5DPfjusdU_Szup3h3YC2St_IBkWZPvyYqxFk46y939HrlowQSBO7INuMaCKFQ3KGjLieX-niyuhzQSGVFyyuDRbq51qO9RoSdnv_Exgb3pBVQWCCzSnk1BPkJ_tmPTyN8w66EIkIPZyeFqrXjQdX7UVtqPp_u54degsIOQ3HarrToMMAFrux_IagPwUKVDCwUSyiULteOoul53zv-TPD5V9M0sgAcqrU-SBr3azPu5QUI8FsuvnZHODALbPupVi_2BqV1kbHA7WoY2UmtvJY6TB3nBzlKY6rRaxBu_fr7bzLe4Oc1ptbtbDMkmh5OpU2QyOl4QGqKrTDf4Qn3gK0uKj5UXkr6j7zoUbziVm6Owp1P1FThc4Cg6nyUWbQLSvpKBIdlGxVQngf6Vwr7dENcsxWNFiw9h_zmzJMeqTYZLv6USlHcl4-RcfBJmGr8bIwoLtxfZ-XKXLjRFHbpFpssfRcqvMgztslB6fLeWZVgfZ1iL321BlITc1ujP5_4ICZsxWwa6GcxhKB62yAAA5t41W3zkrTvDKqOjRN9BYglkGGnwctNNDhcaFNg4X4YKPBzCENUAg1H1MltSLvCNYqn_v9dYJenqtGKzNr2YctGKQmTYCLIPvXR2TMtLp6QDisVc6PQA4l83yDqjxxZPJ83sG1I1GPkKv_YJBi5KFqahoJXIwx1L414enIora3MFmgeIRPsMVrWuPa96T9lM1H8WMzRcFEgjH7hYApRaS7VTPHCyLzUUWFaE462aXwfpFac8V8Zz0fIVcIOpEj7GW7WiA-_cn2BOJb1Rgy44BTWW-_fS8tx6-FK8LkbHpK3MdhT4v2NYwt5rFa8jtVOXU7cEFg-DNk_jtV_KnmB_X8JBSAgOv7Yd32D6cshhYTzCm0NEQ7b06AeZMs0KPZvaomfR16WphKypwfB_Qgk-3PMtUTbBrY5v0saSowyL2xqIfjYEoiJJGG3Hlo95BxNZvRlAauypmaXIZfPXm9PNSd6HaO0tiwH3C2JxxtbhMNgQeeUEDmxpJplbQKw-s0ME5wekzfdNiaxR2B18wMvVCjyu_ubIVILni3yTzdh0rCqRAEscLERDQLSPn5zY_6fCKI8k0sDV18izjntSXW5_qDWvIPDHGaX2lT4RNiY2D8Ohlu5k65rP7wZLp_EnVHh6fLF07_ZnixpbajsnRDU2OP4ii1dvCA7jZvFkujE7Yx1e8oX3NDbgZQRRB4olYlE66iQufF3ZOfL_3tZwaR0r_mvuR4cF8UhEKKaG7ppw-lCMriwxSdC5nf9ZO0bVtPaJjIonyX70cBSlI9wno_lpgoKc5UAqOI6MUGfxriE4JjUwU3BcWSz5rSaw-2zTDGvooTnJzajWOO6uyy56P-3IwSf-lVADZkiqr_hRwLPKXjP-0mfp0K7GaSu5hHl7-4rqVxFpCpjJi-N9OObGwrL-d5rxu8el0kEGrtV8XT2FwQzrhIh82FndkfGfZNt6uRWpy8Fitdnt6opHWnDr41wDuCV0h0T1mJnZV5KKkGCtSxaFss8dl8QfhsZgHfHarMtFr_Pa8Hrfd6zXTms7hFWzhjZUr_hPybKtrEf0Fz7ccDcLP-dLuSqJKxE1jD0ZvxsKkeHeaGSdZSB_Zjtm_6Vsjy-Z2ET9Ik8TcWqe9g7ONnZeZlq_D06V2xIdf9ST-Zxc6wRRj3t7AJPbjF7dN4L6rmEN8xmXLS7i8tj7atTLfFgs3aRrYktBYNQsAnHfCBItwDmVYXKI3Z3sMXepJcRGMlqZlhSNgenD5oPK-6TKMFngC9gNfQuq3YCmNzpTBSA1sI9x48dtRNS60qGRjqWn66PtxTHt4fyKX4D2RTmUKns1-fJTA96T-3sieiqWGVPT5zDzM8bXlUeJyD7BKixRaf1QykUPMm8cPYGsDti4pai24HIO1lBS3PZZG9LXii32Go9W92nJ-70VSAPjrA9KOKVOA37JRZRdGwLYEah5PQLWLLwUPgKyfANV94MbIXh4sU8RWKPnEpmdSyJbwYzVz2O0b0uXRkAKb-s7Fjxxx6z1JxyhiYlbM3QoO4qFToB08JchurfwyvYkdkePnaV-JF9MH0ASG376AMRT9RLVo2P8h0mVtBuMRqycbENueZvaGiSpn_ImUxv-GyWCXaElMbo-io&cid=CAASPeRo0geQRQHtbde7MeiCPqatz3kA59rbsXYuq8sjmPn1qtG124Kr64ataXVCiNYgM1JDWCEL-kS3kkkzscc&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 20:53:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 37EA 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ApKt6jeqcHNrEoEL0oMXlPjVx-qNeKFK1DXpgXPGUPCvV-ygi1sinB0NN1Rkb0qAFWV_N4vgdNsXapwfmdEmUgCKdkcLMPPZqF09RiQBkgnFKbHr3tNUQbroXkUQSIP7GGpPGx51bh9JsJnoLVbvTV3M0kYA&dbm_d=AKAmf-DBLvOLo5dsjn7ibfSNbrmiL_NKnqyIrol7wOP7dTeEz88McncX9qmNI9qbGBzJ6CjmsS3hElgJ6nyEkddLtKEmWceyYZWXsy4jKI6NPdtVlkOFTxRYiRQkser94yEXp1hKtOHsgz2S0RTHq5hTFyAU1Po3InoB0tJrkg0sgUgdXO1DBUGqcFzrJj18RXGby79sV4el45xhf-6YlRJru-y_OtoVoq0ZjY9aIDK_tDul4A6EU1eZ3zgUI6i-_RsPMWK7LXx4MBgVRc1fC8TilkEtJkBhQg2_JJFf1Qq_nr3e47CFzCQrjMMdyQQmOXY5vpxCDTBiZoh4sBKSJsIsj_1GuwzCeCortPcmEAiYXVySxinvcKRPyRMHfGA5DX84j2qlebzi03aiFRZSXuE7UcrkgnFOc4S57ooAAMwmDm6fay8nstfVs1gcHG0qQQ4xk7x8Bu5K6-nujC7PfMs3Xsf-1bJIHtzLeCz4lunzlCAH1bGSBYHjlwsGqKobp1f5Lr35eazZi0sJqMps82dXIg4FGeev_sYrQo_sNfzadW_-Q1ZsVlxsIO89ZI_1dzlXn7ftcqexkSlUL5E9qO6WCE9-4_uQxrW4CsHWIqUGIkFHYRgsMguk5vl5dJtbGtyvo95U9IUWe7NPMaRWdVHOB7SpPU9iMmOA6_Qh_I8BGXaQUlXq8tOWPvUQdBRCJ1g8e1Dpv4T11Laj_-oGSUJL2gG3AoTCk-gB4DI7d19oPwKXHVONnufTjg_PhynOkNDUzVVoWdzDf-d6MJzepMaLhw2RdfuXCMIvz5HTqym_UGXa7OuVoT1bIZcKLE72xbL44JDk6iHPK9CsDhMJm_4xK1DZmxVfKilzWdh_JtyzZUW6Hl14-rywOKgonXafyAAOUMkk1B29H7qkFiwpbfQKF-UDNFp57QlgXQmeJvdFlf2DlapHWam88lW5EAVx0Z0ITOoOh3iFVD293Fv-WL8VWYPiuN4V0WKfmT_kd54lLfaBjrnMxGpVaVjnlUqhLMmx1pmaZMt5DPfjusdU_Szup3h3YC2St_IBkWZPvyYqxFk46y939HrlowQSBO7INuMaCKFQ3KGjLieX-niyuhzQSGVFyyuDRbq51qO9RoSdnv_Exgb3pBVQWCCzSnk1BPkJ_tmPTyN8w66EIkIPZyeFqrXjQdX7UVtqPp_u54degsIOQ3HarrToMMAFrux_IagPwUKVDCwUSyiULteOoul53zv-TPD5V9M0sgAcqrU-SBr3azPu5QUI8FsuvnZHODALbPupVi_2BqV1kbHA7WoY2UmtvJY6TB3nBzlKY6rRaxBu_fr7bzLe4Oc1ptbtbDMkmh5OpU2QyOl4QGqKrTDf4Qn3gK0uKj5UXkr6j7zoUbziVm6Owp1P1FThc4Cg6nyUWbQLSvpKBIdlGxVQngf6Vwr7dENcsxWNFiw9h_zmzJMeqTYZLv6USlHcl4-RcfBJmGr8bIwoLtxfZ-XKXLjRFHbpFpssfRcqvMgztslB6fLeWZVgfZ1iL321BlITc1ujP5_4ICZsxWwa6GcxhKB62yAAA5t41W3zkrTvDKqOjRN9BYglkGGnwctNNDhcaFNg4X4YKPBzCENUAg1H1MltSLvCNYqn_v9dYJenqtGKzNr2YctGKQmTYCLIPvXR2TMtLp6QDisVc6PQA4l83yDqjxxZPJ83sG1I1GPkKv_YJBi5KFqahoJXIwx1L414enIora3MFmgeIRPsMVrWuPa96T9lM1H8WMzRcFEgjH7hYApRaS7VTPHCyLzUUWFaE462aXwfpFac8V8Zz0fIVcIOpEj7GW7WiA-_cn2BOJb1Rgy44BTWW-_fS8tx6-FK8LkbHpK3MdhT4v2NYwt5rFa8jtVOXU7cEFg-DNk_jtV_KnmB_X8JBSAgOv7Yd32D6cshhYTzCm0NEQ7b06AeZMs0KPZvaomfR16WphKypwfB_Qgk-3PMtUTbBrY5v0saSowyL2xqIfjYEoiJJGG3Hlo95BxNZvRlAauypmaXIZfPXm9PNSd6HaO0tiwH3C2JxxtbhMNgQeeUEDmxpJplbQKw-s0ME5wekzfdNiaxR2B18wMvVCjyu_ubIVILni3yTzdh0rCqRAEscLERDQLSPn5zY_6fCKI8k0sDV18izjntSXW5_qDWvIPDHGaX2lT4RNiY2D8Ohlu5k65rP7wZLp_EnVHh6fLF07_ZnixpbajsnRDU2OP4ii1dvCA7jZvFkujE7Yx1e8oX3NDbgZQRRB4olYlE66iQufF3ZOfL_3tZwaR0r_mvuR4cF8UhEKKaG7ppw-lCMriwxSdC5nf9ZO0bVtPaJjIonyX70cBSlI9wno_lpgoKc5UAqOI6MUGfxriE4JjUwU3BcWSz5rSaw-2zTDGvooTnJzajWOO6uyy56P-3IwSf-lVADZkiqr_hRwLPKXjP-0mfp0K7GaSu5hHl7-4rqVxFpCpjJi-N9OObGwrL-d5rxu8el0kEGrtV8XT2FwQzrhIh82FndkfGfZNt6uRWpy8Fitdnt6opHWnDr41wDuCV0h0T1mJnZV5KKkGCtSxaFss8dl8QfhsZgHfHarMtFr_Pa8Hrfd6zXTms7hFWzhjZUr_hPybKtrEf0Fz7ccDcLP-dLuSqJKxE1jD0ZvxsKkeHeaGSdZSB_Zjtm_6Vsjy-Z2ET9Ik8TcWqe9g7ONnZeZlq_D06V2xIdf9ST-Zxc6wRRj3t7AJPbjF7dN4L6rmEN8xmXLS7i8tj7atTLfFgs3aRrYktBYNQsAnHfCBItwDmVYXKI3Z3sMXepJcRGMlqZlhSNgenD5oPK-6TKMFngC9gNfQuq3YCmNzpTBSA1sI9x48dtRNS60qGRjqWn66PtxTHt4fyKX4D2RTmUKns1-fJTA96T-3sieiqWGVPT5zDzM8bXlUeJyD7BKixRaf1QykUPMm8cPYGsDti4pai24HIO1lBS3PZZG9LXii32Go9W92nJ-70VSAPjrA9KOKVOA37JRZRdGwLYEah5PQLWLLwUPgKyfANV94MbIXh4sU8RWKPnEpmdSyJbwYzVz2O0b0uXRkAKb-s7Fjxxx6z1JxyhiYlbM3QoO4qFToB08JchurfwyvYkdkePnaV-JF9MH0ASG376AMRT9RLVo2P8h0mVtBuMRqycbENueZvaGiSpn_ImUxv-GyWCXaElMbo-io&cid=CAASPeRo0geQRQHtbde7MeiCPqatz3kA59rbsXYuq8sjmPn1qtG124Kr64ataXVCiNYgM1JDWCEL-kS3kkkzscc&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
10238838524035937739
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 20:49:53 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 4C17 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38309
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 10:26:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/ Frame 4C17 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMQTaZFu-ruZZynSJuKnO5ktWyosy6oB4X2NnSabgFbfv-mhSzsJT-K0Nu9TNojG0pvM7sXHZXD0udOmXgzxGltncjldgZbKfM6fWMKpQWrUY5gY-KXW4EPPMeKEEhPWGNDB0aHbro5JLsMd997Rv8BTFZXA&dbm_d=AKAmf-AhuOhu2t-OlFrvrkBvTFIuTvf0UWBWbvbTVJf8GanTizk8J2uwNgkCJ_bubHqSWrq6A-NC6Z_C-bDmNgdJp76ptsfGF-2RZiXShD2UJw1mplhnAXTOPHCt-Kczctbeha4Gjr6tBB6Uh9_tznYAkQJnB-Aua0H5Dpik9VBmxT96ZdzW7v-HXNdw2I_h3pnhkDq0wGBztAR-QdxEaNqCBfuqsBXMUXVA9kFDoGQGrPFcMbz5KY0iq9n7lMF-nKexvGqc_i0mKpPrbmaE_Ga71CBiHJuEG2Jh0Ep7EddfqVxTXiD6EUShXeXLtT8mXalY0mN5sAVpBQTvqMTRj1X--hIRHMkZIhbdO0SDwPGlFany-Vj9auXtRtwZRHTNRr0O7JjleAypffvuhuTDH6aDIP5qTHaExDzuWS7hoq4rRa9LhEZpXzxpmJHGE8iCMAFjzWsT9uLqafawmBx1CtbLBPcHCnDZ1oQDfxmrjCSBJsMQN48lFVxl1T4u9WW-gfpybPy3dD2UaIQMoaHjWOkcqnLAQgOnatGl2Pan0Y5EOTNjV_JtdbdPoypLx1_3KccotYtMhmEwUkCnqC5calfDcgaJHaREYEtSpmq1kk3H1hcwZB2MnmMZUaUof7V7-0ojOHaW_lvFouUFlK2p6LR6yLQdrVKVeG3BWAaaAaiN7xlQJXORlW2GN0wRAmUZpVrmunY3y7XGUfpAf92TQzKpXbtN0brzRh1K7IwIPKj2ah6QL9Hy8u7O4KlgNB8eW9MkYRRwYwZksycG6h2x8beCat2T6SQfsmra0-cHSXd_qGZJS2SzB6vR0W5KCDkM1F6MIGmnZA_z9Df0hpKb1YvYTN50opPZhEe3lSCfxTjd_6VyIBGp7v4z1nve14oiBlhx9xNTAMIaoMC5y11GAOdgT7-hLdwEd300oQLKjtR--rBtIPUi_CLEYcwK2HR68ge0nqwqUgrsVSfwKrhK10Rc-Yim5bu-fHl-ek1ZEnOl56eFTpxgfxIY2y2Ou82DVWwACDBi2_uoT7U-FPOJ76rH44FfcBoup5IIzrOyGxPETU9TkP4_iTKik-14PuFeS90gVoRm5BEGOOReyuxrp-i2PUHS66lkk3aHi5PVYSU5mjAzCMdZ52hYwHPMOfA6OQs96flp5ZxK0iizO4ZTQcel05bqx1necIdCzNaQYO4nF1fUCzNuKF8WmTOw7O4yTtgvq0aMM3QjLWrulvh5DVEC-RxMdtVgsL1WcIOoH3dLQzZOFRQtWHeKPLGOpj1yc8UY5x8w-5AGvynvrbrgStXKWkGaoYZTjWC_RmldsL5jIf0o11TdZwsirgY6bcCk6xbqL3vAZ17XMsvIIDTPzv31yYFUf_Q8M-TQCD5JAYhhPmuSKbr95HTFN-4YvXVJFH0TX295RBrMSEcKoQGUQNsayVVhx6HACNC9gbV1NqkiJEJdZjXZkZhnqGfigDGY9o-oLAcLkrSXt7aXiRNqyVwR75e2J48QsC0kyb-W0Qe_3g9zoExYXqFCGtt6darspCuVFsB0FM2Sgyi6cIa7TdudDsnP4flycROOtAbaSiA3KD393-tZbKpZOKn8pPt_3cYZHyX3fLIMxCzGiyGxqP0e_hYBd0fhnNKF-7CeuZ4a7RhAtf3ytcPxwnsn-5Mdnhbr-VIjaBsGQG0w7b3v_zHAMSeQMmCVD9rmPEufoCLVBqH5Cack8rh5DeMhNag_k_sV12gmv8Xd9_zhjyfjfdLvhLfwJtG4QprtU-PvSu5ldlyepFvCGavPSq9MsP2G8R4WKoy1O6-xOE-bDXqheDwAdmWYwWuMn8b6mcUmQtCOWIO4F55X36IQtyV-cWZCzYhpE7qqxSvDPjbp6L1E3rSfBndV-9iIbx8AmlqoDIQ3FIli7rHO4Dn6_XMqYBmULjmMtAl0g47CQZWBZZw-kigZd3ibGBKI8jeRUOZtXsH0xp6cnSAgGxw56qi_WncdpKYnFeZPYDcsmAFylYXLLC8VwUOECffoKt0D-l92vpBN7DHKHXcOJLf6TeW3nKtMCUCSsBvGIuQieTq_geF6GFA-wSMdycp0T1sqQ2rbAUHlmEMg1s5Bablhfy44K-Ef2yMxs2cWzpU5VQxG6NGXJ1DNIju-j9U9AwI2q_3dFrOp7uFQn6MzzyA2deDMxmBxBf5hdl0rcicBaK0--FfSUctLL2jNZEv7xf49jkgF1FKyULgm844Y48gGha9zs4FssQ4pXUyOFMUBlScW5CMJMAzxDYXnpAyKUY0u8P29Gs-a6V2NnJNhxdORgyQBuHZ9gudKc7UTt70rg_JqxrXr7IN9ELPdBPbNfctpgUrgaeu3-37Q3AVA9ojijOrVerYIym2hpo4Y5SWHc_a9Otqz4uBawYmwqBLlj5BYI5aoMEo6M2HDkswRdyUvOY-EOAbMEU665xqhDTVMmQwBTXQbUWbQtCf7jW4Y1QW2asfByqaXVSvazr_TbIRltt0LM9XA_1s0dQFvXSN-NZjKTmveG3QlEEdGsWXSrpzMD9YKbyzIJj22F4priiOb_fmBXEp02EviihEcLy29tEuQ9Iqyt7IHCo1YW8s646wPjRkCjin9_5BbXhwzEzjfXyVcIYtPlhMmd5ZdD1_00TatPuBL5bUss0gDoLZWkC6hmpTF4l8YBZYA3a3ZRvqTg0h72GPWr-nN4ziNDIlaVp0sRgrkM2y-DV-U6Ql8K3__x7_3vbtO62ZJPJ6XKolJFw9Qtj1KyuvKW7_ldrrNUaXac5BVnz3b-AlK7aq9bwieBZwu5-bqwS5PhuOHrWzzqvq7yfBtZX2c07AmxaKpxagCDsA1-ttc0CPole5qVF52CNXeKcYtdzJSwq2rrsLfZE9_8IRRCjO2ttpWCbnSTv-kBaeLZzMlt1R8WzUQZUiPWwiU35YsuadYD-dVmBVKsoPEVmMhSF21edBvm47z4O2arfTHwFi5oC5Yiu05s3zEWwXXhU1P0e5tiK9iBrzI1U9g5HadVKyXIt1VfpqEZ9ScJH79afC5c4ShkpvV4ypPmTIi-sRcYS9mZHDG2hFE758uxHMJDw7oXktRp14KD5pcIIxtKOQVngFY0-Qx6VizqXn8Ae192B6-zhKSd87HxB3m1xVBHbo6Bh2ztcL_S8XKZ8dp5zyDJGkeYi9D4tYKLongWyH_8ypEysht6ok&cid=CAASPeRocRKiYbU8aTJE22U7k0PEJPcPsh5qvZ5yZx6YxDIok4FsM1M-NXdtBZntGj_V8lHaI5fbl_bhBFYLdHw&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 20:53:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 4C17 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMQTaZFu-ruZZynSJuKnO5ktWyosy6oB4X2NnSabgFbfv-mhSzsJT-K0Nu9TNojG0pvM7sXHZXD0udOmXgzxGltncjldgZbKfM6fWMKpQWrUY5gY-KXW4EPPMeKEEhPWGNDB0aHbro5JLsMd997Rv8BTFZXA&dbm_d=AKAmf-AhuOhu2t-OlFrvrkBvTFIuTvf0UWBWbvbTVJf8GanTizk8J2uwNgkCJ_bubHqSWrq6A-NC6Z_C-bDmNgdJp76ptsfGF-2RZiXShD2UJw1mplhnAXTOPHCt-Kczctbeha4Gjr6tBB6Uh9_tznYAkQJnB-Aua0H5Dpik9VBmxT96ZdzW7v-HXNdw2I_h3pnhkDq0wGBztAR-QdxEaNqCBfuqsBXMUXVA9kFDoGQGrPFcMbz5KY0iq9n7lMF-nKexvGqc_i0mKpPrbmaE_Ga71CBiHJuEG2Jh0Ep7EddfqVxTXiD6EUShXeXLtT8mXalY0mN5sAVpBQTvqMTRj1X--hIRHMkZIhbdO0SDwPGlFany-Vj9auXtRtwZRHTNRr0O7JjleAypffvuhuTDH6aDIP5qTHaExDzuWS7hoq4rRa9LhEZpXzxpmJHGE8iCMAFjzWsT9uLqafawmBx1CtbLBPcHCnDZ1oQDfxmrjCSBJsMQN48lFVxl1T4u9WW-gfpybPy3dD2UaIQMoaHjWOkcqnLAQgOnatGl2Pan0Y5EOTNjV_JtdbdPoypLx1_3KccotYtMhmEwUkCnqC5calfDcgaJHaREYEtSpmq1kk3H1hcwZB2MnmMZUaUof7V7-0ojOHaW_lvFouUFlK2p6LR6yLQdrVKVeG3BWAaaAaiN7xlQJXORlW2GN0wRAmUZpVrmunY3y7XGUfpAf92TQzKpXbtN0brzRh1K7IwIPKj2ah6QL9Hy8u7O4KlgNB8eW9MkYRRwYwZksycG6h2x8beCat2T6SQfsmra0-cHSXd_qGZJS2SzB6vR0W5KCDkM1F6MIGmnZA_z9Df0hpKb1YvYTN50opPZhEe3lSCfxTjd_6VyIBGp7v4z1nve14oiBlhx9xNTAMIaoMC5y11GAOdgT7-hLdwEd300oQLKjtR--rBtIPUi_CLEYcwK2HR68ge0nqwqUgrsVSfwKrhK10Rc-Yim5bu-fHl-ek1ZEnOl56eFTpxgfxIY2y2Ou82DVWwACDBi2_uoT7U-FPOJ76rH44FfcBoup5IIzrOyGxPETU9TkP4_iTKik-14PuFeS90gVoRm5BEGOOReyuxrp-i2PUHS66lkk3aHi5PVYSU5mjAzCMdZ52hYwHPMOfA6OQs96flp5ZxK0iizO4ZTQcel05bqx1necIdCzNaQYO4nF1fUCzNuKF8WmTOw7O4yTtgvq0aMM3QjLWrulvh5DVEC-RxMdtVgsL1WcIOoH3dLQzZOFRQtWHeKPLGOpj1yc8UY5x8w-5AGvynvrbrgStXKWkGaoYZTjWC_RmldsL5jIf0o11TdZwsirgY6bcCk6xbqL3vAZ17XMsvIIDTPzv31yYFUf_Q8M-TQCD5JAYhhPmuSKbr95HTFN-4YvXVJFH0TX295RBrMSEcKoQGUQNsayVVhx6HACNC9gbV1NqkiJEJdZjXZkZhnqGfigDGY9o-oLAcLkrSXt7aXiRNqyVwR75e2J48QsC0kyb-W0Qe_3g9zoExYXqFCGtt6darspCuVFsB0FM2Sgyi6cIa7TdudDsnP4flycROOtAbaSiA3KD393-tZbKpZOKn8pPt_3cYZHyX3fLIMxCzGiyGxqP0e_hYBd0fhnNKF-7CeuZ4a7RhAtf3ytcPxwnsn-5Mdnhbr-VIjaBsGQG0w7b3v_zHAMSeQMmCVD9rmPEufoCLVBqH5Cack8rh5DeMhNag_k_sV12gmv8Xd9_zhjyfjfdLvhLfwJtG4QprtU-PvSu5ldlyepFvCGavPSq9MsP2G8R4WKoy1O6-xOE-bDXqheDwAdmWYwWuMn8b6mcUmQtCOWIO4F55X36IQtyV-cWZCzYhpE7qqxSvDPjbp6L1E3rSfBndV-9iIbx8AmlqoDIQ3FIli7rHO4Dn6_XMqYBmULjmMtAl0g47CQZWBZZw-kigZd3ibGBKI8jeRUOZtXsH0xp6cnSAgGxw56qi_WncdpKYnFeZPYDcsmAFylYXLLC8VwUOECffoKt0D-l92vpBN7DHKHXcOJLf6TeW3nKtMCUCSsBvGIuQieTq_geF6GFA-wSMdycp0T1sqQ2rbAUHlmEMg1s5Bablhfy44K-Ef2yMxs2cWzpU5VQxG6NGXJ1DNIju-j9U9AwI2q_3dFrOp7uFQn6MzzyA2deDMxmBxBf5hdl0rcicBaK0--FfSUctLL2jNZEv7xf49jkgF1FKyULgm844Y48gGha9zs4FssQ4pXUyOFMUBlScW5CMJMAzxDYXnpAyKUY0u8P29Gs-a6V2NnJNhxdORgyQBuHZ9gudKc7UTt70rg_JqxrXr7IN9ELPdBPbNfctpgUrgaeu3-37Q3AVA9ojijOrVerYIym2hpo4Y5SWHc_a9Otqz4uBawYmwqBLlj5BYI5aoMEo6M2HDkswRdyUvOY-EOAbMEU665xqhDTVMmQwBTXQbUWbQtCf7jW4Y1QW2asfByqaXVSvazr_TbIRltt0LM9XA_1s0dQFvXSN-NZjKTmveG3QlEEdGsWXSrpzMD9YKbyzIJj22F4priiOb_fmBXEp02EviihEcLy29tEuQ9Iqyt7IHCo1YW8s646wPjRkCjin9_5BbXhwzEzjfXyVcIYtPlhMmd5ZdD1_00TatPuBL5bUss0gDoLZWkC6hmpTF4l8YBZYA3a3ZRvqTg0h72GPWr-nN4ziNDIlaVp0sRgrkM2y-DV-U6Ql8K3__x7_3vbtO62ZJPJ6XKolJFw9Qtj1KyuvKW7_ldrrNUaXac5BVnz3b-AlK7aq9bwieBZwu5-bqwS5PhuOHrWzzqvq7yfBtZX2c07AmxaKpxagCDsA1-ttc0CPole5qVF52CNXeKcYtdzJSwq2rrsLfZE9_8IRRCjO2ttpWCbnSTv-kBaeLZzMlt1R8WzUQZUiPWwiU35YsuadYD-dVmBVKsoPEVmMhSF21edBvm47z4O2arfTHwFi5oC5Yiu05s3zEWwXXhU1P0e5tiK9iBrzI1U9g5HadVKyXIt1VfpqEZ9ScJH79afC5c4ShkpvV4ypPmTIi-sRcYS9mZHDG2hFE758uxHMJDw7oXktRp14KD5pcIIxtKOQVngFY0-Qx6VizqXn8Ae192B6-zhKSd87HxB3m1xVBHbo6Bh2ztcL_S8XKZ8dp5zyDJGkeYi9D4tYKLongWyH_8ypEysht6ok&cid=CAASPeRocRKiYbU8aTJE22U7k0PEJPcPsh5qvZ5yZx6YxDIok4FsM1M-NXdtBZntGj_V8lHaI5fbl_bhBFYLdHw&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
10238838524035937739
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 20:49:53 GMT
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 9625 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38309
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 10:26:31 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/ Frame 9625 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8IhM5e5XK6Td8mEFFmeZd_tbYd5TSGFQb7-imeR5z-rHRa2YAp21mfdCEWJsgcMNH-uJSV7-CXQN5ud1e7QB1-XSUSY1H-BYK5is1Gd81_eR-voI8bX5BmuqPnBORmzUqLXAF76-4-Mw7gZ11KAuOjARH4A&dbm_d=AKAmf-BJ6Z2Kf-k55OJZMYxPJFrjvH78TDdnpp9MMOz6QtT46OfpKZx45DvdE2K8GFpT0EO7dnuULBF6xJ0sgN6Cff0f3WOhQnJh90uOXfp2o4QA7o0x26BvbYmQM5IK0jWaMKGBt2Plvh19rnZWykimWwzrIfiU6RdYIk4f023r8EAGkeyzR8r1sjVwHRZ4MkSK1sNsvZqGwhnfmQ6vLZ8wY0Z7PCEun3uOuq2EpYJNlcwpLM_OmtUb3wTOBTet4YDg55_aIp1U8Zd6UHY9Htf9_hXA9D4QQb-QB0VmYa0ZZolkdW7cvdvvwUVeOnxTWL_7RXX_nBA7F3hJzquRXQZk2_24QPm_AlVaKbo8p4Exkaxjw6SkjUCXfOrT7bInua5dtbKg2aHZn2ml51l-EbpdxDVo1JX0DxEpm1vHddTrJGXs9qTMGbstjAv8hZT3XhGFJuMZTzpp2Y1-VOO4RWE45uhuUw5mtshZ1j3T-4q31NDMz6iude7m8TMkLeMNZfXvQSZtGFIZPqhBZ0HAcO4k8GzCz14TEK_liLWEn1D0RwpRq2eOUsnBYAmroMcoPgAOxE__XwqotBxba4CrUwDAE1JIM78WfRtT6EZ-zOncumFNCvU_ZaQ4FQk-XNK4Cff59Olwd5LIUUY-5Jid1_q4WvEv8MsJap48AI0QEd1w8IMqFHQlqE7IMi9EraoGkGBvvILplZlCaUwEkJMy7bPlobZ8EvAL8aUA5cW6tY97rI63mSO7M4f9dWvMbvCVvSWCuiWRB9DpXLCphrWqfQ8vpk0qIwaK0q61pF1wnkaydInhYkn7mIoGS9auUmAjtXWZOS5HCjQzl_kLReGayh_cpNPdDV6dO8aniRJkrIDXOHdu2iqpOolLdGPMAg2dYvFSxYTyEYqvJNoPn_0v_V61NHZaGNZrjSPlsltdOLXMRne7aC3Q19M8B5H5P-btsLtsdyWjKKuRxLhuu0XvH0BlzdYt4Mf6qZz67RGKFF4HGZTBKdG9fHZcUs_DCbu10KC459wnOmS2KddbZOPPRhviGq8zaWNPTgPnpHBPUJM2rn8PgRxZolV1liseddAwu7--KYe9vojJl6-NtZrdAceyCNP7SIOWhH5M6ae3-VyaJM6Ri5VqXlfSKS2uq70dHtBWEIHV5mqkeqftwKui0KbF2UYsp2IkQL0LLakwYQS-U_3uwY78TzQ4q1HX8fLfsSuN6r6c6BvNkulLCbudW5cgIMpZyT7ErOXVzmuTCZxeIwInvF8vgsdBVpRnpRUt_XX7X5GOyMFRjBxTEGt1_smunC26rOiaX2LdkjabygapUBpBd4E7ZMv488E5rIW21NMdq4ww-vJw02wNPhC--5lVoXaldEqfO900UwQqvhVbfYl-VMDmiEi5-c23jAXIoWNQUrXEzrDjahYAH931RcQVlY2fh5z3llqJpwexgPl4WaVRJyy6NTUUIY__OsmYh16YzfSsjrBFhl9V5dSdL1wOmF8XdVBHkwoC1LUoUGm50rUrb46g_Tz4rRwFbbyw_XGhH6AWNLU8bt9cQtgEWcK5JHDhPzrO8-f-1kiipoZbnDry-4NEBzUyeMoIWz1-tqvJi-du68ec0Rq0gj8RrlPBagqT9iZpPcWYMnjjTvnXv9G9JQDp8PD74R9OodcVKtkQI4OADpl08xnt3gw8FYJxCtpv01BJgzoHM-gz5s3b8pb9ZKttE4weMaKfgemjxrVvTK9XuYaGHw7AChQEt3In-L1wf7hWlZTX_9IMUNu_L2DYavrYxp-smG80nSmVMAlMtzlRFxBwKCTuus3l71zBvuAmeJA3_i9lEJ8a9JLwQSdcw0heBJx7AbJUsIxIzc7GG98M29iBpHoEV-X5U2nXMCXQWxsr1cI1On5aj58jxK581YGc03QWAlJyvnQNqP5DYUUnK86zxxCc0bYKbwMlCcqLYx9uZllSii0v9n9Mrm66Dz8RextGZpIavQ9YOk7JkkO1k0ObQVdd0-qcI_kHZACKzXRquwOYxgAr-HumHLf-C6vfsnnpJiVc3DLrDAg7BT-7sZeIWZP8wZ5QkxgjMD7lLZ5BKt9u1PYDH-Y9O3KeFkTd1VGK9zSly3-nlI03EHul-bgR2EQmsEO3_ox3xKiCef8M8xwvxEcHNfdGwqCUsVDLGco4URO8ygw7RpTVS1eZxzFJqimlpIrXwKE-yEhQonr2_dJ_KmAohoKjq7VnIyAXdmIYSPJyTchBgE8HqJ9DZ3H_8g0uFEPrY8E3fZnTTCBOFvIQJ0WxVU7DRAfI0E7jiUqAsWxo_9v0koITlDZBSZGvjmsvjrMU-8hofOJNTguIEVjrTCVfHevCJaiBuD19CVTjl9saPh1z8IWHHgve3JE-mgpCSI2D1ZfQUmmnpPSrDn1fUhrb1--UpXyLKK1ZX8g8bmPh0F9nQu0PgfFGK4J2GMbeS9LnJpe22rtdqtYzwylbPsOJr8REXKpOjnAvsG8w88ZaIn8M1iNOM7OQyf8KjPJCOGaIaFNri8aJcrg1IY0hVPyVpHA5zMVFnLnAT0YyR5ZHv2BemXMP7v8Pks9Kz0JJ4dRyyrIzY7qSRkQGqRAxCxDyHRl9ApqHTbFec8cu-uALeVGAsb3QNWKrMkHFmjLAE91mkrUILzrX-PLPvpd0EXYT-rmGs2bDPiKg2aO9Bkcd4uxEhcCCQS1s6bdQvmgZeyX7PGkQ8eMrOBIal45mr6W4EdtERThw1nqdEdKDqMMIUqR5Vd1D1HOeOryh6AwqglQhqY33P8TmfKzknEhhH1cmS2Ry-pfM7ppTy-jWKs--OQmikz3oZ0XcNUvVvoxUMs5HVdkdJIcXb19XnqKD2lcWn3AKa-fEAbrt1YAWKG16QU58HRwt9HP7buS3JDioydYtRGXo0WC1-QAKD2DgETpfiXdBMpsJM35URpgELwdW2ZLu_rPJLGnFXkAm6Y0uSlbHOoJjJG8NV6f1fw9Uu-3jGltyWN77NziZyxU4SDrZtoHHEJtnG1Hq5MQq9HWNjj7pW6tJQewZcunhgxm47qzlkvfN936SQqdJrqmCAewJILlAoF-XpbaPeqSgY0OpSW2t7XDnjWU-evqs37NP4oItaeUxSaWxqucCCSLnZAPxS5I1_oE-YaZADv1miH_WusBqc3PyHiHGY4KdIBDm8ZKax4t5de_r9wpkcnw&cid=CAASPeRo7aEJm_pr-_oB_DgNdD7L5IX_q9YLtOptEoyAhi_XHi7mxPYWNvEf4WLPLYku3Q8BsHK_-wCTu7oyygw&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 20:53:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 9625 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8IhM5e5XK6Td8mEFFmeZd_tbYd5TSGFQb7-imeR5z-rHRa2YAp21mfdCEWJsgcMNH-uJSV7-CXQN5ud1e7QB1-XSUSY1H-BYK5is1Gd81_eR-voI8bX5BmuqPnBORmzUqLXAF76-4-Mw7gZ11KAuOjARH4A&dbm_d=AKAmf-BJ6Z2Kf-k55OJZMYxPJFrjvH78TDdnpp9MMOz6QtT46OfpKZx45DvdE2K8GFpT0EO7dnuULBF6xJ0sgN6Cff0f3WOhQnJh90uOXfp2o4QA7o0x26BvbYmQM5IK0jWaMKGBt2Plvh19rnZWykimWwzrIfiU6RdYIk4f023r8EAGkeyzR8r1sjVwHRZ4MkSK1sNsvZqGwhnfmQ6vLZ8wY0Z7PCEun3uOuq2EpYJNlcwpLM_OmtUb3wTOBTet4YDg55_aIp1U8Zd6UHY9Htf9_hXA9D4QQb-QB0VmYa0ZZolkdW7cvdvvwUVeOnxTWL_7RXX_nBA7F3hJzquRXQZk2_24QPm_AlVaKbo8p4Exkaxjw6SkjUCXfOrT7bInua5dtbKg2aHZn2ml51l-EbpdxDVo1JX0DxEpm1vHddTrJGXs9qTMGbstjAv8hZT3XhGFJuMZTzpp2Y1-VOO4RWE45uhuUw5mtshZ1j3T-4q31NDMz6iude7m8TMkLeMNZfXvQSZtGFIZPqhBZ0HAcO4k8GzCz14TEK_liLWEn1D0RwpRq2eOUsnBYAmroMcoPgAOxE__XwqotBxba4CrUwDAE1JIM78WfRtT6EZ-zOncumFNCvU_ZaQ4FQk-XNK4Cff59Olwd5LIUUY-5Jid1_q4WvEv8MsJap48AI0QEd1w8IMqFHQlqE7IMi9EraoGkGBvvILplZlCaUwEkJMy7bPlobZ8EvAL8aUA5cW6tY97rI63mSO7M4f9dWvMbvCVvSWCuiWRB9DpXLCphrWqfQ8vpk0qIwaK0q61pF1wnkaydInhYkn7mIoGS9auUmAjtXWZOS5HCjQzl_kLReGayh_cpNPdDV6dO8aniRJkrIDXOHdu2iqpOolLdGPMAg2dYvFSxYTyEYqvJNoPn_0v_V61NHZaGNZrjSPlsltdOLXMRne7aC3Q19M8B5H5P-btsLtsdyWjKKuRxLhuu0XvH0BlzdYt4Mf6qZz67RGKFF4HGZTBKdG9fHZcUs_DCbu10KC459wnOmS2KddbZOPPRhviGq8zaWNPTgPnpHBPUJM2rn8PgRxZolV1liseddAwu7--KYe9vojJl6-NtZrdAceyCNP7SIOWhH5M6ae3-VyaJM6Ri5VqXlfSKS2uq70dHtBWEIHV5mqkeqftwKui0KbF2UYsp2IkQL0LLakwYQS-U_3uwY78TzQ4q1HX8fLfsSuN6r6c6BvNkulLCbudW5cgIMpZyT7ErOXVzmuTCZxeIwInvF8vgsdBVpRnpRUt_XX7X5GOyMFRjBxTEGt1_smunC26rOiaX2LdkjabygapUBpBd4E7ZMv488E5rIW21NMdq4ww-vJw02wNPhC--5lVoXaldEqfO900UwQqvhVbfYl-VMDmiEi5-c23jAXIoWNQUrXEzrDjahYAH931RcQVlY2fh5z3llqJpwexgPl4WaVRJyy6NTUUIY__OsmYh16YzfSsjrBFhl9V5dSdL1wOmF8XdVBHkwoC1LUoUGm50rUrb46g_Tz4rRwFbbyw_XGhH6AWNLU8bt9cQtgEWcK5JHDhPzrO8-f-1kiipoZbnDry-4NEBzUyeMoIWz1-tqvJi-du68ec0Rq0gj8RrlPBagqT9iZpPcWYMnjjTvnXv9G9JQDp8PD74R9OodcVKtkQI4OADpl08xnt3gw8FYJxCtpv01BJgzoHM-gz5s3b8pb9ZKttE4weMaKfgemjxrVvTK9XuYaGHw7AChQEt3In-L1wf7hWlZTX_9IMUNu_L2DYavrYxp-smG80nSmVMAlMtzlRFxBwKCTuus3l71zBvuAmeJA3_i9lEJ8a9JLwQSdcw0heBJx7AbJUsIxIzc7GG98M29iBpHoEV-X5U2nXMCXQWxsr1cI1On5aj58jxK581YGc03QWAlJyvnQNqP5DYUUnK86zxxCc0bYKbwMlCcqLYx9uZllSii0v9n9Mrm66Dz8RextGZpIavQ9YOk7JkkO1k0ObQVdd0-qcI_kHZACKzXRquwOYxgAr-HumHLf-C6vfsnnpJiVc3DLrDAg7BT-7sZeIWZP8wZ5QkxgjMD7lLZ5BKt9u1PYDH-Y9O3KeFkTd1VGK9zSly3-nlI03EHul-bgR2EQmsEO3_ox3xKiCef8M8xwvxEcHNfdGwqCUsVDLGco4URO8ygw7RpTVS1eZxzFJqimlpIrXwKE-yEhQonr2_dJ_KmAohoKjq7VnIyAXdmIYSPJyTchBgE8HqJ9DZ3H_8g0uFEPrY8E3fZnTTCBOFvIQJ0WxVU7DRAfI0E7jiUqAsWxo_9v0koITlDZBSZGvjmsvjrMU-8hofOJNTguIEVjrTCVfHevCJaiBuD19CVTjl9saPh1z8IWHHgve3JE-mgpCSI2D1ZfQUmmnpPSrDn1fUhrb1--UpXyLKK1ZX8g8bmPh0F9nQu0PgfFGK4J2GMbeS9LnJpe22rtdqtYzwylbPsOJr8REXKpOjnAvsG8w88ZaIn8M1iNOM7OQyf8KjPJCOGaIaFNri8aJcrg1IY0hVPyVpHA5zMVFnLnAT0YyR5ZHv2BemXMP7v8Pks9Kz0JJ4dRyyrIzY7qSRkQGqRAxCxDyHRl9ApqHTbFec8cu-uALeVGAsb3QNWKrMkHFmjLAE91mkrUILzrX-PLPvpd0EXYT-rmGs2bDPiKg2aO9Bkcd4uxEhcCCQS1s6bdQvmgZeyX7PGkQ8eMrOBIal45mr6W4EdtERThw1nqdEdKDqMMIUqR5Vd1D1HOeOryh6AwqglQhqY33P8TmfKzknEhhH1cmS2Ry-pfM7ppTy-jWKs--OQmikz3oZ0XcNUvVvoxUMs5HVdkdJIcXb19XnqKD2lcWn3AKa-fEAbrt1YAWKG16QU58HRwt9HP7buS3JDioydYtRGXo0WC1-QAKD2DgETpfiXdBMpsJM35URpgELwdW2ZLu_rPJLGnFXkAm6Y0uSlbHOoJjJG8NV6f1fw9Uu-3jGltyWN77NziZyxU4SDrZtoHHEJtnG1Hq5MQq9HWNjj7pW6tJQewZcunhgxm47qzlkvfN936SQqdJrqmCAewJILlAoF-XpbaPeqSgY0OpSW2t7XDnjWU-evqs37NP4oItaeUxSaWxqucCCSLnZAPxS5I1_oE-YaZADv1miH_WusBqc3PyHiHGY4KdIBDm8ZKax4t5de_r9wpkcnw&cid=CAASPeRo7aEJm_pr-_oB_DgNdD7L5IX_q9YLtOptEoyAhi_XHi7mxPYWNvEf4WLPLYku3Q8BsHK_-wCTu7oyygw&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:49:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8469
x-xss-protection
0
server
cafe
etag
10238838524035937739
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Apr 2021 20:49:53 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame E80F 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

Host
cdn1.avantisvideo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

x-amz-id-2
Vz5k+r1Dj31bXhQ47DO2m43ISuw2JqztkyxpqWW4LYrtN254dLE6bpKVE8MJ77EZA7/b3DafJ9Y=
x-amz-request-id
F1ZEQXTZPYD467XZ
Last-Modified
Tue, 30 Mar 2021 10:01:49 GMT
ETag
"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id
Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 09 Apr 2021 21:05:00 GMT
Content-Length
15098
Connection
keep-alive
X-Forward-Proto
http
CDN-Origin-Protocol
HTTP
u_d.html
cdn1.avantisvideo.com/connect/ Frame FD65 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

Host
cdn1.avantisvideo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

x-amz-id-2
Vz5k+r1Dj31bXhQ47DO2m43ISuw2JqztkyxpqWW4LYrtN254dLE6bpKVE8MJ77EZA7/b3DafJ9Y=
x-amz-request-id
F1ZEQXTZPYD467XZ
Last-Modified
Tue, 30 Mar 2021 10:01:49 GMT
ETag
"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id
Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 09 Apr 2021 21:05:00 GMT
Content-Length
15098
Connection
keep-alive
X-Forward-Proto
http
CDN-Origin-Protocol
HTTP
pixel
cm.g.doubleclick.net/ Frame A5E3 		170 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXfDjAw7G75GYDf_Z1CaxPiPUoRCCUi0mN3KDoiXo6klEzkcS3jNCkdygUO4uZX0_D0A4BHBdI1SzbjGR6bcjabJ3brXw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A5E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXfDjAw7G75GYDf_Z1CaxPiPUoRCCUi0mN3KDoiXo6klEzkcS3jNCkdygUO4uZX0_D0A4BHBdI1SzbjGR6bcjabJ3brXw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.76.200.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 21:05:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A5E3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHDBfGgDEXvCbFNVpgzIHgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXfDjAw7G75GYDf_Z1CaxPiPUoRCCUi0mN3KDoiXo6klEzkcS3jNCkdygUO4uZX0_D0A4BHBdI1SzbjGR6bcjabJ3brXw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.76.200.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 21:05:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1B14 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXQWcQ50JQhWyWCJr5n7buP3DvVLtiSC_R5PBWI0Yy210A8PR-FD1sJD1TmfMqVUU7Zc8izPz5mYUfXqaX1WLcrMoPbyQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1B14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXQWcQ50JQhWyWCJr5n7buP3DvVLtiSC_R5PBWI0Yy210A8PR-FD1sJD1TmfMqVUU7Zc8izPz5mYUfXqaX1WLcrMoPbyQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.76.200.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 21:05:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1B14
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHDBfGgDEXvCbFNVpgzIHgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNXQWcQ50JQhWyWCJr5n7buP3DvVLtiSC_R5PBWI0Yy210A8PR-FD1sJD1TmfMqVUU7Zc8izPz5mYUfXqaX1WLcrMoPbyQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.76.200.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:01 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 09 Apr 2021 21:05:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJz5WAV6M6qnTKOoWlKvy44&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E720
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBfyHfgC2gqRLsmrHa3-K98&google_cver=1
43 B
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBfyHfgC2gqRLsmrHa3-K98&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNX4w4BaAzBRYxe8B3vwcG--RCTzFwZRMdf9U_02n_VPw18d2EmfcCpWLYKaoZ9BMKnLY_GHS2h-vZUFZPfEvVNokqzGfQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:00 GMT
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.150:80
AN-X-Request-Uuid
0e827300-2dae-4d13-9939-e5180d7c793b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBfyHfgC2gqRLsmrHa3-K98&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E720
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDM5ODA0MjI2ODI1ODU3Ng%3D%3D
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDM5ODA0MjI2ODI1ODU3Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNX4w4BaAzBRYxe8B3vwcG--RCTzFwZRMdf9U_02n_VPw18d2EmfcCpWLYKaoZ9BMKnLY_GHS2h-vZUFZPfEvVNokqzGfQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:00 GMT
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.244:80
AN-X-Request-Uuid
3e6e91cc-8af6-4a09-a3e0-4036534796c1
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIyNDM5ODA0MjI2ODI1ODU3Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E720
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEER5mXcEydSreKkwokjrEzE&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEER5mXcEydSreKkwokjrEzE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNX4w4BaAzBRYxe8B3vwcG--RCTzFwZRMdf9U_02n_VPw18d2EmfcCpWLYKaoZ9BMKnLY_GHS2h-vZUFZPfEvVNokqzGfQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.50 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
via
1.1 google
server
OXGW/16.205.50
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEER5mXcEydSreKkwokjrEzE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E720
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDVlNjdkMTAtZWEzNS0yNWM2LWQ2NTMtNjU1ZjUxOTliNThj
170 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDVlNjdkMTAtZWEzNS0yNWM2LWQ2NTMtNjU1ZjUxOTliNThj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQzafaAhiJmuiZATAB&v=APEucNX4w4BaAzBRYxe8B3vwcG--RCTzFwZRMdf9U_02n_VPw18d2EmfcCpWLYKaoZ9BMKnLY_GHS2h-vZUFZPfEvVNokqzGfQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
server
OXGW/16.205.50
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDVlNjdkMTAtZWEzNS0yNWM2LWQ2NTMtNjU1ZjUxOTliNThj
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/ Frame 3D2B 		73 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=Nfj17OI8eb&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aff7f19aec2f8cc735fea9fe810f077c751224ce0b487d77d4ef725cfe4cf481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=Nfj17OI8eb&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
53387
date
Fri, 09 Apr 2021 21:05:00 GMT
expires
Sat, 10 Apr 2021 21:05:00 GMT
cache-control
public, max-age=86400
last-modified
Wed, 16 Sep 2020 14:29:02 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 37EA 		0
575 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugo0ZhefG8F0HI3z7afS2m0lyhZOYWEZZ9ds4EvG6TkNYvBSxykuIBrNAm-JeZaOGI3lrYsUr93XTWpafHPCktXOH9ADsz8HdJaLetyQ_g_hTTDGbLF1Kxzs2G5BZFwPQMk5Onv0e3iqZlEbD9VB4LcvHDtXIDRbKR_A7jC62j66VVbrJZLUPT3noVNNd_zqQDn4YHzUCeATQbrOuYNDX3nqoaj29pxKtgNdDvC878YaI1k3LK4lwe3EtbR7y32mILjXbj371klK6FkgLGe17v_2Ug-TRmcdpZZTlaxB8798NYGK4buBPw81n6vMNWoLB7QSAan573694YwaWMq9o2cdCMeHzDpESYIgfvN541pO-KVefcTI2uBvxcaZ4ef-iOhbhFRM5CC1iC44qm6HgOOJzY_6-w4YjdHJRjqeusZCpLOWrVQKrpjX76zwfR51jGl_Kw5Hmrx6wgrSQHhgxjwjQCnmMnZz1AAfy59-DWqF-0___up82td_RCFELhU_z_205_1IFWmcTcPpwunOIbQZGhSmoYDGXcJ5JAdkJ091OhLg-P5fkviXLW-rcX1Rol1C4eO_cHXnlqBPDV5L5wZ4LIxLmzPJfqA0my1gyAOtNkHBLUQw8XiMFagoxU6dR2PHS0YJpekv9rPcvpsfoPCce2yfoytBAEURVyr9ODIJfW87dPL0is1W3lnxfkMAJ3098q87bs7n0QyRH6--konWY3k3JqS3OVImJunjFiQlWZFjk-Z1nh-ypC_FLdrmy4YmvkYuiOEDe0J77sFmF_62JLI0a4eWTZGgoV5bgywIpYuxkWlB4dVnqbLudksuJOiVDq-z4dkmWVvZ5kgoWrtU1e8EL3d_6MYQBFwEUSpJyhB1chTjJiGcViokrhWXcssT8aavzyjkDDzU-drCQIYIacHVZv2x_lUbm0T4UTakvPKTll8S4teb36WwGveE81VWsYbl-O_WiNS5qeThyzUF7xw1jQfMxfne4C5kvlbrEfjCa7ctFBDuE25KWrtcygZuMoY2xnmW8gjEBdufuheKCiMgwray_PlRnJohHvXC7hZGu4wQ7ZUUBldpsf2q9OBsyZlWOy5tRPyZlvoBDdquBL2nS5hl6XhzDOzptrNMhxXoLH5oeIqIbLzCIV--sGcBzSdOO0NU3_AvO9ILNc3ju2XpOxZEGHS2pOg43zc0UdAKtGchADvu9a&sai=AMfl-YTBGdw5OKPoMNwI_gcbTLwgMh7Ur2CYmVd0wZFM6mbzWtQ1SFTBGwjgwZeCJk0NWDHbe7T-U_hAqddK5Oq9z9grYQskuhWDACr3px65xhoVh52YX1xx7PCTbgs0kceji20x4CJcfAXlMQknGcDB8uU1VtLcrHzHq9YWZnWAoFcxoE8y5B_VlC9ItFk13VYIteHB5GK49tuvnMwXsIV6_q-xaRl7XCO1-MivIJ9dlw&sig=Cg0ArKJSzMF6RbSeseiLEAE&urlfix=1&omid=0&rm=1&ctpt=101&cbvp=1&cstd=94&cisv=r20210406.53535&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 09 Apr 2021 21:05:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 37EA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33520
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:46:20 GMT
main.gr.19.8.188.js
static.adsafeprotected.com/ Frame 37EA 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930701&advId=5673933&campId=34339388&pubId=1&placementId=322571529&adsafe_par&bundleId=&dealId=&bidurl=https://www.123greetings.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
last-modified
Mon, 05 Apr 2021 16:41:54 GMT
server
nginx/1.16.1
etag
W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
truncated
/ Frame 37EA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14a6ca7a6745f6b5b674e5af997bb0b477f860115f208076cac9947a1f82facf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4C17 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33520
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:46:20 GMT
main.gr.19.8.188.js
static.adsafeprotected.com/ Frame 4C17 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930701&advId=5673933&campId=34339388&pubId=1&placementId=322571529&adsafe_par&bundleId=&dealId=&bidurl=https://www.123greetings.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
last-modified
Mon, 05 Apr 2021 16:41:54 GMT
server
nginx/1.16.1
etag
W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
truncated
/ Frame 4C17 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffe58dae78938ad4e82938fd50ee7de19bdbb144292a7a837cf219f5c51700c5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9625 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 11:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33520
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:46:20 GMT
main.gr.19.8.188.js
static.adsafeprotected.com/ Frame 9625 		182 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.188.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930701&advId=5673933&campId=34339388&pubId=1&placementId=322571529&adsafe_par&bundleId=&dealId=&bidurl=https://www.123greetings.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
last-modified
Mon, 05 Apr 2021 16:41:54 GMT
server
nginx/1.16.1
etag
W/"b96b96035edd988c7c03370e3ed76dca"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
truncated
/ Frame 9625 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41702ab238d3d687e2eca61ed3d5a4aa04262f0d815ed2bf155a47d88c82c548

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/ Frame 677D 		73 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=nBWzMdl9Wx&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aff7f19aec2f8cc735fea9fe810f077c751224ce0b487d77d4ef725cfe4cf481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=nBWzMdl9Wx&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
53387
date
Fri, 09 Apr 2021 21:05:00 GMT
expires
Sat, 10 Apr 2021 21:05:00 GMT
cache-control
public, max-age=86400
last-modified
Wed, 16 Sep 2020 14:29:02 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4C17 		0
562 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuH7CpuJrt2PFZEiOUWj5DLZMknwzRX7VIAvG18lmrvUDuA_jRltEC8uwFmAt6qCXSb3OTnwni4TepLmbo-utS6y_valnXv0AxSasBfPqtRJ0NQ1NM3j27YJhXGD7CMl5vnMEDnu_4s9cYmE74QrhEhX6mGeKQKqcMlVtEXbDKx65o-4VeHCm0qrn0mNDXyJVJ-t5knvhpPKuEEdHv360U0IDyys6_9s-QJ1ElesuDR8U7xMY3ZreAMFykblshrH5dwaeTkkJNBdEKuwE2USuglpSaSs5XXXzgFeE1T5F-lNNwYeZHCy7pclQCl9Zy-TQ5k7whJj725mz8XssfCkfPuyGWd2ZNn74rv7jQT32jocHJDloqWHrbg-0Xd1JjA0BkeLZfUwu7qh54rMmSJByT2cnQ2LXEkMczsGai284yGaS-NFxz5NsrTB2V56HkYu4H3-jtKdYbG8xn8mQC8_Iu5A4X2rJB6zy6K0zzH_oyK8wMQsmWpzXJ2A36xMcs5SGVcf6NHLUAznJDcAr-AIBrGtVFSASYuCbencW6zltZ_SdvcDV-D9LgbdXVLUmOpD6s4KPhK_q05FbqFmgRGM54JSkMgwfdsxXX5TI0tcoCRlGOz5vwT9KQURPD1c8BAITSUbw1eFjZElHGXELwa5bsLZ4xwvnTGsnQp9y4BqrBf9WKCPrP0l8up8DgZ6rn6cmbfqJGoRw6TpFjPGpqIcazxv_pAARTtPWX6mU2UAdJ5lrBFeNa8jizdTunFMdRtzcA4EI8OeoZ1OM_fWIL68upjR8vsrE4MqqXb0UBabNqr0zq4C_NSk3Rx3PLXJ8eSeOmKk59bm1UywKER_6cP8GZI_k5MBCJCXczyhRDjqWWZ46nm_7VlRSLbdHMv2Pepbjl7FqpgOApv8-3JA_9YiOGD73Dx5oV85_05ZHD9pHyo3PawRN0PT815dmDK1CWNrnea_MXFdbHlJnXadB3KvojCDVN3J0vgbZaHdWERON2ccRzw4jrVqM4kJZmKaD4UogLHGivG8ALcN6PyOe1fpmYK9Q5bKHs1zvBS6NcCh8n5TVPn5EyrfGZJHlGFd1S9qqaW7tFbyDT6yXZqiGsYD2Q5p5FTwwS1u4Ne_0bE2jFnpEy9ygzhAOwPMQTmpE8fTES-LmH1dT1x88_fApyuFoaWctkUYNwLsSvCnotGTZr52NZKM3duxA&sai=AMfl-YQy7Fqq8iLSJAV-9AWgiq0Yd0dLFMvEXqNeGfwWBviaHIfT5PlHOV9cuR1Px11ewmkeQkxzF1oj5dyxTr-uf0DhsuQLroHlRBdWO-9MyEG7B36KQ2d8HF5bJbFoSo1C5C_UL26FA6sZWr70QJQqkWAHrXw40hHsmSvXJFKQNunVlDpqLbnt8cIsBfQq51h2xLVctUoTRrMPxmGr6TXg93kKddcsVMAfUPkzHis5cw&sig=Cg0ArKJSzJkfZZ30VpStEAE&urlfix=1&omid=0&rm=1&ctpt=238&cbvp=1&cstd=234&cisv=r20210406.56248&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 09 Apr 2021 21:05:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/ Frame CE65 		73 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=0Av6gUKgpO&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aff7f19aec2f8cc735fea9fe810f077c751224ce0b487d77d4ef725cfe4cf481
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=0Av6gUKgpO&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
53387
date
Fri, 09 Apr 2021 21:05:00 GMT
expires
Sat, 10 Apr 2021 21:05:00 GMT
cache-control
public, max-age=86400
last-modified
Wed, 16 Sep 2020 14:29:02 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 9625 		0
28 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveVnJcDmj0Db3jWyWBYL_DqD0bUguLVmhIIVAlCqXyMfpk5nUZhFEBkhFWhZHU8Az4Y9QWuOS_H67VyytR85AvMCkT1_auCnNLaoE-4P7FuHNux24rbdXrWsd7TW77uK3Y_MwCukeXRJQX-IT8iuBZJYAM8PTezF6vfVq-a5bYFBzhJ4XYSHPh7MRDEL6cQ5ESyQJYlxr64wWhDura3nHXNcXwqQ7OvO7SCadn_IdC4XLD19r8YtJGxGA2q5GtNxQKFPwWAF1QyyYdchXTZN5-7QWNWlcxEx0o7-RyQeMrl95tSjP3-I-ObeG_gJUImDTd1ltEqLBsiVuOK_VlU4oBmygtzAt3IUtC131H8XoZbcvJmm_6JtqGVaiDucd2gmklsXchsYSKjFFLTldvdZ-aNlNUCmpHSO7goM2kdF6li1A9M09RW2z14V9a1rvlIysMRlYMDov-JTXNhYtIXaJKxgtcIhjwynt_OI4fumMcRf-s4amVwEE-BOEqvzWEuAH1LWL0PuK2cccMlN0t1WaAJQTJT4x9MZCcBLj_PNNEmvWooC5dsx2m_EhHU-7cIH7G09aKkcEYZj0dW6vnwETJkdzSzuPHgQ3DjAfbRA4ry7mm4ufgfXy1BDMC-QZLiWPE4du00Zb97ohPJUvLGw3gkOvBMj1RNdzJ6qmbSDkuuNFDHpZ8vHgiFs6SWojX0qJOrZslL9lpV01E40bfYFM9731ExzJucU8KsgFET0AJzdtmgdAK8zOn6hZwS-s-VJ0HaXHLPA2MQByYtoLPl-yRvf9EmBW-fn6v7FDltQp1pSXvbrz4uzzhbBsGdhdJU82L5QksBqZhmQ5UtrLZA13F-H7Q4nOqjZFBCVXjw0pFQ0suFIz3PCVvKgpFBSx5zRuLAd9jbEaNhDQr4mNadJHvdryBlRO15fQ0EnDIu3MEDE3YmbpVT-wn1gX0kAx5Drh5JwwlMVzdco1ms9opfsVoXw_IStzk7W9e8tuVcc_Dc5yURWgE3ikY_v7Fsbq828nIM85Csm1MSgdBV8uQAwuUgF6ICIYntgeqUwbRlzguBkFYzSHbuYQdu2y5wfofsZ7uVn5tP_DLl-DEW8R1aGgSU779ZewJCJEVQe_NFp6imcq2MRX5LRodPx4ql0GKROXmC7MoXDziDzcx0addCXJY-pQITyFuTPXj5WKJ5ozwqxdJEFEiQg&sai=AMfl-YQCcA1G6Z2ZS9M_G_sDHAvgCteyol-ht5hO3u559UO8_P0T0rbnUkV-S_nxqWpkIWVpKFD4UJNB1TPCnWALL2tIAeKg5gzirfkCHsyOZoGhqXCKBdsHjweyePhrNg2VsePSZtRnFpgVsfQUSt_m60LEd3jLGHjvHFUy6P-1oAulzgKL8UVZ2R_j0jSqXxCJp4oYYnPT7Dv4fjzv8C-Om_I0qpyFRFWGwGDZLL4Skg&sig=Cg0ArKJSzDvXS9GWuvCUEAE&urlfix=1&omid=0&rm=1&ctpt=240&cbvp=1&cstd=236&cisv=r20210406.56137&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 09 Apr 2021 21:05:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E698 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 09 Apr 2021 11:47:57 GMT
expires
Sat, 09 Apr 2022 11:47:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
33423
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A64E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 09 Apr 2021 11:47:57 GMT
expires
Sat, 09 Apr 2022 11:47:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
33423
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame 7DA1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 06:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
52096
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sat, 09 Apr 2022 06:36:44 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 41C4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 09 Apr 2021 11:47:57 GMT
expires
Sat, 09 Apr 2022 11:47:57 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
33423
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler_01_244.js
s0.2mdn.net/879366/ Frame 3D2B 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_244.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=Nfj17OI8eb&t=1&renderingType=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=Nfj17OI8eb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 03:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62244
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38072
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 18:35:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 03:47:36 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3D2B 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=Nfj17OI8eb&t=1&renderingType=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=Nfj17OI8eb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Apr 2021 21:05:00 GMT
vF300x250_SWISS.js
s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/ Frame 3D2B 		50 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/vF300x250_SWISS.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=Nfj17OI8eb&t=1&renderingType=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5082e7556f08bec08045a276ca40a6d2ee17fa4ce6e87aa4689dd1d373159c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=Nfj17OI8eb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 15:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20642
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35445
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 14:29:02 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 15:20:58 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 09 Apr 2021 21:05:01 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
geoip
avm.avantisvideo.com/api/v1/ Frame E80F 		119 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1a7cd92d68c45ddda11b374e08941fc9b4ef428704408dc9de1a10fb7aa40668
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
119
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Fri, 09 Apr 2021 21:05:01 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
geoip
avm.avantisvideo.com/api/v1/ Frame FD65 		119 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1a7cd92d68c45ddda11b374e08941fc9b4ef428704408dc9de1a10fb7aa40668
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
119
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Fri, 09 Apr 2021 21:05:01 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 09 Apr 2021 21:05:01 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
Enabler_01_244.js
s0.2mdn.net/879366/ Frame 677D 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_244.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=nBWzMdl9Wx&t=1&renderingType=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=nBWzMdl9Wx&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 03:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62244
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38072
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 18:35:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 03:47:36 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 677D 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=nBWzMdl9Wx&t=1&renderingType=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=nBWzMdl9Wx&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Apr 2021 21:05:00 GMT
vF300x250_SWISS.js
s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/ Frame 677D 		50 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/vF300x250_SWISS.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=nBWzMdl9Wx&t=1&renderingType=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5082e7556f08bec08045a276ca40a6d2ee17fa4ce6e87aa4689dd1d373159c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=nBWzMdl9Wx&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 15:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20642
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35445
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 14:29:02 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 15:20:58 GMT
sca.17.5.1.js
static.adsafeprotected.com/ Frame E7AC 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:01 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
1651649
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ Frame 37EA 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930701&advId=5673933&campId=34339388&pubId=1&placementId=322571529&adsafe_par&bundleId=&dealId=&bidurl=https://www.123greetings.com/&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:545b59e5-b1c2-ec69-7c9c-38aab2eb5300,c:9kp5mA,sl:na,em:true,fr:false,mn:app18ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:su7yLjM+11%7C12%7C131%7C132%7C133%7C141%7C142%7C143%7C15*.930701%7C151%7C152%7C153%7C161%7C171%7C18%7C191,idMap:15*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:319,oid:3f3667f9-9977-11eb-8f22-0ab32f77e5b0,v:19.8.188,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.107.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-107-229.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:01 GMT
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enabler_01_244.js
s0.2mdn.net/879366/ Frame CE65 		109 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_244.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=0Av6gUKgpO&t=1&renderingType=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=0Av6gUKgpO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 03:47:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62245
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38072
x-xss-protection
0
last-modified
Tue, 07 Jul 2020 18:35:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 03:47:36 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame CE65 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=0Av6gUKgpO&t=1&renderingType=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=0Av6gUKgpO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Apr 2021 21:05:01 GMT
vF300x250_SWISS.js
s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/ Frame CE65 		50 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/vF300x250_SWISS.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=0Av6gUKgpO&t=1&renderingType=2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5082e7556f08bec08045a276ca40a6d2ee17fa4ce6e87aa4689dd1d373159c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=0Av6gUKgpO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 15:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20643
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35445
x-xss-protection
0
last-modified
Wed, 16 Sep 2020 14:29:02 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Apr 2021 15:20:58 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 37EA 		0
60 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugo0ZhefG8F0HI3z7afS2m0lyhZOYWEZZ9ds4EvG6TkNYvBSxykuIBrNAm-JeZaOGI3lrYsUr93XTWpafHPCktXOH9ADsz8HdJaLetyQ_g_hTTDGbLF1Kxzs2G5BZFwPQMk5Onv0e3iqZlEbD9VB4LcvHDtXIDRbKR_A7jC62j66VVbrJZLUPT3noVNNd_zqQDn4YHzUCeATQbrOuYNDX3nqoaj29pxKtgNdDvC878YaI1k3LK4lwe3EtbR7y32mILjXbj371klK6FkgLGe17v_2Ug-TRmcdpZZTlaxB8798NYGK4buBPw81n6vMNWoLB7QSAan573694YwaWMq9o2cdCMeHzDpESYIgfvN541pO-KVefcTI2uBvxcaZ4ef-iOhbhFRM5CC1iC44qm6HgOOJzY_6-w4YjdHJRjqeusZCpLOWrVQKrpjX76zwfR51jGl_Kw5Hmrx6wgrSQHhgxjwjQCnmMnZz1AAfy59-DWqF-0___up82td_RCFELhU_z_205_1IFWmcTcPpwunOIbQZGhSmoYDGXcJ5JAdkJ091OhLg-P5fkviXLW-rcX1Rol1C4eO_cHXnlqBPDV5L5wZ4LIxLmzPJfqA0my1gyAOtNkHBLUQw8XiMFagoxU6dR2PHS0YJpekv9rPcvpsfoPCce2yfoytBAEURVyr9ODIJfW87dPL0is1W3lnxfkMAJ3098q87bs7n0QyRH6--konWY3k3JqS3OVImJunjFiQlWZFjk-Z1nh-ypC_FLdrmy4YmvkYuiOEDe0J77sFmF_62JLI0a4eWTZGgoV5bgywIpYuxkWlB4dVnqbLudksuJOiVDq-z4dkmWVvZ5kgoWrtU1e8EL3d_6MYQBFwEUSpJyhB1chTjJiGcViokrhWXcssT8aavzyjkDDzU-drCQIYIacHVZv2x_lUbm0T4UTakvPKTll8S4teb36WwGveE81VWsYbl-O_WiNS5qeThyzUF7xw1jQfMxfne4C5kvlbrEfjCa7ctFBDuE25KWrtcygZuMoY2xnmW8gjEBdufuheKCiMgwray_PlRnJohHvXC7hZGu4wQ7ZUUBldpsf2q9OBsyZlWOy5tRPyZlvoBDdquBL2nS5hl6XhzDOzptrNMhxXoLH5oeIqIbLzCIV--sGcBzSdOO0NU3_AvO9ILNc3ju2XpOxZEGHS2pOg43zc0UdAKtGchADvu9a&sai=AMfl-YTBGdw5OKPoMNwI_gcbTLwgMh7Ur2CYmVd0wZFM6mbzWtQ1SFTBGwjgwZeCJk0NWDHbe7T-U_hAqddK5Oq9z9grYQskuhWDACr3px65xhoVh52YX1xx7PCTbgs0kceji20x4CJcfAXlMQknGcDB8uU1VtLcrHzHq9YWZnWAoFcxoE8y5B_VlC9ItFk13VYIteHB5GK49tuvnMwXsIV6_q-xaRl7XCO1-MivIJ9dlw&sig=Cg0ArKJSzMF6RbSeseiLEAE&urlfix=1&omid=0&rm=1&ctpt=659&vt=11&dtpt=558&dett=3&cstd=94&cisv=r20210406.53535&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sca.17.5.1.js
static.adsafeprotected.com/ Frame D13F 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:01 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
1652575
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ Frame 4C17 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930701&advId=5673933&campId=34339388&pubId=1&placementId=322571529&adsafe_par&bundleId=&dealId=&bidurl=https://www.123greetings.com/&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:c6377ada-7f61-df94-cb5a-ac28b7bd96c6,c:9kp5qN,sl:na,em:true,fr:false,mn:app29ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:su7yLkl+11%7C12%7C131%7C132%7C133%7C14*.930701%7C141%7C142%7C143%7C151%7C152%7C153%7C154%7C161%7C171%7C18%7C191,idMap:14*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:544,oid:3f3667d6-9977-11eb-aba4-0ae27972a930,v:19.8.188,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.107.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-107-229.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:01 GMT
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 37EA 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=545b59e5-b1c2-ec69-7c9c-38aab2eb5300&tv=%7Bc:9kp5r0,pingTime:-2,time:592,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:484,beZ:486,mfA:773,cmA:774,inA:774,inZ:787,prA:787,prZ:795,si:803,poA:804,poZ:814,cmZ:814,mfZ:814,loA:918,loZ:920,ltA:1076,ltZ:1076,idA:814,idZ:868%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:318%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:592,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:317,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B292~1%5D,as:%5B292~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:su7yLjM+11%7C12%7C131%7C132%7C133%7C141%7C142%7C143%7C15*.930701%7C151%7C152%7C153%7C161%7C171%7C18%7C191,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:272,readyFired:true%7D&br=u
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.12.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-12-133.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:01 GMT
x-server-name
dt60.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame E698 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 06:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
52097
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sat, 09 Apr 2022 06:36:44 GMT
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame A64E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 06:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
52097
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sat, 09 Apr 2022 06:36:44 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4C17 		0
50 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuH7CpuJrt2PFZEiOUWj5DLZMknwzRX7VIAvG18lmrvUDuA_jRltEC8uwFmAt6qCXSb3OTnwni4TepLmbo-utS6y_valnXv0AxSasBfPqtRJ0NQ1NM3j27YJhXGD7CMl5vnMEDnu_4s9cYmE74QrhEhX6mGeKQKqcMlVtEXbDKx65o-4VeHCm0qrn0mNDXyJVJ-t5knvhpPKuEEdHv360U0IDyys6_9s-QJ1ElesuDR8U7xMY3ZreAMFykblshrH5dwaeTkkJNBdEKuwE2USuglpSaSs5XXXzgFeE1T5F-lNNwYeZHCy7pclQCl9Zy-TQ5k7whJj725mz8XssfCkfPuyGWd2ZNn74rv7jQT32jocHJDloqWHrbg-0Xd1JjA0BkeLZfUwu7qh54rMmSJByT2cnQ2LXEkMczsGai284yGaS-NFxz5NsrTB2V56HkYu4H3-jtKdYbG8xn8mQC8_Iu5A4X2rJB6zy6K0zzH_oyK8wMQsmWpzXJ2A36xMcs5SGVcf6NHLUAznJDcAr-AIBrGtVFSASYuCbencW6zltZ_SdvcDV-D9LgbdXVLUmOpD6s4KPhK_q05FbqFmgRGM54JSkMgwfdsxXX5TI0tcoCRlGOz5vwT9KQURPD1c8BAITSUbw1eFjZElHGXELwa5bsLZ4xwvnTGsnQp9y4BqrBf9WKCPrP0l8up8DgZ6rn6cmbfqJGoRw6TpFjPGpqIcazxv_pAARTtPWX6mU2UAdJ5lrBFeNa8jizdTunFMdRtzcA4EI8OeoZ1OM_fWIL68upjR8vsrE4MqqXb0UBabNqr0zq4C_NSk3Rx3PLXJ8eSeOmKk59bm1UywKER_6cP8GZI_k5MBCJCXczyhRDjqWWZ46nm_7VlRSLbdHMv2Pepbjl7FqpgOApv8-3JA_9YiOGD73Dx5oV85_05ZHD9pHyo3PawRN0PT815dmDK1CWNrnea_MXFdbHlJnXadB3KvojCDVN3J0vgbZaHdWERON2ccRzw4jrVqM4kJZmKaD4UogLHGivG8ALcN6PyOe1fpmYK9Q5bKHs1zvBS6NcCh8n5TVPn5EyrfGZJHlGFd1S9qqaW7tFbyDT6yXZqiGsYD2Q5p5FTwwS1u4Ne_0bE2jFnpEy9ygzhAOwPMQTmpE8fTES-LmH1dT1x88_fApyuFoaWctkUYNwLsSvCnotGTZr52NZKM3duxA&sai=AMfl-YQy7Fqq8iLSJAV-9AWgiq0Yd0dLFMvEXqNeGfwWBviaHIfT5PlHOV9cuR1Px11ewmkeQkxzF1oj5dyxTr-uf0DhsuQLroHlRBdWO-9MyEG7B36KQ2d8HF5bJbFoSo1C5C_UL26FA6sZWr70QJQqkWAHrXw40hHsmSvXJFKQNunVlDpqLbnt8cIsBfQq51h2xLVctUoTRrMPxmGr6TXg93kKddcsVMAfUPkzHis5cw&sig=Cg0ArKJSzJkfZZ30VpStEAE&urlfix=1&omid=0&rm=1&ctpt=727&vt=11&dtpt=489&dett=3&cstd=234&cisv=r20210406.56248&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sca.17.5.1.js
static.adsafeprotected.com/ Frame 3762 		82 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.1.js
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:01 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 17:39:07 GMT
server
nginx/1.16.1
age
1650696
etag
W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/ Frame 9625 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930701&advId=5673933&campId=34339388&pubId=1&placementId=322571529&adsafe_par&bundleId=&dealId=&bidurl=https://www.123greetings.com/&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:31f53b75-e57a-3779-fc5e-bbe56b6cc084,c:9kp5rP,sl:na,em:true,fr:false,mn:app21ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:su7yLlk+11%7C12%7C13*.930701%7C131%7C132%7C133%7C141%7C142%7C143%7C144%7C151%7C152%7C153%7C154%7C161%7C171%7C18%7C191,idMap:13*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:547,oid:3f368ee7-9977-11eb-8101-0aeb40f66fa8,v:19.8.188,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.107.229 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-107-229.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:01 GMT
x-server-name
app33.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
connect_config.js
c.123g.us/js2/ 		201 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Mar 2021 06:10:24 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1695277
ETag
"2c454-c9-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
jake_test
Test_Pass
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame 41C4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 06:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
52097
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sat, 09 Apr 2022 06:36:44 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3D2B 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b38fe08394d5e15a3787a62394798973e5731417347035ed5b0086d0cc37bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4175
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9625 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsveVnJcDmj0Db3jWyWBYL_DqD0bUguLVmhIIVAlCqXyMfpk5nUZhFEBkhFWhZHU8Az4Y9QWuOS_H67VyytR85AvMCkT1_auCnNLaoE-4P7FuHNux24rbdXrWsd7TW77uK3Y_MwCukeXRJQX-IT8iuBZJYAM8PTezF6vfVq-a5bYFBzhJ4XYSHPh7MRDEL6cQ5ESyQJYlxr64wWhDura3nHXNcXwqQ7OvO7SCadn_IdC4XLD19r8YtJGxGA2q5GtNxQKFPwWAF1QyyYdchXTZN5-7QWNWlcxEx0o7-RyQeMrl95tSjP3-I-ObeG_gJUImDTd1ltEqLBsiVuOK_VlU4oBmygtzAt3IUtC131H8XoZbcvJmm_6JtqGVaiDucd2gmklsXchsYSKjFFLTldvdZ-aNlNUCmpHSO7goM2kdF6li1A9M09RW2z14V9a1rvlIysMRlYMDov-JTXNhYtIXaJKxgtcIhjwynt_OI4fumMcRf-s4amVwEE-BOEqvzWEuAH1LWL0PuK2cccMlN0t1WaAJQTJT4x9MZCcBLj_PNNEmvWooC5dsx2m_EhHU-7cIH7G09aKkcEYZj0dW6vnwETJkdzSzuPHgQ3DjAfbRA4ry7mm4ufgfXy1BDMC-QZLiWPE4du00Zb97ohPJUvLGw3gkOvBMj1RNdzJ6qmbSDkuuNFDHpZ8vHgiFs6SWojX0qJOrZslL9lpV01E40bfYFM9731ExzJucU8KsgFET0AJzdtmgdAK8zOn6hZwS-s-VJ0HaXHLPA2MQByYtoLPl-yRvf9EmBW-fn6v7FDltQp1pSXvbrz4uzzhbBsGdhdJU82L5QksBqZhmQ5UtrLZA13F-H7Q4nOqjZFBCVXjw0pFQ0suFIz3PCVvKgpFBSx5zRuLAd9jbEaNhDQr4mNadJHvdryBlRO15fQ0EnDIu3MEDE3YmbpVT-wn1gX0kAx5Drh5JwwlMVzdco1ms9opfsVoXw_IStzk7W9e8tuVcc_Dc5yURWgE3ikY_v7Fsbq828nIM85Csm1MSgdBV8uQAwuUgF6ICIYntgeqUwbRlzguBkFYzSHbuYQdu2y5wfofsZ7uVn5tP_DLl-DEW8R1aGgSU779ZewJCJEVQe_NFp6imcq2MRX5LRodPx4ql0GKROXmC7MoXDziDzcx0addCXJY-pQITyFuTPXj5WKJ5ozwqxdJEFEiQg&sai=AMfl-YQCcA1G6Z2ZS9M_G_sDHAvgCteyol-ht5hO3u559UO8_P0T0rbnUkV-S_nxqWpkIWVpKFD4UJNB1TPCnWALL2tIAeKg5gzirfkCHsyOZoGhqXCKBdsHjweyePhrNg2VsePSZtRnFpgVsfQUSt_m60LEd3jLGHjvHFUy6P-1oAulzgKL8UVZ2R_j0jSqXxCJp4oYYnPT7Dv4fjzv8C-Om_I0qpyFRFWGwGDZLL4Skg&sig=Cg0ArKJSzDvXS9GWuvCUEAE&urlfix=1&omid=0&rm=1&ctpt=849&vt=11&dtpt=609&dett=3&cstd=236&cisv=r20210406.56137&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame 4C17 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=c6377ada-7f61-df94-cb5a-ac28b7bd96c6&tv=%7Bc:9kp5uc,pingTime:-2,time:755,type:a,im:%7BpBlk:549,sf:0,pom:1,prf:%7BbeA:524,beZ:525,mfA:1057,cmA:1057,inA:1057,inZ:1059,prA:1059,prZ:1064,si:1067,poA:1068,bl:1072,poZ:1072,cmZ:1072,mfZ:1072,loA:1220,loZ:1221,ltA:1278,ltZ:1278,idA:1072,idZ:1128%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:544%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:755,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:543,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B221~1%5D,as:%5B221~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:su7yLjM+11%7C12%7C13.930701%7C131%7C132%7C133%7C14*.930701%7C141%7C142%7C143%7C15.930701%7C151%7C152%7C153%7C154%7C161%7C171%7C18%7C191,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:210,readyFired:true%7D&br=u
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.12.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-12-133.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:01 GMT
x-server-name
dt57.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
300x250_generic.jpg_1616583759282_300x250_generic.jpg
s0.2mdn.net/dynamic/2/10638481/dynamicad.ch/swiss_complete/composite/ch/zrh/pro/images/ Frame 3D2B 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10638481/dynamicad.ch/swiss_complete/composite/ch/zrh/pro/images/300x250_generic.jpg_1616583759282_300x250_generic.jpg
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10c942c62d32b338b43232032717fd7dde2cb4c8068f7f9ed52ad6145fe38252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=Nfj17OI8eb&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 03:46:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 11:02:48 GMT
server
sffe
age
148722
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11575
x-xss-protection
0
expires
Fri, 08 Apr 2022 03:46:19 GMT
dt
dt.adsafeprotected.com/ Frame 9625 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=31f53b75-e57a-3779-fc5e-bbe56b6cc084&tv=%7Bc:9kp5uo,pingTime:-2,time:706,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:589,beZ:590,mfA:1125,cmA:1125,inA:1125,inZ:1126,prA:1126,prZ:1131,si:1136,poA:1136,poZ:1140,cmZ:1140,mfZ:1140,loA:1238,loZ:1239,ltA:1294,ltZ:1294,idA:1140,idZ:1193%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:547%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:706,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:547,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B169~1%5D,as:%5B169~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:su7yLjM+11%7C12%7C13*.930701%7C131%7C132%7C133%7C14.930701%7C141%7C142%7C143%7C144%7C15.930701%7C151%7C152%7C153%7C154%7C161%7C171%7C18%7C191,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:158,readyFired:true%7D&br=u
Requested by
Host: d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
URL: https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.12.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-12-133.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:01 GMT
x-server-name
dt58.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3D2B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 677D 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cba664ede4f6b7e99cbce004e6fa8995fc69477d940a8b830d42c28c172669db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4164
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame CE65 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
053990afd84588bd40110cabf78ad5db3202798ac9a66fe4dc27117443d773a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4161
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 677D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CE65 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:01 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FE41 		42 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlb4vyEz61scf5DADp6L_BmmwZduMuyg-gKavLXCvv8et_x9gyTZeduqWH-7-HOCnd-axjkqHL4wfBxmo9bfrwbkJzY9C1JFCS_lo203rYoFjEtfw5U-07hfqQpA&sai=AMfl-YQ-g5kYuvXNzd3SarkQ4pFZbk_FrAqJVnPP49M5NfCSucwJJm8R1EWfStCGKMP5obzIU_KN9dQs66uN8fR8ybIgeMI5KjKAHT7dv0SVSuU2G2tUUY7zyqdz7xN8jnKK&sig=Cg0ArKJSzCg4AZp_q-uoEAE&cid=CAASPeRoU2QIZz5V6aSzeikqCOTybJ9KrLH0qXqr0pa7sCLJIF7xKwo8yGbacsvpemb8jEfFBpVvc8nmLl6JtfQ&id=ampim&o=560,47&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1045&mtos=0,0,1045,1045,1045&tos=0,0,1045,0,0&tfs=289&tls=1334&g=99.54861402511597&h=99.54861402511597&tt=1335&r=v&avms=ampa&adk=2032713241
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3D2B 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53c9ef3f3a5198a1fdf077272b946d1dfab0f836f49c5cd27c01fcd190c5ecf6

Request headers

Origin
https://s0.2mdn.net
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/octet-stream
300x250_generic.jpg_1616583759282_300x250_generic.jpg
s0.2mdn.net/dynamic/2/10638481/dynamicad.ch/swiss_complete/composite/ch/zrh/pro/images/ Frame 677D 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10638481/dynamicad.ch/swiss_complete/composite/ch/zrh/pro/images/300x250_generic.jpg_1616583759282_300x250_generic.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10c942c62d32b338b43232032717fd7dde2cb4c8068f7f9ed52ad6145fe38252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=nBWzMdl9Wx&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 03:46:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 11:02:48 GMT
server
sffe
age
148722
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11575
x-xss-protection
0
expires
Fri, 08 Apr 2022 03:46:19 GMT
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame 36C7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 06:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
52097
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sat, 09 Apr 2022 06:36:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D282 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDxasKGf6ickhrQj7-yX_VzSHY7cZsSa9-4BVXepeCjSTVALQR8vRDOSNSN20S5CBBvofbk4rlUMkgz-1vKZfXjCPYkTv08LhhEho71W30ILxV5dcKIfsdcdvWvA&sai=AMfl-YRYj2w5wim7VnAHoHPwwSy79N_TvnBC6kExr393OA2lfESlLelBrlQo7CPFZPzMrgbMWanSwMNFdcRb50eztvtWkWuC0xz_HVssX6yECe-4OuaraZkvXayk0PES8I5a&sig=Cg0ArKJSzOnct3ktHaQBEAE&cid=CAASPeRonfGSW8tRLH0ZTVCVAHNLVrj59G534TIHfxWSdxrw38IpxpXMdUx726UmV6Z9c-OYXDzZfS0Ifjf7ZDE&id=ampim&o=970,208&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1061&mtos=0,0,1061,1061,1061&tos=0,0,1061,0,0&tfs=316&tls=1377&g=99.83749985694885&h=99.83749985694885&tt=1377&r=v&avms=ampa&adk=2007386566
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
300x250_generic.jpg_1616583759282_300x250_generic.jpg
s0.2mdn.net/dynamic/2/10638481/dynamicad.ch/swiss_complete/composite/ch/zrh/pro/images/ Frame CE65 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10638481/dynamicad.ch/swiss_complete/composite/ch/zrh/pro/images/300x250_generic.jpg_1616583759282_300x250_generic.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10c942c62d32b338b43232032717fd7dde2cb4c8068f7f9ed52ad6145fe38252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61380784/20200916072902751/index.html?e=69&leftOffset=0&topOffset=0&c=0Av6gUKgpO&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 03:46:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 11:02:48 GMT
server
sffe
age
148722
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11575
x-xss-protection
0
expires
Fri, 08 Apr 2022 03:46:19 GMT
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame 8688 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 06:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
52097
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sat, 09 Apr 2022 06:36:44 GMT
dt
dt.adsafeprotected.com/ Frame 37EA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=545b59e5-b1c2-ec69-7c9c-38aab2eb5300&tv=%7Bc:9kp5z3,pingTime:-10,time:1091,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1618002301800%7C%7C93a7446b25684bfdee6a85177b15077b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Ceb9aa6f9581e51802a30cf1bcba25554%7C%7C16fb807bece40ae79866d15bbe79bb00%7C%7C859429360e0b40f1d9dbb813f934379e%7C%7Cac276451c1f774920af7819d32b8c592%7C%7C06d8b5e703a23af5179efc683ee59f48%7C%7C1614879537,ch:n%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.12.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-12-133.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:01 GMT
x-server-name
dt49.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
pagead2.googlesyndication.com/bg/ Frame E87C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rg7ZOtwj_KsF30rM_Y0_DmvJrp5jy6rfjTYWIxfvKAc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 06:36:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
52097
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5683
x-xss-protection
0
expires
Sat, 09 Apr 2022 06:36:44 GMT
dt
dt.adsafeprotected.com/ Frame 4C17 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=c6377ada-7f61-df94-cb5a-ac28b7bd96c6&tv=%7Bc:9kp5AK,pingTime:-10,time:1161,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1618002301800%7C%7C93a7446b25684bfdee6a85177b15077b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Ceb9aa6f9581e51802a30cf1bcba25554%7C%7C16fb807bece40ae79866d15bbe79bb00%7C%7C859429360e0b40f1d9dbb813f934379e%7C%7Cac276451c1f774920af7819d32b8c592%7C%7C06d8b5e703a23af5179efc683ee59f48%7C%7C1614879537,ch:n,im:%7BpWait:74,pLoad:998%7D,sca:%7Bspg:545b59e5-b1c2-ec69-7c9c-38aab2eb5300%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.12.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-12-133.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:01 GMT
x-server-name
dt61.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
video-loader2-cr.js
cdn.avantisvideo.com/js/ Frame 578E 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6b9e530a7d709568315f0d945f2391db61d74b01b23c5faf0432a0d00051be70

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
U7ys3L8PzthcmJ0ZdIJvdAIW_hWMFYT8
Content-Encoding
gzip
Last-Modified
Sun, 04 Apr 2021 08:36:09 GMT
Server
AmazonS3
x-amz-request-id
D8ND05M4WAA9RCMG
ETag
"2813edd448af5807cba4da4956c5c23e"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Fri, 09 Apr 2021 21:05:02 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
37261
x-amz-id-2
y13TsXtjsYfFzuR1Tr0MFf07l5Bhn4VqBr5pIbSavLkmyFoz/fas8KP4t2hiTS/Q18nLfbYm2pY=
video-loader2-cr.js
cdn.avantisvideo.com/js/ Frame A88B 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6b9e530a7d709568315f0d945f2391db61d74b01b23c5faf0432a0d00051be70

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
U7ys3L8PzthcmJ0ZdIJvdAIW_hWMFYT8
Content-Encoding
gzip
Last-Modified
Sun, 04 Apr 2021 08:36:09 GMT
Server
AmazonS3
x-amz-request-id
D8ND05M4WAA9RCMG
ETag
"2813edd448af5807cba4da4956c5c23e"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Fri, 09 Apr 2021 21:05:02 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
37261
x-amz-id-2
y13TsXtjsYfFzuR1Tr0MFf07l5Bhn4VqBr5pIbSavLkmyFoz/fas8KP4t2hiTS/Q18nLfbYm2pY=
gen_204
pagead2.googlesyndication.com/pagead/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040802&jk=302553558252211&bg=!1dal1pLNAAY56aLOOek7ACkAdvg8WgXk2d93VPDKawcncIsSIO90amBRbBfVFf1Pp4A_nB6Z59mw7QIAAAL6UgAAAIFoAQcKAGyN_BYPDhn6gtq1PFGia5PCiP11Irub6mVQvZWg0Q8-bDxVOdxS5CgWjISX8n_esYs3DnyDQxFIAKiWNMDWAYZOra41JWFR2qRA_LNYPxWdKGIGc7Rntr-2UhkyfTXTkW0NZNLL8JV4JX4mJsKZAdh9zjeQ4F3s-p_Zbfi9roU2mxKbaVwNt_bBCVojqkR2uh5ZzKVxib6qG4Rq8_8x_WD4upwmmWJDTz29DG-1zbQSqoYA5iMAZe81K_3kSrbciI7xzAROQrtLHZkYJKtNzcnyoO4OrTJo7MgvyNhyT1GFVq_PzE9FqRNq0rBuiKzqH9AhhaR_xucGKAjF8_DTXXu0hYSBMOGnNMLH2hbKkAu55oPvYnnI1X6RVDfmzBaOmX2X8pWaA-W0G-iaWF9h5eAzUHwPERtJItdL6dBcFnQsqRZTKjYWktoSi4zQnaq8leP3JqVkxxzuzwrfdDSsV0NvBqKOa4TgoluEnxl6GIcrCsvXLx_ArpboL035gF9c0ZaTOO9fUzpODkS2o2np9b9jxxIy--RQR9oo-6z5W34ngS0K4MGyiQyL80d9uMJsB236bfP8RyoW9u8rFeK-PeBXQqBTiqQdfc1PzL2S5tYq31QvLIz9WdsVo3vwiukQ6rhUemOnT9vq8mDYrd_k0Zw1vQf6XLDk81ASndCjQNV5h_RMITUWmh1Yu8O5qP68UlrhPtvkvDRxDUysTCMEy8ZDmL57MZ42823KX1YLnNPepeXGFTJbyOIV-EYQ01iwyJLdZO88JgQo
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video-loader2-cr.js
cdn.avantisvideo.com/js/ 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6b9e530a7d709568315f0d945f2391db61d74b01b23c5faf0432a0d00051be70

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
U7ys3L8PzthcmJ0ZdIJvdAIW_hWMFYT8
Content-Encoding
gzip
Last-Modified
Sun, 04 Apr 2021 08:36:09 GMT
Server
AmazonS3
x-amz-request-id
D8ND05M4WAA9RCMG
ETag
"2813edd448af5807cba4da4956c5c23e"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Fri, 09 Apr 2021 21:05:02 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
37261
x-amz-id-2
y13TsXtjsYfFzuR1Tr0MFf07l5Bhn4VqBr5pIbSavLkmyFoz/fas8KP4t2hiTS/Q18nLfbYm2pY=
gen_204
pagead2.googlesyndication.com/pagead/ Frame E698 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bmt-0fMFwYMCgG_-LjuwPr9m16A8AAAAAOAHgBAI&bg=!AgGlAUXNAAY56aLOOek7ACkAdvg8Wgl67U1DP3k8iv_n8PSIMHAj0uQql-R9k_mrXBgdBHDlkzcDvwIAAAIgUgAAAGhoAQeZAme3OdnWukM_H6Qg_0c3g__hKwV6jLwQdMTtVjWD3qOajjfQzltdIaTM1qPhhUv7MolrFeaVGb-kE9mJyINJzWd7tXAI2ZUGVaJYW0fv0DR9GsJlyfTyLIAqZ72ghQ3bNmsDyi3EA85PeNGoo_WX7IA1YBD68gOHu1cEfHohj7uBjJavEhn_0U4dMMUnwBTgx3N_YM-pGUgQaUJ8tDgIOpQkFpf9ogDfa0oxnDct7L8rd2qqq1KSgVhMQZV_ULYaMbII0m6yxBOBjSpJsN-jv6wHDXkjnoCrYll04aaUhBzjyJ6sj1KEMjbNLB2GIYVoMm6JWUHlOqzZnhTo9YO-vZJSb59YS3s5M8wSztUuOBLMgwu8NY2tjRLWUKVhiPpspV2M-xqAuBW0lgc-YRG8MgWmKbp9uH5gDut9JvMKl-K5C0kl1nZWLKIw-4OrwsER3z4qJlenJu2g4_-hIPvx0UzSBqbWmpwpfUHlDNEAEJLaOfRwIEC3ZCW5cSjhJxhBoikFZv6QBkMZF3tH_uAdn8IQ3GnJeXOz7rzvRfrL77vpGvEmbZIGjYbeyTklyk79Yb7Yk0tj2pCUYEs6H-JlEYh2X3HrcFLWgzTm8eICGaE1qdyEOx5EeZkrtApQOCDZe4HHroZDrcpAGvDXLBHT_XLPHtg-YC7m_60F6BYCs2urRODPHIzzAGLDdOojC5FWROLiwXYMtbxEezUbfeuKLLaBMCSLlJaOBWXHWOkQgJ79j8IIphm-LxJaqpkmxVHn6cPkCmrho5PkLAisqVo9hSY7yXqYJMQtGszpuDO7b5SGvHNbuEmU0-0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A64E 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdfJSfMFwYJq0G5CKjuwP-tKZwAUAAAAAOAHgBAI&bg=!WlmlWR3NAAY56aLOOek7ACkAdvg8WvIaQ9bxRTKa4-niehm0jdj80hHxFJVl8mpdt_jOPyc1LAldfQIAAAJZUgAAAGBoAQeZAm5ktVzb_0oZQGGMyOO7PRycr-VKwmL8nUn4vExo-ZvJAjy4nXiqDQXU71d7k32Fm-mSyUJTAX1T8u0lSSgK52foIA-8_MtCldx9T1PzK5YrHBpYQNDQKhpzdFQaFRCrLPGP728I_dRD6--_hIkUnKplLxy0_QrHNnRsnf2IAf_7Or6rNyWjetOxy9wDtxXC1ohYij6lhapYmwpHDU8dMYvCPjK9lP6GWQ1hPvfX0b4Tlyya1bd8r_NLbu8-ZDZ6N-OBOXXE0sl-EJ4OHIl3Ngu1IHWWBn49-UinoWWb07duCromF55jOZeYHp1FgLyGZ_PTASSMa06H3SZHCbVzkbXXWiRPrhyv2Askk0OB4TpTj7dnUpAi1iYiMJf5pfiz4pJG2-qJczY9cUynJIX6YkPC-J9d26anBCt2eAmfvjFklNUwjWkYywHKhHaLpP-dxVmMu7xC9JbA0QYVZXZWWmID15EgYcAGtorNa66jQ_g8Qu_5QuTcGY0Ax2ofl3Vpu9zSIJLr-z46hal7eHLHcGB28kCU-TRddfyBgYfjRExKcdYOzFd9I1vY0FRj4mOIsH8Nv5Qm1GCQ9w-BSbMJCsqA1uE4cMsUchpm6D80mkePTb04zLnZVeOaS0GpasIc-Wu3HslS1fcnlvANMJl9ldW56Om5RSw488EiQzYZwGMjNm5wuT8OGx5MphnTiv-KPliHvjH2PAir2S0F7rOIQButrw4-F7THQNx0DIgffWKE3xr0PsvCdLL0taefE5HIDtHX4AOiVp_T_grWKoiMQQwSm5P4ck8FAyBg33xyVblRG0e3o-1S3z7gSiZCpThA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame 5A05 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.27.36 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-27-36.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

Host
cdn1.avantisvideo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

x-amz-id-2
Vz5k+r1Dj31bXhQ47DO2m43ISuw2JqztkyxpqWW4LYrtN254dLE6bpKVE8MJ77EZA7/b3DafJ9Y=
x-amz-request-id
F1ZEQXTZPYD467XZ
Last-Modified
Tue, 30 Mar 2021 10:01:49 GMT
ETag
"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id
Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 09 Apr 2021 21:05:02 GMT
Content-Length
15098
Connection
keep-alive
X-Forward-Proto
http
CDN-Origin-Protocol
HTTP
gen_204
pagead2.googlesyndication.com/pagead/ Frame 41C4 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLNXmfMFwYMuCH-WqrAT2x57oBQAAAAA4AeAEAg&bg=!aGulay_NAAY56aLOOek7ACkAdvg8Wpjmkq4zRyOSOZfaVs20tUxsFWyJ9UOhvEGolQs7-7K9TgxIzgIAAAJeUgAAAFNoAQeZAnf2ddo-_mjpwZxblkHGvC9rwJOPlHGYInFoscl5D8rGuCjshXVXA_qWM4Poi8dtT0dmksfZUO1etQUJHfewcIXuYcZSQwVMty7uIYSQYrNFd4veA3ZSpXU22lrwgMp7fqxzsc2_4nNIloEQiY8iis0UBjv0g0dypAQ0SdFXBt4Dr08gDOGHOrX1GY_CsoW6Km0Gouo1YzZvYx13yCLs7ba55YMS_q0DxrLHcequI1eIMljRPUdT_-okb6G9nSRjypW8993x-Q2uSAxV3BqANXUIuQjEwjk5_BPOehBMxjsd5c9Prj0MDdCplarcu5VgAcXZLxf1kIzOl4cPE3_62AfAwGOxfZGMMMC4AG6dTRTmEFI846iJ96YQCfTI5AKrJfnEfXdCO1h9uwuGgwnENbWRmYiG3lWaK8ImlgdE_BegyswrJJ63h8nH6o8pCxqdAB7kdmHgarZzPt8TXQ9kE87HfaERFe_pGKDk_w5MnwPe1pZJRgtb2Feg6eWLtpp_mFEXghB5wJswYYZogKrq_Fi1M9c6vvoMCXmeC1WOQr3CxzLQmWRcoypnvelglMy_-IKinZPKcRkMYGCiGHNtqzBNmCoEPJcqLnV4tkIc17YIPGoCXWesT5qLWDUm_Q7uXXgaEQl19mQZW16QIToIZX181jJZZ9bTW8P8cD-OkYdMw0dGyMnOq78u0KNeJ18FZKdl5eY9K8vpulV4RRC6Pv4onlECwWmx3uv7h0rfH8vyyr8qqXuEqUgcJS6ikDQI9w0QKpXAPdMz1Dcf5ld1liNIrP_aPvmdTSMoXZufYwLjmdhKHDeYSqxmSfyqGlEO9C6rhxNiic1p
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 09 Apr 2021 21:05:02 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
geoip
avm.avantisvideo.com/api/v1/ Frame 5A05 		119 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1a7cd92d68c45ddda11b374e08941fc9b4ef428704408dc9de1a10fb7aa40668
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
119
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Fri, 09 Apr 2021 21:05:02 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
dt
dt.adsafeprotected.com/ Frame 9625 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930701&asId=31f53b75-e57a-3779-fc5e-bbe56b6cc084&tv=%7Bc:9kp5Ll,pingTime:-10,time:1757,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1618002301800%7C%7C93a7446b25684bfdee6a85177b15077b%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Ceb9aa6f9581e51802a30cf1bcba25554%7C%7C16fb807bece40ae79866d15bbe79bb00%7C%7C859429360e0b40f1d9dbb813f934379e%7C%7Cac276451c1f774920af7819d32b8c592%7C%7C06d8b5e703a23af5179efc683ee59f48%7C%7C1614879537,ch:n,sca:%7Bspg:545b59e5-b1c2-ec69-7c9c-38aab2eb5300%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.12.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-12-133.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:02 GMT
x-server-name
dt50.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&eu=false&country=CH&hour=23
Protocol
H2
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.123greetings.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
/
events.avantisvideo.com/ 		2 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:03 GMT
content-length
2
content-type
text/plain
generate
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&eu=false&country=CH&hour=23
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.237.126.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-126-120.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b7ed87eb3e2363cb3f400e1c0632629b585889681393b452766dce53d5f23f2b
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
1947
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Fri, 09 Apr 2021 21:05:03 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
x-guploader-uploadid
ABg5-UxG9IppheXTFLrzRzriJvx6awKY3MeztCDmBbtTdyP52tqWARdAPEuwbL10uVqPG7CQT17Ywk3UigVGcuEjGyY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
2
last-modified
Thu, 14 May 2020 13:22:36 GMT
server
UploadServer
etag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=1800
x-goog-stored-content-length
2
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 09 Apr 2021 21:35:03 GMT
aniview.js
player.aniview.com/script/6.1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1028e6c264ccb5e7a11f656490b6388a0cd366c725dec74a5e66d53e51c9735a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UygtAmGW5mdVM8fMnqm1-02Tmhw7NCu6mkC2GTR0qgYMXtKJj5j85C1j7iD4QwZG6GwSfzCSFoxA6f7zL1FkAU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9055
last-modified
Wed, 07 Apr 2021 07:13:09 GMT
server
UploadServer
etag
"47dd7f8cba829fab0e53d0e8dcfc529e"
vary
Accept-Encoding
x-goog-hash
crc32c=ON68Og==, md5=R91/jLqCn6sOU9Do3PxSng==
content-language
en
access-control-allow-origin
*
x-goog-generation
1617779589282019
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9055
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 09 Apr 2021 21:10:03 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame C426 		334 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
af5885715f403edb9be18e3f244de575862229474d957e5bcd75cb5e036bc9ca

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UygzkiRZhNm6y3OKnjuvXZ9HCYGfpTdOjFVpPWpHkJ4sa4Qak8y5PYfCCTwHyxHW_extvlIYIqABGXKE8KWmeQk2lVZgQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
96608
last-modified
Wed, 07 Apr 2021 07:12:37 GMT
server
UploadServer
etag
"bc45349eaf48737219d6f20cf3387e2d"
vary
Accept-Encoding
x-goog-hash
crc32c=83gVGg==, md5=vEU0nq9Ic3IZ1vIM8zh+LQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1617779557398487
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
96608
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 09 Apr 2021 21:10:03 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame C5DD 		334 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
af5885715f403edb9be18e3f244de575862229474d957e5bcd75cb5e036bc9ca

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UygzkiRZhNm6y3OKnjuvXZ9HCYGfpTdOjFVpPWpHkJ4sa4Qak8y5PYfCCTwHyxHW_extvlIYIqABGXKE8KWmeQk2lVZgQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
96608
last-modified
Wed, 07 Apr 2021 07:12:37 GMT
server
UploadServer
etag
"bc45349eaf48737219d6f20cf3387e2d"
vary
Accept-Encoding
x-goog-hash
crc32c=83gVGg==, md5=vEU0nq9Ic3IZ1vIM8zh+LQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1617779557398487
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
96608
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 09 Apr 2021 21:10:03 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5e5bd1f528a0610dd725f7d8&e=inventory&vi=100&cb=1618002303549
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5ec3e3871f5e5c792c20f9f7&e=inventory&vi=0&cb=1618002303585
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=303549&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1618002303590
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-145-49.compute-1.amazonaws.com
Software
/
Resource Hash
1196b4918ac60d8e38f87e90fd90ceafd30e975bad67128e98503150dad8a0f0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 29 Mar 2021 07:18:23 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:03 GMT
content-length
2
content-type
text/plain
/
go1.aniview.com/api/adserver/tag/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5ec3e3871f5e5c792c20f9f7&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=303585&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1618002303614
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-171-145-49.compute-1.amazonaws.com
Software
/
Resource Hash
cc52b6f9ccc366389cb97714c5cf72d1f2c9fa1f0a295c9869716b69e6b6d8bd

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 29 Mar 2021 07:18:23 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:03 GMT
content-length
2
content-type
text/plain
cookiesyncendpoint
sync.aniview.com/ Frame 963B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618002303888-974353354871-020252-006-006895%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1618002303888-974353354871-020252-006-006895%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1618002303888-974353354871-020252-006-006895&biddername=55&key=7621382829360555052
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1618002303888-974353354871-020252-006-006895&biddername=55&key=7621382829360555052
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.116.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-116-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1618002303888-974353354871-020252-006-006895&biddername=55&key=7621382829360555052
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
content-length
0
set-cookie
2_C_55=7621382829360555052; Path=/; Domain=aniview.com; Expires=Fri, 16 Apr 2021 21:05:04 GMT; Secure; SameSite=None 2_C_55=7621382829360555052; Path=/; Expires=Fri, 16 Apr 2021 21:05:04 GMT; Secure; SameSite=None

Redirect headers

Server
nginx/1.17.9
Date
Fri, 09 Apr 2021 21:05:04 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1618002303888-974353354871-020252-006-006895&biddername=55&key=7621382829360555052
AN-X-Request-Uuid
06f6e44b-d32e-4d4e-8f61-c80f73f5888f
Set-Cookie
uuid2=7621382829360555052; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 08-Jul-2021 21:05:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.197:80
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&us_privacy=1---&cbb=8002303978&imp_id=a33e1473-11eb-4e42-83bf-bc2f951e5f6f
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:04 GMT
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.110:80
AN-X-Request-Uuid
faae8583-c1d2-4027-be30-d93acd151034
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21310674&referrer=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&us_privacy=1---&cbb=8002303979&imp_id=a33e1473-11eb-4e42-83bf-bc2f951e5f6f
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:04 GMT
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.89:80
AN-X-Request-Uuid
c11bc1da-26a2-472e-8f92-7f5cac30c62b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame C426 		267 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5474822f2c0ff20ba41097c37b6f27786fbc9311bf5c42d5ddd6bc8cf4981c9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzDMHtcRb-ad208b0PCEc0XQsxeJrnqrpFJYWt8juEG3Qc1rqGM1iHiTs5407zrM9KRizROUuFaIer2B_9e00rbfjQq0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
86063
last-modified
Wed, 07 Apr 2021 07:12:09 GMT
server
UploadServer
etag
"e87f8984848d97e4a493eeb1e183de61"
vary
Accept-Encoding
x-goog-hash
crc32c=qbKelw==, md5=6H+JhISNl+Skk+6x4YPeYQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1617779528881507
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
86063
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 09 Apr 2021 21:10:03 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:04 GMT
content-length
2
content-type
text/plain
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:04 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26875&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-974353354871-020252-006-006895&cha=0.05&cb=36305306971&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1618002303982&asid=606f23475c1ec675f91be5cb%2C6012e07d2dbaf03bbd1c0d08%2C5e9030afdc817965520eb855%2C6065c8687e7154145d42bfe5%2C606ecacfdbf8a37b043bee55%2C5f3500a41c87da63396619f7&ofpr=%2C%2C%2C%2C0.52%2C0.12&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cookiesyncendpoint
sync.aniview.com/ Frame 9C68
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1618002303888-985888694871-020974-015-008521%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1618002303888-985888694871-020974-015-008521%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1618002303888-985888694871-020974-015-008521&biddername=55&key=3270019702657243340
0
214 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1618002303888-985888694871-020974-015-008521&biddername=55&key=3270019702657243340
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.170.116.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-116-13.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1618002303888-985888694871-020974-015-008521&biddername=55&key=3270019702657243340
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
content-length
0
set-cookie
2_C_55=3270019702657243340; Path=/; Domain=aniview.com; Expires=Fri, 16 Apr 2021 21:05:04 GMT; Secure; SameSite=None 2_C_55=3270019702657243340; Path=/; Expires=Fri, 16 Apr 2021 21:05:04 GMT; Secure; SameSite=None

Redirect headers

Server
nginx/1.17.9
Date
Fri, 09 Apr 2021 21:05:04 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1618002303888-985888694871-020974-015-008521&biddername=55&key=3270019702657243340
AN-X-Request-Uuid
c93f92f9-6f11-4d12-aaa6-f74858eeb0bc
Set-Cookie
uuid2=3270019702657243340; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 08-Jul-2021 21:05:04 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.105:80
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&us_privacy=1---&cbb=8002303992&imp_id=74710cf3-724f-4864-afd0-3ebbb5b80b99
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:04 GMT
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid
b8d30b8e-7b30-41f1-a2a6-0dabe135cb14
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21310674&referrer=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&us_privacy=1---&cbb=8002303993&imp_id=74710cf3-724f-4864-afd0-3ebbb5b80b99
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:04 GMT
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.104:80
AN-X-Request-Uuid
673eff43-e7de-4a2d-954d-2a80256445c8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame C5DD 		267 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:10c:48b::2c79 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5474822f2c0ff20ba41097c37b6f27786fbc9311bf5c42d5ddd6bc8cf4981c9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:03 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzDMHtcRb-ad208b0PCEc0XQsxeJrnqrpFJYWt8juEG3Qc1rqGM1iHiTs5407zrM9KRizROUuFaIer2B_9e00rbfjQq0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
86063
last-modified
Wed, 07 Apr 2021 07:12:09 GMT
server
UploadServer
etag
"e87f8984848d97e4a493eeb1e183de61"
vary
Accept-Encoding
x-goog-hash
crc32c=qbKelw==, md5=6H+JhISNl+Skk+6x4YPeYQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1617779528881507
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
86063
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 09 Apr 2021 21:10:03 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:04 GMT
content-length
2
content-type
text/plain
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:04 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26879&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-985888694871-020974-015-008521&cha=0.7&cb=98757756381&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1618002303994&asid=606f23475c1ec675f91be5cb%2C6012e07d2dbaf03bbd1c0d08%2C5e9030afdc817965520eb855%2C6065c8687e7154145d42bfe5%2C606ecacfdbf8a37b043bee55%2C5f3500a41c87da63396619f7&ofpr=%2C%2C%2C%2C0.52%2C0.12&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:04 GMT
X-SpotX-Timing-Transform
0.001536
X-SpotX-Timing-SpotMarket
0.004495
X-SpotX-Timing-Page-Mux
0.001107
X-SpotX-Timing-Page-Require
0.000294
X-fe
052
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000005
X-SpotX-Timing-Page
0.010748
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000373
Last-Modified
Fri, 09 Apr 2021 21:05:04 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.004495
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.002922
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:04 GMT
X-SpotX-Timing-Transform
0.000276
X-SpotX-Timing-SpotMarket
0.003217
X-SpotX-Timing-Page-Mux
0.000786
X-SpotX-Timing-Page-Require
0.000313
X-fe
139
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.006471
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000338
Last-Modified
Fri, 09 Apr 2021 21:05:04 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003217
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.001528
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:04 GMT
X-SpotX-Timing-Transform
0.000592
X-SpotX-Timing-SpotMarket
0.005517
X-SpotX-Timing-Page-Mux
0.003104
X-SpotX-Timing-Page-Require
0.000933
X-fe
076
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000005
X-SpotX-Timing-Page
0.013368
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.001388
Last-Modified
Fri, 09 Apr 2021 21:05:04 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005517
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.001811
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:04 GMT
X-SpotX-Timing-Transform
0.001985
X-SpotX-Timing-SpotMarket
0.006422
X-SpotX-Timing-Page-Mux
0.002113
X-SpotX-Timing-Page-Require
0.002429
X-fe
007
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
X-SpotX-Timing-Page
0.018618
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000679
Last-Modified
Fri, 09 Apr 2021 21:05:04 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006422
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.004942
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000019
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26875&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-974353354871-020252-006-006895&cha=0.05&cb=36305306971&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1618002304263&asid=606f23475c1ec675f91be5cb%2C6012e07d2dbaf03bbd1c0d08&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6CF0 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117138
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 023F 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117138
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:04 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26879&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-985888694871-020974-015-008521&cha=0.7&cb=98757756381&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1618002304326&asid=606f23475c1ec675f91be5cb%2C6012e07d2dbaf03bbd1c0d08&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E50C 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117138
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A14E 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117138
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:04 GMT
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame 340D 		574 KB
188 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152494
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 023F 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:04 GMT
integrator.js
adservice.google.com/adsid/ Frame 023F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame D0E5 		574 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152494
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6CF0 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:04 GMT
integrator.js
adservice.google.com/adsid/ Frame 6CF0 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4294 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2467
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:23:57 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0669 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2467
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:23:57 GMT
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame 3881 		574 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152494
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame E50C 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:04 GMT
integrator.js
adservice.google.com/adsid/ Frame E50C 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame 24FF 		574 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152494
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame A14E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:04 GMT
integrator.js
adservice.google.com/adsid/ Frame A14E 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 676C 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2467
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:23:57 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2179 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2467
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:23:57 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 340D 		156 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FOutstream_123greetings_Desktop_Slider_T2_Avantis_Google&description_url=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1231957574831148&nofb=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3601226093&sdk_apis=2%2C8&sid=2BBC54D9-975C-4FB0-9C2E-4A10C94A266A&eid=44729226%2C44737598&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dt=1618002304838&cookie_enabled=1&scor=1733319778867214&ged=ve4_td1_tt0_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D0E5 		156 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=466148854292989&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=4122312502&sdk_apis=2%2C8&sid=6D5EA5F2-D0CD-4D5A-8B4C-3E1FCA9ABC9D&eid=44729227%2C44737599&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dt=1618002304929&cookie_enabled=1&scor=3959386016443817&ged=ve4_td1_tt0_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 3881 		156 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4233354361647482&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3258722799&sdk_apis=2%2C8&sid=36CE6087-CD14-4885-932D-629686DC26F7&eid=21064201%2C44729226&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dt=1618002304971&cookie_enabled=1&scor=2404703815587863&ged=ve4_td1_tt0_pd1_la1000_er1420.310.1572.610_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 24FF 		156 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FOutstream_123greetings_Desktop_Slider_T2_Avantis_Google&description_url=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=378920780644335&nofb=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3640575345&sdk_apis=2%2C8&sid=FD691932-B80B-4276-895F-3B396B8D39F2&eid=44729226%2C44732023&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dt=1618002305009&cookie_enabled=1&scor=2078356335710274&ged=ve4_td1_tt0_pd1_la1000_er1420.310.1572.610_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:05 GMT
content-length
2
content-type
text/plain
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&us_privacy=1---&cbb=8002305280&imp_id=79b9bed8-3bf1-433e-9843-78f56ea4956f
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:05 GMT
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.100:80
AN-X-Request-Uuid
9c4826b4-b360-40f6-99ed-539c360924d3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21310674&referrer=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&us_privacy=1---&cbb=8002305281&imp_id=79b9bed8-3bf1-433e-9843-78f56ea4956f
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:05 GMT
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.71:80
AN-X-Request-Uuid
3d47e49e-215a-4e11-834f-922047df0ca2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:05 GMT
content-length
2
content-type
text/plain
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:05 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26875&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-974353354871-020252-006-006895&cha=0.05&cb=36305306971&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1618002305282&asid=606f23475c1ec675f91be5cb%2C6012e07d2dbaf03bbd1c0d08%2C5e9030afdc817965520eb855%2C6065c8687e7154145d42bfe5%2C606ecacfdbf8a37b043bee55%2C5f3500a41c87da63396619f7&ofpr=%2C%2C%2C%2C0.52%2C0.12&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:05 GMT
X-SpotX-Timing-Transform
0.000311
X-SpotX-Timing-SpotMarket
0.003648
X-SpotX-Timing-Page-Mux
0.001001
X-SpotX-Timing-Page-Require
0.000300
X-fe
118
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000030
X-SpotX-Timing-Page
0.008497
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000258
Last-Modified
Fri, 09 Apr 2021 21:05:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003648
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.002937
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000012
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:05 GMT
X-SpotX-Timing-Transform
0.000279
X-SpotX-Timing-SpotMarket
0.003226
X-SpotX-Timing-Page-Mux
0.000851
X-SpotX-Timing-Page-Require
0.000373
X-fe
142
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
X-SpotX-Timing-Page
0.006508
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000396
Last-Modified
Fri, 09 Apr 2021 21:05:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003226
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.001367
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:05 GMT
content-length
2
content-type
text/plain
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&us_privacy=1---&cbb=8002305365&imp_id=6d777c10-c150-4fdc-a902-0e212a0f8aa6
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:05 GMT
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.154:80
AN-X-Request-Uuid
8ff00109-c2e8-49a6-8b10-1765934216a3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=21310674&referrer=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&us_privacy=1---&cbb=8002305366&imp_id=6d777c10-c150-4fdc-a902-0e212a0f8aa6
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 09 Apr 2021 21:05:05 GMT
X-Proxy-Origin
185.236.201.148; 185.236.201.148; 690.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.49:80
AN-X-Request-Uuid
679dbd29-e7b5-41a7-baa1-53cac7268cb2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:05 GMT
content-length
2
content-type
text/plain
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:05 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26879&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-985888694871-020974-015-008521&cha=0.7&cb=98757756381&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1618002305367&asid=606f23475c1ec675f91be5cb%2C6012e07d2dbaf03bbd1c0d08%2C5e9030afdc817965520eb855%2C6065c8687e7154145d42bfe5%2C606ecacfdbf8a37b043bee55%2C5f3500a41c87da63396619f7&ofpr=%2C%2C%2C%2C0.52%2C0.12&fpo=%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:05 GMT
X-SpotX-Timing-Transform
0.001639
X-SpotX-Timing-SpotMarket
0.006791
X-SpotX-Timing-Page-Mux
0.001347
X-SpotX-Timing-Page-Require
0.000651
X-fe
044
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.014674
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000437
Last-Modified
Fri, 09 Apr 2021 21:05:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006791
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.003789
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 09 Apr 2021 21:05:05 GMT
X-SpotX-Timing-Transform
0.000303
X-SpotX-Timing-SpotMarket
0.003289
X-SpotX-Timing-Page-Mux
0.001030
X-SpotX-Timing-Page-Require
0.000403
X-fe
082
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
X-SpotX-Timing-Page
0.006943
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000394
Last-Modified
Fri, 09 Apr 2021 21:05:05 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.003289
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.001509
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26875&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-974353354871-020252-006-006895&cha=0.05&cb=36305306971&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1618002305455&asid=606f23475c1ec675f91be5cb%2C6012e07d2dbaf03bbd1c0d08&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5209 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117138
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:05 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6DD3 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117138
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:05 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26879&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-985888694871-020974-015-008521&cha=0.7&cb=98757756381&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1618002305496&asid=606f23475c1ec675f91be5cb%2C6012e07d2dbaf03bbd1c0d08&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0B86 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117138
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:05 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 16E7 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117138
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:05 GMT
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame 4B4A 		574 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152495
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6DD3 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:05 GMT
integrator.js
adservice.google.com/adsid/ Frame 6DD3 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame 418D 		574 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152495
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 5209 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:05 GMT
integrator.js
adservice.google.com/adsid/ Frame 5209 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8CF6 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2468
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:23:57 GMT
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame E9B1 		574 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152495
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 0B86 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:05 GMT
integrator.js
adservice.google.com/adsid/ Frame 0B86 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.450.0_en.html
imasdk.googleapis.com/js/core/ Frame 84CB 		574 KB
187 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.450.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
191926
date
Thu, 08 Apr 2021 02:43:30 GMT
expires
Fri, 08 Apr 2022 02:43:30 GMT
last-modified
Thu, 08 Apr 2021 02:37:23 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
152495
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 16E7 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:05:05 GMT
integrator.js
adservice.google.com/adsid/ Frame 16E7 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Apr 2021 21:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C9FC 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2468
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:23:57 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A663 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2468
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:23:57 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1EC6 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 20:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
2468
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 09 Apr 2021 21:23:57 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 4B4A 		25 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FOutstream_123greetings_Desktop_Slider_T2_Avantis_Google&description_url=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1569706871688620&nofb=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=1644027974&sdk_apis=2%2C8&sid=C0B0C5FA-00DB-4896-9DFC-C4C63CE333AA&eid=44726389%2C44729226%2C668123728&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dt=1618002306130&cookie_enabled=1&scor=4284339682699371&ged=ve4_td1_tt0_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
ltt /
Resource Hash
740805840530fc380a98a616103ec6ac971d77c016b0f4309f6632381a8871fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7125
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 418D 		156 B
957 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3365868648008253&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=175927010&sdk_apis=2%2C8&sid=B94FE294-3081-4C21-A36D-592CB6AD43E2&eid=44729226%2C44737599%2C44739825&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dt=1618002306148&cookie_enabled=1&scor=723796059883377&ged=ve4_td1_tt0_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E9B1 		156 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=233925499293887&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=1885377968&sdk_apis=2%2C8&sid=D49EEA92-6ED7-4464-B7DD-057A55FA1234&eid=44725356%2C44729226%2C44737598&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dt=1618002306186&cookie_enabled=1&scor=2735584784227042&ged=ve4_td1_tt0_pd1_la1000_er1420.310.1572.610_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 84CB 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FOutstream_123greetings_Desktop_Slider_T2_Avantis_Google&description_url=https%3A%2F%2Fwww.123greetings.com%2F%3F%3Futm_source&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3653709301618785&nofb=0&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3515805784&sdk_apis=2%2C8&sid=D583A607-3B51-48BE-A605-DF0F836C4B10&eid=420706141%2C44729226&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dt=1618002306195&cookie_enabled=1&scor=2968570321911027&ged=ve4_td0_tt0_pd0_la0_er1420.310.1572.610_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
ltt /
Resource Hash
c4d0b25e2cb75fa9cc645c474a57b4328fb9ae377be8f76e58a81a4879f757b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7126
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 84CB 		26 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C3w4DdZZQ6m_jX41zfhcQIERT34HIr40E_81SpNq3NpAJM6Kv9NO8cqikam9LiFMUr7XqAtVHAN6bI2yJQlgmkM_Ikzw&dbm_d=AKAmf-D7Md7D6GuCN98yf44_tW6UBOfW4YplIM0HBq7C_rYwQEQ0iwVU1awd5YPfRxaTSMlsZ-Jm30pg4XZeWfjjPDoRQXQraXWUWNv3-QqjQVhpczDn-iTCgRjyuAe3UhwaJJP-fJ1ut7z42GLaTip8oK5Bpl25vlD4KxORchMxY18ErBw_d4PgmCGg-BoJDVoSdJ1AWSfPjWRXmD653ch16jGepO_HKGXG8nkottVPmu-KT-M9kFpEYg_yHXjDa1YPeB18rmylza71fQzPtlQzZD-O8LGNMbohsXAZ51VAdjcdNDv7NRVr8ev4OKGbEA-ExXTyXif4RpVkpX3Rk4fHHDXQ_JdNmZC_BUTfBCBY-9lmOuEBYAgqgScT_s7Kn7AZXyeUQ3Osh77_4RWutdsNiXfuWNf2Tc9lrXWDmtTZyjiYfF1NPFjgSjhbTcb1H7rCPDe1Xe_0D3A2BATDihWGFIMohjYXI1QuY9gnBnTjaNY6smkinPgo76SgZAAIkWeJBB5LxYRHTeNXWRoCkVL7osXZQ3O31Jc-LPdc3VsTr_H8ziM2VrZRXBwF0ic79IGCR6KmwTz4QQOWMzuTLf5wfSHTvgnq-l2CNdRfaJxkm7cmBy0DkuiLSNudkFx4KxoC2bBlv8V8ix_qI8DCoCVI_jZCAM5RAHlAZWpaQJL4yuRfR7nfKQtqV8qW9KrTrXtacRZYSdl9oVyW2TfLocE7rrom0DZNZznRnz3u5krtwYcKQktzhU5zkDXd358wAf4jjHKJOwhNEUt15Po5RtGIARk01mnNzYJ8Vizml5lEgvzJBjFo7V6o3WDePsoyn5TLD9o8Th6yv3NK3cU3IEwAReLmWms9DZ4huhutbs0WLlVlDEGL9vbiE6W0CT6uGUKeAh37c7fUpRB7y6Q7ZKZ3VpgyOVpoG-d_3m7egRCskSyWDQrEhY9YiCH2MU-XZWmebBSWNonwRFONrrx4MWOHOlMQhSXbvLtNBLmjbL9QhW5hsiBwO0JE8-dkWlqa0AJFBCHlBho2BGFNbmE-xBBV768-k1gJ65ImRQ63OPUfQo6QyIo0dYu1L6vgcq-OQMbbZxaJ4pooPvQkHXUiSkTx5fJyw0MLcUwqIgz0qvnmgAH1F3RZw7bSVt1bdxEJS2TbFoTnWAJtgyTI2DuH4zDZ4orDqpZ5-BpLJHjuqSgqC0oGNrM7WXcxEqHDPanHo_wnrvhQw9UeoSN4xL_WQgNoxPyHAwkicr_lFZaWSL0cA8FR8bXiqzL6zwZ49iqKfO1pzaZKg4DYQBCJ2xQJy3K2QRXY-zWYqDm9dmw7QMYuaMXyCNZcX724G5JC3Tnib4ZqF4JWthjnmcKFftNL9Law_GqukJKL4tXCAU08exSIUTY7iEWAwcuYIujnKjiedJE9EyN5QhQ21_pBLc0pAy0ei1llj4MmRLEDN9sFfvKwXuNTZTuoTGoFiFOG2nBVnfz8tPL1eLz4AJOAN0GSH3MR2_l7dc2_fNQC_G1UnV-SG7Fsdv3DKLxc8NkoGjbfKo0Ah3XQStq6iKTuARBZsmWQGwNJV0SUCPW5SApExlxNU4CFX5RTMnlVL3UE54jxGCCVMJEstt8QU9sowTTXRSoBzH5wZ9KiIJovcznKOouvcKchtwlGnBJ5NW3HhRlJ1VLEAQQ-s2MuQLvoknQknSkNwn7Yh5l_TXt7l3IsvnU7hUOyngQkYMmu7yAztEzaE8h03waoOB42iufvORZh5yas9YqtJclurFxc4BGsuTuYRSTWYT_5jQ6j0qrMIDz1nvDWlCF-26WD60PWW2gJ1Hfy2vkmKwEapCOd0n0oAmwz9OhH-NALWNUGV9X-lvXVTUD9dn4qPndOmGo2ENKBEY9I1Cvw5uc5fSy5JOTNhZzfq8Tdgh3Mufx_g8VeINom4GzQLHPJgPpfXai8PVDmKYLJCKy2EFWTe_m53g47EZ74nF3gBcfcv6aaKl1Ow_DpAA5FW1nJgmszTHQlxfIpB8no24PZ2GOGt3VioaIjlnjvXgSwPVnwClGt-G8ZLe2R5jIDOnyEtVEug1j2sSH-l7mtTU-mYPF_iEAR3Gru8vR3BYq2odAr4VI3TOcKt1-cD3ypJJGrQV1SJJ59RhkD5e4KRjMAPPG52SQGzxbNOH5RDao5QRMvaXErBONY0fE0I1tQBKDIMubGENJS6hgJmTCQAVg8cP4L04mWGNFMeps75DAbVGuS0EeitPsplOU8lEnI-UuahKKhhsAOXsDWNq_UUIrO95ZOAvY3aIDGrlK6qZdv4iJWwwfEPuZH311xEshQmqi-e0b6b-00oug6eWPtydBRcEmTqPZ3hfeMCTzKvt5zW7yeFMXuvv9QOD84PnO8oWDkr8KQEHTbmoJZAiY003iMSqbM-yFcTYN5cWO3IykVzrlJWxy9ffSic55rEx3tmbhorma7nO1dVZ9YD7PvMdtbWzBlWYgaFF_w-rNasKkdDdn_ZzLjc7hv7rN0jaBSNUcibuMvbp9QRNFRusv8HnY2VH093OeG3lpjYAchfG5GRAhDHKZNsnO-bzwcfCPGd5Q9cuFyzJKAiYFjxoY-X2K3NpNt7WVqH9ovcxH2WTu0QvXmhVX5uN9H15F1sozea85hKV_Fr0ncgqZvh_MpjGsMo-Aym8FcUmYIBEi3Nd-XAk7C21qNNhQ2sJefcJ3KX-YdURq0DSq9hNgfuB_dvjxQkGulJphjghWJJGo3Rt-zLKr5aQOwq59wlK7LlGIblN5tomoJacbWuMoJIaNQSwE8IJQP3mKH0OaTP21x_XTDPpBHqib9O6YfxISHpynArJY_1jkZcZUjRLNWGa-ogl2P3PEWGJ-eHnbT-AociR81yjBMYFAVsWfr2k7_ERctvjpU6K2PSDOSwmFNfAQTnU_ibrlJEg36TqEqzyxgDZ6IBA1CtD_Wo2oYJ6cOY4-L9cE0p05nUMJ2BLbMeYh3bzYfTVALlDJLxNZyHpYNyv5AIHFT8zKsF5PRuXD4n-r9V-1cQczzrNuh7aByp8ompr9U2qu-_u25ru1oBLwd9HolgFYq11vc6VuZhLeyU_wuiMxmgTZ-PneB5EK2ffgsrSbWjt3E2pXqme_1oDgYyHxSEQC2TYwXLRwb9NGu3k6v2WAtrjg3NG3cMKdVoDI3fJGMAugz3Hsn74CyIGRvEYR9Bdjh0mH3Fb56mS9pj73mt1jTGw_U_nCrWVU4YWVd1y8hfoo_9qsdWeKGxxhJpHMzpxZiZ7pMAfxA74WCDxyo7Bpdg1Zc0FaNuWOSCxRI_zmDeNSc9A&cid=CAASEuRoaBkQcoyynQNjZZw--cDdgQ&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&u_so=l&ctv=0&sdki=44d&adk=3515805784&sdk_apis=2%2C8&sid=D583A607-3B51-48BE-A605-DF0F836C4B10&eid=420706141%2C44729226&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dt=1618002306486&ged=ve4_td0_tt0_pd0_la0_er1420.310.1572.610_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f154.1e100.net
Software
cafe /
Resource Hash
19c95d9d46105c9c65f9b2642c5e0ff04ccfcd7cf72aee424db51088e03f74a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12261
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 84CB 		0
322 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knasspjw&c=58532083923&slotId=29266041961.5&qqid=CMuN16WI8u8CFavk3godK38EwA&gqid=gsFwYLD8Dcz7zAa4toKwBw&fb=ima-html5&sdkv=h.3.450.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=420706141%2C44729226&vmfc=17&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 84CB 		42 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CKIR6gsFwYMvED6vJ-war_pGADLzE36Jhuf-v3qkNpv7U_4sfEAEg3NzOe2D1lc6B4ASgAaycw-QByAEFqQKBioJ5dSOyPqgDAcgDE5gEAKoE0wFP0DZeWfCtOTQHT56VoTKjc5ec_6hKj9KfR-yy1TvRWqfFTMI2tC51OURmearJ2DKcJwDwU9m8IdZRA72xRk6zBItXlQzgW9BQxisNEZdveHLyCvUjC7ndeMQH5G2xhU9DvK_GCbGwIlCNi9lkM-gkonNuxHKkrPl61tR_C40OukOQhRPaqIAPBzwJFwqCLwgsdWJk9osZzBOl0-FN6YA5PZtTJR1zehn_yRDv3efAzehgMQYRgp4EuMAlZ4TtJZWk1BSdqGOCcUU_gZTgfybuAk4XwASNrOi1qAPgBAOIBaiAh7gtkAYBoAZOgAe847ybAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgOYCwHICwGADAGwE_DRkAvIE8TdsQnQEwDYEwqIFAXYFAQ&sigh=sI0RDP9uClU&label=show_ad&acvw=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:06 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 84CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CUdhWgsFwYMvED6vJ-war_pGADLzE36Jhuf-v3qkNpv7U_4sfEAEg3NzOe2D1lc6B4ASgAaycw-QByAEFqQKBioJ5dSOyPqgDAcgDE5gEAKoE0AFP0DZeWfCtOTQHT56VoTKjc5ec_6hKj9KfR-yy1TvRWqfFTMI2tC51OURmearJ2DKcJwDwU9m8IdZRA72xRk6zBItXlQzgW9BQxisNEZdveHLyCvUjC7ndeMQH5G2xhU9DvK_GCbGwIlCNi9lkM-gkonNuxHKkrPl61tR_C40OukOQhRPaqIAPBzwJFwqCLwgsdWJk9osZzBOl0-FN6YA5PZtTJR1zehn_yRDv3efAzehgMV4QIIcPglMy9UQd3ZJZLFw6REwknRbDW5wcjXz1wASNrOi1qAPgBAOIBaiAh7gtkgUGCBsQAhgBkgUKCCIQAxgDSPX6d5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHvOO8mwKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG9gHAPIHCxCtqIACGLWPhJwB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNDM0MTQ5ODA1MTEwNTc4NIAKA8gLAbAT8NGQC8gTxN2xCdATANgTCogUBdgUBLIXGgoYCAASFHB1Yi0yMDI0NjkwODEwMzgxNjU0&sigh=LzIIy_Bflfw&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&cid=CAQSPACNIrLMGQZYRX8DZW0AiW7cn75OeVX1K2qO9tOu_kCcemapJFr6cq6ZEf-iMe8UZUVnnaUS8wkawVX4PQ&vt=10
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
vast
bid.g.doubleclick.net/dbm/ Frame 4B4A 		26 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-B2kT40NBO39-DM_DRTIYscc3ZfD2BnR6Mb9bUdBo8jqBfsLq0_fhJc0rIfTBiqy5FEHZtuzlckg9_pWroZhnEA1_YcXg&dbm_d=AKAmf-AB3DYYyq2Ixn5yayyRxQTkJm02aXOedAkmb8Dt7hVQFyZcsRIOpWUst7wBmBYjc2IbDg2yEmuMjNGXtk_-3-siYwtvqmPWpqjdnPK4lgZBSVZ5bHSeK2wMZOnnX43LIZ-r3hg9yf-3DVnRDZiRpKV0VbYiqkRvci7L4pfpM0eV4WCz1Kboxfp6lJmAxElL6-SD57FN-DZ9nCXS5lkq8EMbeDyU8_maZEMoYm0p0IOMB_kyzfjDpiFX5PwSiSL65EcmryS2poE1MrAp18f7mGQGVoCl7nRS5wB6ba1MH1X1hxcFHFh8y215fo2byltHiMjNzNAbra-R04n3kFwrVLEgIdDvAEr2nBoZx8B7CEE5HuoKX9IBpMOutcS3nJJS2x6QXUyXxPXem_f1R2KG7DKkqr7AMlBmpTISuvAx5XXR9GibRP52Edxs19-28YIDa6Fvd2KDhMI5xc8Qb1B3Uhj_vPYTMp6_OODtJj-8y1U_ipj6mBwLFg3cmpvuxN_N2K_W44MR0pgsEC7Tt0gfhfM-VuWyQIpAXmJ_TLkoDB7yy22gfdyUfNyUV1icyd-gi6c-FLyZRWdb_5i_Z0chfYVQ0vRlLjDdlUse7LE9zj0Vxb0NjhYTCscJtiLWjRymyyBS-fNIXYCcLQYCeZCyckdqSkqYfkvj5qP-PYGh1zByHi64lUu_emTb_coiJV0Bzw9Cia-8X2wj6bzvjRDqZUPFttzjXVFWmwW8W6AD071BElTHvS0BU8IWu0FwMGvuD5OoNyyBRu--dKw-ZdKeEnOSfPq-qG6q2iQdF3pbmCv-5XdjvLRwHHP6brg78hGvct5P1q_or2BlS79K6S0EVrJQFDBe1pgb4os5bmFr-pDmUHkduSraYM8LR0ihC3YmNw0IEnoI780PrXOW8etjupmdo8upN7YUHIpRf1sWRVIIGWSQzf13tiaHBxB5DqjvOmT4hQ_FDxngwkpkAG9vVAoYpCwX3D8DRLL-bDuC8FvV-PEe6S5HNfw1euXdp3ZvXHFra4SUKVTy0t64K7Ygve6YtdzAvEFM5JN1c9ZWCFlQ3T4SDPDoLJZhGSaMFAnty6nAXcrkLBVEXFdIsEa3VbGHB_OqKZN36OAVCIxl5710DcYu2n2Drm6bDAjDGDVMIHslgs50ADggUNz9wBZ8Rlqd2AptwrudZt8UqzaObPqXEp3p0xcpPUKH-etu2Zk6T9CocQ40Jj6YY1kfXmBllZMsz16Vnk2FpklM48sWQc-I2wHu6T81DNDKah33hf7xaxKppbJeDxIGhb5Qkv3y3ZbioMPk8vmhokCc3zlL9_JBAK5AEycjPQQiXa-NAyhskZ_8rUbwsU50MlMdrKfFBKYYVox2LW7ThpfCB7ZbOjOpvFFtqLTYY5AE43f1BswFHNAIlzko3vrx9rBQCf67Xnc1798aqLzzSJKwEtBxMojsmTnl2iPeY_dPC3EO-u-LiNtLQLBAp-_nGTlIEkAEpBuJB9SMBGz6tM9L24-sSiW2bgDElnS7Yrn6iGlJdgIy7wBcaRZUMjKexI55Ujz9oJ5chR03gxeYGPZFVFoqscpXoFVHvkTsASYGqWsSOPTg0Zth4b8fYKyRYZe16-qdCGLcx2hGDuE2i2AYBVp_QBd1l4oC7L0S-LJ26HNndsskIkPGoA4Mv6lyfiw4eoB09GalPVBTC8Iagf6pFuouSDTYRvHBEmcZ4EI7S2bFMTUT9cd2URv1fjNdYOnTAXURdEvyCcqUq0vIHvYwLNTCYfNP_AvPQaxJc1W-J0uTlCht71rzCKfoFH31IFPKc3Ja0590pfvw8hi_QdG0iNW6BaQK3c6crPsQRaeUU1BWSPp-mkXGSVJdXOOlcZWs9PM3dOGNeaQ11MYqbPJcn0a9bQrQZYgRYTQ5ozpXXA2hrDe17a6YcAg9FGxAxz03egomOhBlgmGbopjSrWNB3uyuXQAkFHC3FqysTd1mfeK-ipU0FfthyTzRcOTRSaykDTrTMMxes81Ic9-uYxQUAGvrWW-YUMw6S2BqNn7sd_TOtyupnjJoqVXocNN-btkKCfUB1mV5QOj_ME1eeXG-5RCSf-MsUJ1so6ElqnDbsDwYHEDwTtTt1OC943TWmk41EV39mNAx6SIIapRNJsJN8T7yvIOrZAu2R_yqGfhFOWDBXUq6SIayag46SsfJesOGmygBcAFv33w3a1iENHniyki5OcDdoad05vM_Gwhy1s2waBWmysrhk2UFAGUlU0xefbV0p8i_9c4pfxRTQLYXyxBwCNO1VuAxqTw4KeFnq78w3tACVzBvgtNfZ-Y3moA4xqNZyD65VeC69VwCcYWPKqJYaTrRfCZbcZXeS5Q0W07lDMtAVdak5-kG2u2Bm-Hguvwv1PnodDHIfIoMjIut3qEue464flrogSLw8UjGYM8gKBHH2dkzzH_OQyDLI1e66oEhRYGGxIrsDVJaerMsK4kDQZ9JOPfd-ZyGngoJAsrlfwyOD_2kRRCBl5iF3RHbgHczz9gJ7iLGGEcUKLTW6fMYPTv8qOmmO4FtNdApSly1YfoKnVwKtQuRaGmf-Y5YtLUXmTw88utGupycVHeGhdqBdediuzUNlS1pl3e0jWyIqW8hpE4ogmH0P1OPGO9Vv3FXSoc18fYIXbhdm0aqEWGIQIdDWMgDgrulxzjeTWo7WcceH2HCJQegBNSPlnnkHhng9ZOAvhTSsYYjeKLrRqykHQa1br8RDqxxlP0_JqmKwTLN0HP9IkN1sSS_Tje_21bOrOdKlqwxA6BI5z4wgtpRRFFYuqqcGFyTY1vupIcu1rsxOGZZ4d3B_DnjURFAwSRdKCvlj-_lBW3AHrTYU6TZzsC_P1m4n9goOUQAXneRWVj-yjhyG47uIsOSHrJ1wJyR3NVZk2mSJLtEDMHdB-9KlZHMb9eu6cRj4bB27tfWQ227F75mqsZ3Ym4Q4MyuLKfKGcce9ZhI-3g9HVD7pLUeXeOW7shkkS4gYEg-LGyQvyp3GolqfXr7HJ6L5NLPi1xSQjnR9oaOqZtt7qj8ZcqSqq051ZsD0B2tjM-9_fxrwb1BXUcrjvaIFY9dYIgqpi4QKDP2Cm6-JpTtcWYNQxaN9QHK_JMz24DwvYDkX3144GSVf0Fxbf_VqVi-kW_nsLnksUtkG7nOmr-hBhSEpXe8m3zg8kS9Xnw5QGWeQKl5ZsRX3XCqAluV3S7JBcXvCvY_t5CAo6zPFyVSqT7P3Q4KY00tJ2qKm7Rs8h3LOFpH5ldUSXY3y7KBIvn8YBqODAsEfyxoFtlYvQ&cid=CAASEuRo9CN8R5PSbmKQ6OgO_3Bbcg&sdkv=h.3.450.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&u_so=l&ctv=0&sdki=44d&adk=1644027974&sdk_apis=2%2C8&sid=C0B0C5FA-00DB-4896-9DFC-C4C63CE333AA&eid=44726389%2C44729226%2C668123728&url=https%3A%2F%2Fwww.123greetings.com%2F%3F%253futm_source%3Dimg1%26utm_medium%3Dnewsletter%26utm_campaign%3DApr21_nl_wk2&dt=1618002306793&ged=ve4_td2_tt1_pd2_la2000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_ts1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
64.233.184.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f154.1e100.net
Software
cafe /
Resource Hash
25d169dfd9c3d0ebbd3e5c52fcb4a55b668d731bb0631a68a2c735bf9398c799
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12331
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 16E7 		0
45 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knassp8j&c=58532083923&slotId=29266041961.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
49
r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/acao,ctier,expire,id,ip,ipbits,i...
4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3A43DF7FCC80D58EE4F734CE75193C62EA251EA3.290B67662166D6454513E517BD0384DA889EF60C/key/cms1/cms_redirect/yes/mh/HP/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1618002022/mv/m/mvi/4/pl/49?cpn=y9sWExivgaXClGCP&file=file.mp4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:4c::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 21:05:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Jan 2021 11:11:04 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-5230699/5230700
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
5230700
Expires
Fri, 09 Apr 2021 21:05:06 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:06 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3A43DF7FCC80D58EE4F734CE75193C62EA251EA3.290B67662166D6454513E517BD0384DA889EF60C/key/cms1/cms_redirect/yes/mh/HP/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1618002022/mv/m/mvi/4/pl/49?cpn=y9sWExivgaXClGCP&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
677
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4B4A 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knasspgz&c=58532083923&slotId=29266041961.5&qqid=CJfY4KWI8u8CFQ3hGwod_JoBUw&gqid=gsFwYL65F9SGlgSNmZ-4Cg&fb=ima-html5&sdkv=h.3.450.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44726389%2C44729226%2C668123728&vmfc=17&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 4B4A 		42 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CR8uhgsFwYJePGY3Cb_y1hpgFvMTfomG5_6_eqQ2m_tT_ix8QASDc3M57YPWVzoHgBKABrJzD5AHIAQWpAoGKgnl1I7I-qAMByAMTmAQAqgTTAU_QtK982bPgvKdsWY1t0fztjorsF0UvrvMTZ_T0Sf1NdN7odwIxkh6flt4KYW-xAADJhpDI8i6RoVBrsl0JKswxol4Z7T49lF_hLzNF-qdMARP9_C6AVNvKfJ1jBuAKeJlPlpEtSgpTEm4N0DKpncCaTRdK-B0lzxnlVah2J6GwE4803__OH4LP0uud_3A7_2qYm_n1PXgGiot0e0SUrdHzqS85LTeBt_pjwecYliXarxHV6JNHKka4xqWoITAvoDpNVCvkY-PJEbshEPIOLLn-iq3ABI2s6LWoA-AEA4gFqICHuC2QBgGgBk6AB7zjvJsCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNDM0MTQ5ODA1MTEwNTc4NIAKA5gLAcgLAYAMAbAT8NGQC8gTxN2xCdATANgTCogUBdgUBA&sigh=ZtuGxuSvefY&label=show_ad&acvw=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:06 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 4B4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CWnWsgsFwYJePGY3Cb_y1hpgFvMTfomG5_6_eqQ2m_tT_ix8QASDc3M57YPWVzoHgBKABrJzD5AHIAQWpAoGKgnl1I7I-qAMByAMTmAQAqgTQAU_QtK982bPgvKdsWY1t0fztjorsF0UvrvMTZ_T0Sf1NdN7odwIxkh6flt4KYW-xAADJhpDI8i6RoVBrsl0JKswxol4Z7T49lF_hLzNF-qdMARP9_C6AVNvKfJ1jBuAKeJlPlpEtSgpTEm4N0DKpncCaTRdK-B0lzxnlVah2J6GwE4803__OH4LP0uud_3A7_2qYm_n1PXgGiot0e0SUrdHzqS85LTeBt_pjwecYliXarxHVsJLlM02CVbI64cDXp8e1HIwITEUlQkf7GA78dqLABI2s6LWoA-AEA4gFqICHuC2SBQYIGxACGAGSBQoIIhADGANI9fp3kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAe847ybAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcA8gcLEMbrgQIYtY-EnAHSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi00MzQxNDk4MDUxMTA1Nzg0gAoDyAsBsBPw0ZALyBPE3bEJ0BMA2BMKiBQF2BQEshcaChgIABIUcHViLTIwMjQ2OTA4MTAzODE2NTQ&sigh=-4d2VN4s3P8&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&cid=CAQSPACNIrLMN4P2UFuTOfbv37ZkJfNLx9fS_EZLDKTcTWuJbSZDuFzEwnkfhHWUM0eVd5U04ugo5BPUGMC8Kw&vt=10
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 6DD3 		0
45 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knassp3u&c=58532083923&slotId=29266041961.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
49
r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/acao,ctier,expire,id,ip,ipbits,i...
4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0ED56E8DE1CD77A3E3BF3984469F95A6ACB916A0.083D151D79081B073C027881D077CA89CBEC9C99/key/cms1/cms_redirect/yes/mh/HP/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1618002022/mv/m/mvi/4/pl/49?cpn=xXHkVTbIkxKmKkSD&file=file.mp4
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:4c::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 11:11:04 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-5230699/5230700
client-protocol
quic
cache-control
private, max-age=86400
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
5230700
expires
Fri, 09 Apr 2021 21:05:07 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:06 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/d943ec3b26567564/itag/344/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3756280268/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0ED56E8DE1CD77A3E3BF3984469F95A6ACB916A0.083D151D79081B073C027881D077CA89CBEC9C99/key/cms1/cms_redirect/yes/mh/HP/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1618002022/mv/m/mvi/4/pl/49?cpn=xXHkVTbIkxKmKkSD&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
677
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 84CB 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CKIR6gsFwYMvED6vJ-war_pGADLzE36Jhuf-v3qkNpv7U_4sfEAEg3NzOe2D1lc6B4ASgAaycw-QByAEFqQKBioJ5dSOyPqgDAcgDE5gEAKoE0wFP0DZeWfCtOTQHT56VoTKjc5ec_6hKj9KfR-yy1TvRWqfFTMI2tC51OURmearJ2DKcJwDwU9m8IdZRA72xRk6zBItXlQzgW9BQxisNEZdveHLyCvUjC7ndeMQH5G2xhU9DvK_GCbGwIlCNi9lkM-gkonNuxHKkrPl61tR_C40OukOQhRPaqIAPBzwJFwqCLwgsdWJk9osZzBOl0-FN6YA5PZtTJR1zehn_yRDv3efAzehgMQYRgp4EuMAlZ4TtJZWk1BSdqGOCcUU_gZTgfybuAk4XwASNrOi1qAPgBAOIBaiAh7gtkAYBoAZOgAe847ybAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgOYCwHICwGADAGwE_DRkAvIE8TdsQnQEwDYEwqIFAXYFAQ&sigh=sI0RDP9uClU&label=video_ad_loaded&acvw=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 84CB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 10:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298148
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 10:15:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 84CB 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 84CB 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv933_35XTZapOpYnMwzaZvhuZVOHacbLifA9vlC-LvslbOJC0nvIj-mZDX79zUMpucRzSUSCUBnP-3sX_VDb5GTJvEHA91qTKfPGlRxF-A6Tfv7bvsqoetag52CIsILGQyIP7520IH98_F4JvXhHa6iAF_Rw9tO-EmsX2d5ggRT-F8XK8fhSyYwO1GXKtat1cpy8Xu9LohnJjGlG7HMmgqEpehbqlp0ppHJuBQIQvmrMuXBeVeVj9vq-_4GlnEOxFqPPy-Klw4J7pzlv88NYEtTvB1g5_ku-iSgGirmn_5trzS4z5comFQP_ZilRcH67quLbPsLHBYIlKnhnZXG3ggQ41nMQ6bzMkByaBBfLzpfDPTiWqmZjqKOAcADURBggYAiZPamaPFo1_UBx5xFILBobN0FWv3ReeYux2a_V6CwAgn9mjA4x8-a07iNFyzZkGvLpa9uR-_b77HvcZN5xSWwaWFLQBGv2QL0pHdB7KnDvs88-eF0XmFDzVA48g5jki3D_Z_7GR2MWsbtboUcERzpUaEQGiSyw0P61dCEQ3gcWMR8gjQMr2ESM25nb2pqlKldkVDV0ThsOu7nq9Yk3R6mT80aGJnfGKfyZ9A5g4jWpjH1YGa2XywjOecgldztSVOL8gryHpBwHMdCxTFPkbIo88HnaQpjDTey5whAK5FJ7p3sD7lcCtHxL__Jk6b8_cFpJrCdVf6Vjv-HW2xGnEL5EkoIPe7XCHGh2jaLkBeUN3KvpqmzZyx9UBMxkngvH6iPYZLZatfYa_H_ENs5Rx8wVSBnKP7LqzoCnZg08Tii48Kv-nXFp5xXBbWQE96BmzzGdpbsVr_WKquT61VOPJXpYqQr0GH9-nJ-gM-ujm9rXjSXUhpLSKpPJdPZ2m2a81iJ9JI-IJHDTady8WFewS6264_ejGft5Vf7F5hFG8dVtkUp3r8gS3Zk_-CY3wxMA9D1626zqT4PzhgNFx1ePfD9I-ErCLhrTxLW7U1KUsumhZOHpsC3gSQL5Avq6Ar__TUBSHM_f4RkmAJEd28W3Pbr27SFIPi5eM0xfw8CXu0Y43EdqjcsSNi_IS2L5nM_uuca9u3GOFT7Qpr0erQcBcIGCkauAhozL6PJAFk3Dp-3OLAWVypNS10ChRcVenS38KFZ9JS7kE0EewHoVRTTA&sai=AMfl-YQsive4svRTk2Qq9HRPsrz5IGxPM1Ad-iTh5kRzs4yQfPnF5erS2TMftfO9pmb0r1cpnzdJwPo9YAxaNQY8vpg6MpawX54x4uxqLvh_faEyIq3sSmnVZ_g3kO2H0R18HnPSRI1Pvtj2hK8IwLpOgmmCfP5UWg&sig=Cg0ArKJSzBGHbhm3AGvAEAE&cry=1&urlfix=1&sdkv=h.3.450.0&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 09 Apr 2021 21:05:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 84CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjOvQEQ3N_hmwIYtY-EnAEgATAB&v=APEucNU-l4fJeBU-uV-ZjqjPO5xZDQj8T9yT-MCCjhn_dLKzw54X0u5yHpGbF5w1HUtm9HdwI9g1xNIqUaHaGO7V5sDSIPqJOg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 84CB 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CKIR6gsFwYMvED6vJ-war_pGADLzE36Jhuf-v3qkNpv7U_4sfEAEg3NzOe2D1lc6B4ASgAaycw-QByAEFqQKBioJ5dSOyPqgDAcgDE5gEAKoE0wFP0DZeWfCtOTQHT56VoTKjc5ec_6hKj9KfR-yy1TvRWqfFTMI2tC51OURmearJ2DKcJwDwU9m8IdZRA72xRk6zBItXlQzgW9BQxisNEZdveHLyCvUjC7ndeMQH5G2xhU9DvK_GCbGwIlCNi9lkM-gkonNuxHKkrPl61tR_C40OukOQhRPaqIAPBzwJFwqCLwgsdWJk9osZzBOl0-FN6YA5PZtTJR1zehn_yRDv3efAzehgMQYRgp4EuMAlZ4TtJZWk1BSdqGOCcUU_gZTgfybuAk4XwASNrOi1qAPgBAOIBaiAh7gtkAYBoAZOgAe847ybAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgOYCwHICwGADAGwE_DRkAvIE8TdsQnQEwDYEwqIFAXYFAQ&sigh=sI0RDP9uClU&label=vast_creativeview&ad_mt=0&acvw=sv%3D893%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1420,310,1758,910%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26is%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D704%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D534881364%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307000%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1618002306842
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8JXrpYjy7wIV9OfmCh1NrAp9EAAYACCO1KJFQhMIy43XpYjy7wIVq-TeCh0rfwTA;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1420,310,1758,910%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26a...
ade.googlesyndication.com/ddm/activity/ Frame 84CB 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8JXrpYjy7wIV9OfmCh1NrAp9EAAYACCO1KJFQhMIy43XpYjy7wIVq-TeCh0rfwTA;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1420,310,1758,910%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D704%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D534881364%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307002%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306842;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 84CB 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEhqwdGhdv_4ox0_LMOp45eRNV9JVAcqoqGUfNKr-lo9Aadw2EQuwzTNTtDGOsOATZbWrx9-8k958kQLYYJqByg5Wh8ZrryfqtQ2bSObFuNaNs-DGV7GHQD4c&sai=AMfl-YT6uwghalVJHeBwosmSRzFCdo60Bq9zdy6SbBlV3DVOCoPsP0yJXzyT0J17CeKppkZkptnY2guI3LitDQ2q7ls7bef_LXs1dTUR1rZLp12o89Rd4wTFn-raz7W5&sig=Cg0ArKJSzB7mVJ-seQUZEAE&cid=CAASEuRoaBkQcoyynQNjZZw--cDdgQ&id=lidarv&acvw=sv%3D893%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1420,310,1758,910%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D704%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D534881364%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307002%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306842&avm=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8JXrpYjy7wIV9OfmCh1NrAp9EAAYACCO1KJFQhMIy43XpYjy7wIVq-TeCh0rfwTA;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1420,310,1758,910%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26am...
ade.googlesyndication.com/ddm/activity/ Frame 84CB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8JXrpYjy7wIV9OfmCh1NrAp9EAAYACCO1KJFQhMIy43XpYjy7wIVq-TeCh0rfwTA;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1420,310,1758,910%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D704%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D534881364%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307004%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306842;dc_rfl=1,https%253A%252F%252Fwww.123greetings.com%252F%253F%25253futm_source%253Dimg1%2526utm_medium%253Dnewsletter%2526utm_campaign%253DApr21_nl_wk2%240;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 84CB 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CKIR6gsFwYMvED6vJ-war_pGADLzE36Jhuf-v3qkNpv7U_4sfEAEg3NzOe2D1lc6B4ASgAaycw-QByAEFqQKBioJ5dSOyPqgDAcgDE5gEAKoE0wFP0DZeWfCtOTQHT56VoTKjc5ec_6hKj9KfR-yy1TvRWqfFTMI2tC51OURmearJ2DKcJwDwU9m8IdZRA72xRk6zBItXlQzgW9BQxisNEZdveHLyCvUjC7ndeMQH5G2xhU9DvK_GCbGwIlCNi9lkM-gkonNuxHKkrPl61tR_C40OukOQhRPaqIAPBzwJFwqCLwgsdWJk9osZzBOl0-FN6YA5PZtTJR1zehn_yRDv3efAzehgMQYRgp4EuMAlZ4TtJZWk1BSdqGOCcUU_gZTgfybuAk4XwASNrOi1qAPgBAOIBaiAh7gtkAYBoAZOgAe847ybAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgOYCwHICwGADAGwE_DRkAvIE8TdsQnQEwDYEwqIFAXYFAQ&sigh=sI0RDP9uClU&label=part2viewed&ad_mt=0&acvw=sv%3D893%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1420,310,1758,910%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D704%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D534881364%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307004%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306842
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8JXrpYjy7wIV9OfmCh1NrAp9EAAYACCO1KJFQhMIy43XpYjy7wIVq-TeCh0rfwTA;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1420,310,1758,910%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26a...
ade.googlesyndication.com/ddm/activity/ Frame 84CB 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8JXrpYjy7wIV9OfmCh1NrAp9EAAYACCO1KJFQhMIy43XpYjy7wIVq-TeCh0rfwTA;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1420,310,1758,910%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D17%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D17%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D17%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D704%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D534881364%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307009%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306842;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 84CB 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CKIR6gsFwYMvED6vJ-war_pGADLzE36Jhuf-v3qkNpv7U_4sfEAEg3NzOe2D1lc6B4ASgAaycw-QByAEFqQKBioJ5dSOyPqgDAcgDE5gEAKoE0wFP0DZeWfCtOTQHT56VoTKjc5ec_6hKj9KfR-yy1TvRWqfFTMI2tC51OURmearJ2DKcJwDwU9m8IdZRA72xRk6zBItXlQzgW9BQxisNEZdveHLyCvUjC7ndeMQH5G2xhU9DvK_GCbGwIlCNi9lkM-gkonNuxHKkrPl61tR_C40OukOQhRPaqIAPBzwJFwqCLwgsdWJk9osZzBOl0-FN6YA5PZtTJR1zehn_yRDv3efAzehgMQYRgp4EuMAlZ4TtJZWk1BSdqGOCcUU_gZTgfybuAk4XwASNrOi1qAPgBAOIBaiAh7gtkAYBoAZOgAe847ybAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIIBwiAYRABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgOYCwHICwGADAGwE_DRkAvIE8TdsQnQEwDYEwqIFAXYFAQ&sigh=sI0RDP9uClU&label=admute&ad_mt=0&acvw=sv%3D893%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1420,310,1758,910%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D17%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D17%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D17%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D704%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D534881364%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307009%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306842
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:07 GMT
content-length
2
content-type
text/plain
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:07 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26879&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-985888694871-020974-015-008521&cha=0.7&cb=98757756381&d9=0000&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26879&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-985888694871-020974-015-008521&cha=0.7&cb=98757756381&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5ec3e3871f5e5c792c20f9f7%7C5e8b3e740cd6ad6132403f66&h=1ed3744a45f690ac4e6a360f5cbd7baa25234822&d9=0000&ad=36&vi=0&ofpr=2.3&imid=bfb2fca8855530fefa2b2f313651e3b5_17231289_36308602&e=impression&cb=1618002305364&ad=36&vi=0&d1=vpaid&fv=3&cb=1618002305368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26879&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-985888694871-020974-015-008521&cha=0.7&cb=98757756381&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5ec3e3871f5e5c792c20f9f7%7C5e8b3e740cd6ad6132403f66&h=1ed3744a45f690ac4e6a360f5cbd7baa25234822&d9=0000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=2.3&imid=bfb2fca8855530fefa2b2f313651e3b5_17231289_36308602&e=start&d1=vpaid&fv=3&cb=1618002305368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
av.png
static.avantisvideo.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.avantisvideo.com/images/av.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 21:05:07 GMT
Last-Modified
Mon, 25 Jan 2021 10:20:27 GMT
Server
AmazonS3
x-amz-request-id
V58NBT9W3D8WR5VM
ETag
"b8ce0fbf2e3e2f4f74cffe16c3b65adf"
Content-Type
image/png
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
1986
x-amz-id-2
TtRC2RP44U+Gl2/qUyhRoENlxJs5wMYUtnROBADENKrjwAaWbDdFz1yMMk99cevOgLO4bJhlbxY=
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame FAE2 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://imasdk.googleapis.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Sat, 03 Apr 2021 16:58:30 GMT
expires
Sun, 03 Apr 2022 16:58:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
533197
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 4B4A 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CR8uhgsFwYJePGY3Cb_y1hpgFvMTfomG5_6_eqQ2m_tT_ix8QASDc3M57YPWVzoHgBKABrJzD5AHIAQWpAoGKgnl1I7I-qAMByAMTmAQAqgTTAU_QtK982bPgvKdsWY1t0fztjorsF0UvrvMTZ_T0Sf1NdN7odwIxkh6flt4KYW-xAADJhpDI8i6RoVBrsl0JKswxol4Z7T49lF_hLzNF-qdMARP9_C6AVNvKfJ1jBuAKeJlPlpEtSgpTEm4N0DKpncCaTRdK-B0lzxnlVah2J6GwE4803__OH4LP0uud_3A7_2qYm_n1PXgGiot0e0SUrdHzqS85LTeBt_pjwecYliXarxHV6JNHKka4xqWoITAvoDpNVCvkY-PJEbshEPIOLLn-iq3ABI2s6LWoA-AEA4gFqICHuC2QBgGgBk6AB7zjvJsCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNDM0MTQ5ODA1MTEwNTc4NIAKA5gLAcgLAYAMAbAT8NGQC8gTxN2xCdATANgTCogUBdgUBA&sigh=ZtuGxuSvefY&label=video_ad_loaded&acvw=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 4B4A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 10:15:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
298148
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Apr 2022 10:15:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B4A 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4B4A 		0
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuF2fhimviEvC1y_AJsdjQ0qehKa4QIsSIW8y5aBvDqjcrIjCuX-8zMWIIswXcXZb7F0n-kZfTL7_--uQTHVK7hlkV_uvFA00TY_ChQ3s6e8TZFs0jpg9bvf4V9p3ewXBuoAvEmXGyhhn7anM9YuaFtnQz_Sbof8Zgx3iPgYZruVfDl-8KCdgJhBiQ0rYtRokJQm3SQ5TXejXPJgFt8IjYx3fLViPSJQuhqrsh3_OcK2KiGQEXn_AWeE8G4H5lFhd1qJE1WfMGXMSVo2hAxK_SdwT0rQxeCivX9hVeTP0qgDP-QuhtWwnFnpY_NDMEwOHc8JMPoHar-6M4XhGwuSAc1yoLEB1koayY4O8YXt833KrOGrF2vRwKnR3NZx07AGifyYM5MfHQgTFbryKlpVd1BDUFSGa5DIoGg_A-e-ZgASFO1DqVWaOnMbEv5xr2-MpFMBtHlv8ZayLcyiQzv8gdpTjEzPU3N7Kny5UMyEEVfC-D_r1anHWAlppYN-Lp5ZReeh-LQV6R8mzgRa25PS5_BL8JBlhnPoo30IxsFr1-cEdETYuPX0EyIPIEWa0QFWQEE2JSlfGGVhSn-yMI4r65IJjm29OzGKKQU02xbCoIgoM9Uj-qpQE-cr1BpiVvD0NdLuLSt7jQBMGz4x00wQS44rexdMmpStKQ56iBmuUpcSob29fgx8OUVdLQfjyci27vGrrwfq8ca1ENd2kM9eY60oC7mfb-JJy6829rgwNMrLLuxMGf2cBNaUaMrDGyydQmrdaHrQp9lsZPTXIa0LKGbpxmrmZ5IQC_rd98aseMEGlM5y6U5bm3gTVli1ZP5Q82kPQJ3vuiJ8nYEQZBt_2IcZjcF041u7TzD7Ouk8BC9ADrkyZdBDZ_HZHYQF4peZEL9D7pRN1EI2zATdPxzvtCPtpp-789ZAxIwjbWx5W4Bd3sM_gGXhLur2FHwSWsryplk7KpDguH4IrnVQ1HBUe8K1J2m-_VBAFodG5H1oh9m776SwicKWwBLkTW4UedbwZqkv68OzID59xHKLm8SSLJvQozLIn-Dh8SzY5DakFxwjZPV0-J6lvVLY_nUvwvUAZjxCDmzyyQKnj8Szod_9Z5_EchUjAkGDP7jrQU3hPQF_6HMderYkd88RUoXjAfrwg68t3Cq_xFRUGpWKAnn&sai=AMfl-YRaVLEO6ki3MU_BHQTYT3OndVkPzL5LfqNVTItbGQRJFwVNpWJzljkiD_EGtDnklxWNFLVfT5WCWQLVdPaNUis1tXBIf4S93jC9XmIWUQjg-01QgPKbUmW5emfZhIIXV55JFfOqZmz0Q-29Zi3-AYoLC4YL7A&sig=Cg0ArKJSzFwsaTrGrls7EAE&cry=1&urlfix=1&sdkv=h.3.450.0&adurl=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 09 Apr 2021 21:05:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4B4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMjOvQEQ3N_hmwIYtY-EnAEgATAB&v=APEucNU4GQrohh8bhSGyhUdFqd_DPcZapfPhAni2y75gm3aapv06W2hXcabBWTNPyFSvECp6nXgDcQ2ZLgOegcHZwnS3rHp79A
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 4B4A 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CR8uhgsFwYJePGY3Cb_y1hpgFvMTfomG5_6_eqQ2m_tT_ix8QASDc3M57YPWVzoHgBKABrJzD5AHIAQWpAoGKgnl1I7I-qAMByAMTmAQAqgTTAU_QtK982bPgvKdsWY1t0fztjorsF0UvrvMTZ_T0Sf1NdN7odwIxkh6flt4KYW-xAADJhpDI8i6RoVBrsl0JKswxol4Z7T49lF_hLzNF-qdMARP9_C6AVNvKfJ1jBuAKeJlPlpEtSgpTEm4N0DKpncCaTRdK-B0lzxnlVah2J6GwE4803__OH4LP0uud_3A7_2qYm_n1PXgGiot0e0SUrdHzqS85LTeBt_pjwecYliXarxHV6JNHKka4xqWoITAvoDpNVCvkY-PJEbshEPIOLLn-iq3ABI2s6LWoA-AEA4gFqICHuC2QBgGgBk6AB7zjvJsCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNDM0MTQ5ODA1MTEwNTc4NIAKA5gLAcgLAYAMAbAT8NGQC8gTxN2xCdATANgTCogUBdgUBA&sigh=ZtuGxuSvefY&label=vast_creativeview&ad_mt=0&acvw=sv%3D893%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26is%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D923%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D449318739%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307144%26pngs%3D9,14,15%26veid%3Dumt%3A0,xdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1618002306956
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIy937pYjy7wIVSs7eCh2g0gBkEAAYACCO1KJFQhMIl9jgpYjy7wIVDeEbCh38mgFT;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%2...
ade.googlesyndication.com/ddm/activity/ Frame 4B4A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIy937pYjy7wIVSs7eCh2g0gBkEAAYACCO1KJFQhMIl9jgpYjy7wIVDeEbCh38mgFT;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D923%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D449318739%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307145%26pngs%3D9,14,15%26veid%3Dumt%3A0,xdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306956;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B4A 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH6nQZPnzYVOnslhU46jE0yIQboTS3Shc6qxV-YQR8WPv7JOH5ugfj4zcGgcpBryV4AkAA3DxsIvlDL6r9iIqsABLqj0EKWfAXaq-qqw0irNcboEIKSywgxy4&sai=AMfl-YTLodc24FspYo83Rml9sn1d6ILkU7zuqDra9XP_zagP1n6sbRA_dETDN83s4gRpM-oirbfpo5pvw0Meehs-fFExLjv6FnvHIP2i2lY6qyxDsULyfeyaWSFwEwO3&sig=Cg0ArKJSzFPWECfaLPsUEAE&cid=CAASEuRo9CN8R5PSbmKQ6OgO_3Bbcg&id=lidarv&acvw=sv%3D893%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D923%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D449318739%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307145%26pngs%3D9,14,15%26veid%3Dumt%3A0,xdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306956&avm=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIy937pYjy7wIVSs7eCh2g0gBkEAAYACCO1KJFQhMIl9jgpYjy7wIVDeEbCh38mgFT;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26...
ade.googlesyndication.com/ddm/activity/ Frame 4B4A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIy937pYjy7wIVSs7eCh2g0gBkEAAYACCO1KJFQhMIl9jgpYjy7wIVDeEbCh38mgFT;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D923%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D449318739%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307147%26pngs%3D9,14,15s%26veid%3Dumt%3A0,xdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306956;dc_rfl=1,https%253A%252F%252Fwww.123greetings.com%252F%253F%25253futm_source%253Dimg1%2526utm_medium%253Dnewsletter%2526utm_campaign%253DApr21_nl_wk2%240;ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 4B4A 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CR8uhgsFwYJePGY3Cb_y1hpgFvMTfomG5_6_eqQ2m_tT_ix8QASDc3M57YPWVzoHgBKABrJzD5AHIAQWpAoGKgnl1I7I-qAMByAMTmAQAqgTTAU_QtK982bPgvKdsWY1t0fztjorsF0UvrvMTZ_T0Sf1NdN7odwIxkh6flt4KYW-xAADJhpDI8i6RoVBrsl0JKswxol4Z7T49lF_hLzNF-qdMARP9_C6AVNvKfJ1jBuAKeJlPlpEtSgpTEm4N0DKpncCaTRdK-B0lzxnlVah2J6GwE4803__OH4LP0uud_3A7_2qYm_n1PXgGiot0e0SUrdHzqS85LTeBt_pjwecYliXarxHV6JNHKka4xqWoITAvoDpNVCvkY-PJEbshEPIOLLn-iq3ABI2s6LWoA-AEA4gFqICHuC2QBgGgBk6AB7zjvJsCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNDM0MTQ5ODA1MTEwNTc4NIAKA5gLAcgLAYAMAbAT8NGQC8gTxN2xCdATANgTCogUBdgUBA&sigh=ZtuGxuSvefY&label=part2viewed&ad_mt=0&acvw=sv%3D893%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D923%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D449318739%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307147%26pngs%3D9,14,15s%26veid%3Dumt%3A0,xdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306956
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIy937pYjy7wIVSs7eCh2g0gBkEAAYACCO1KJFQhMIl9jgpYjy7wIVDeEbCh38mgFT;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,18%26mtos%3D0,0,0,0,18...
ade.googlesyndication.com/ddm/activity/ Frame 4B4A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIy937pYjy7wIVSs7eCh2g0gBkEAAYACCO1KJFQhMIl9jgpYjy7wIVDeEbCh38mgFT;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,18%26mtos%3D0,0,0,0,18%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D18%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D18%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D18%26is%3D274%26i0%3D274%26ic%3D4096%26cs%3D4370%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D923%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D449318739%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307151%26pngs%3D9,14,15s%26veid%3Dumt%3A0,xdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,18;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306956;ecn1=1;etm1=0;eid1=16;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 4B4A 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CR8uhgsFwYJePGY3Cb_y1hpgFvMTfomG5_6_eqQ2m_tT_ix8QASDc3M57YPWVzoHgBKABrJzD5AHIAQWpAoGKgnl1I7I-qAMByAMTmAQAqgTTAU_QtK982bPgvKdsWY1t0fztjorsF0UvrvMTZ_T0Sf1NdN7odwIxkh6flt4KYW-xAADJhpDI8i6RoVBrsl0JKswxol4Z7T49lF_hLzNF-qdMARP9_C6AVNvKfJ1jBuAKeJlPlpEtSgpTEm4N0DKpncCaTRdK-B0lzxnlVah2J6GwE4803__OH4LP0uud_3A7_2qYm_n1PXgGiot0e0SUrdHzqS85LTeBt_pjwecYliXarxHV6JNHKka4xqWoITAvoDpNVCvkY-PJEbshEPIOLLn-iq3ABI2s6LWoA-AEA4gFqICHuC2QBgGgBk6AB7zjvJsCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNDM0MTQ5ODA1MTEwNTc4NIAKA5gLAcgLAYAMAbAT8NGQC8gTxN2xCdATANgTCogUBdgUBA&sigh=ZtuGxuSvefY&label=admute&ad_mt=0&acvw=sv%3D893%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,18%26mtos%3D0,0,0,0,18%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D18%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D18%26pst%3D-1%26dur%3D36138%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D18%26is%3D274%26i0%3D274%26ic%3D4096%26cs%3D4370%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D923%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D0,0,0,0,1%26avms%3Dexc%26qi%3D449318739%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1618002307151%26pngs%3D9,14,15s%26veid%3Dumt%3A0,xdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,18&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1618002306956
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame FAE2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 14:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
22513
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Sat, 09 Apr 2022 14:49:54 GMT
csi
csi.gstatic.com/ Frame 4B4A 		0
21 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knassq5u&c=58532083923&slotId=29266041961.5&qqid=CJfY4KWI8u8CFQ3hGwod_JoBUw&gqid=gsFwYL65F9SGlgSNmZ-4Cg&fb=ima-html5&sdkv=h.3.450.0&mrd=4&aab=1&itv=1&gpm_i=17&gpm_c=17&gpm_a=14&smb=1000&br=962&mt=video%2Fmp4&vs=640x360&webm=3&vp9=0&vamt=video%2F3gpp%2Cvideo%2F3gpp%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Capplication%2Fx-mpegurl&hvmf=false&vms=1&bit=344&vsrc=doubleclick_dmm
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:07 GMT
content-length
2
content-type
text/plain
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.214.163.233 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-214-163-233.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:07 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26875&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-974353354871-020252-006-006895&cha=0.05&cb=36305306971&d9=0000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 09 Apr 2021 21:05:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26875&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-974353354871-020252-006-006895&cha=0.05&cb=36305306971&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=5ba4a8f046bd8ae57bbed75096ef5ff22c4ba2d3&d9=0000&ad=36&vi=0&ofpr=2.3&imid=a781052f81cee37517e7eadb4b61f7be_172312413_37323078&e=impression&cb=1618002305279&ad=36&vi=0&d1=vpaid&fv=3&cb=1618002305284
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26875&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-974353354871-020252-006-006895&cha=0.05&cb=36305306971&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=5ba4a8f046bd8ae57bbed75096ef5ff22c4ba2d3&d9=0000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=2.3&imid=a781052f81cee37517e7eadb4b61f7be_172312413_37323078&e=start&d1=vpaid&fv=3&cb=1618002305284
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:07 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
av.png
static.avantisvideo.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.avantisvideo.com/images/av.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 09 Apr 2021 21:05:07 GMT
Last-Modified
Mon, 25 Jan 2021 10:20:27 GMT
Server
AmazonS3
x-amz-request-id
V58NBT9W3D8WR5VM
ETag
"b8ce0fbf2e3e2f4f74cffe16c3b65adf"
Content-Type
image/png
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
1986
x-amz-id-2
TtRC2RP44U+Gl2/qUyhRoENlxJs5wMYUtnROBADENKrjwAaWbDdFz1yMMk99cevOgLO4bJhlbxY=
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 0A70 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/H0ZEmIz7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://imasdk.googleapis.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Sat, 03 Apr 2021 16:58:30 GMT
expires
Sun, 03 Apr 2022 16:58:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
533197
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csi
csi.gstatic.com/ Frame 84CB 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knassq19&c=58532083923&slotId=29266041961.5&qqid=CMuN16WI8u8CFavk3godK38EwA&gqid=gsFwYLD8Dcz7zAa4toKwBw&fb=ima-html5&sdkv=h.3.450.0&mrd=4&aab=1&itv=1&gpm_i=17&gpm_c=17&gpm_a=14&smb=1000&br=962&mt=video%2Fmp4&vs=640x360&webm=3&vp9=0&vamt=video%2F3gpp%2Cvideo%2F3gpp%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Capplication%2Fx-mpegurl&hvmf=false&vms=1&bit=344&vsrc=doubleclick_dmm
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.450.0_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4009:805::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame 0A70 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 14:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
22513
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Sat, 09 Apr 2022 14:49:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FAE2 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.450.0&bgai=B3fAhgsFwYPDMI_TPmwfN2KroBwAAAAA4AeAEAg&bg=!GBulG1_NAAY56aLOOek7ACkAdvg8WsWjMLRaDNxGlXWNUeSOTxN7ZkjihkyIBoFTqXXBs5oFMSgGzwIAAAFSUgAAAF9oAQeZAlIXoPaWCPCNaKVuHu_viHv1m2wAgoH1T_m0R1tXBi4rpqkUbLchnJO2AB_HZXnRkybvVRgxjmTaI2jxSWm8WN0JjNXV3O1AOSPaAJKnrFX1T1HbIp9nr4g6--3wwodoyC0LMz1rSDGF8Vm4TfFqcYPHwBZmDjy3jxFY-c5URB_J_r68cS5ctXpRtRa8y_JZyMukV42k6d6KrHZUMrST3YriaLM5FU6LRt7mjJUmAfcVt_QBHVqpO31qtjN2tVKOxX7jCrpKioO_4T_A3VO1JIYYS0Ys0UiOtTwa4xkiP2EoLLdO4_KSLTYaiYliXycQYRRB53CK6v7M9hQb908v0yEI-D9-sS4iztJvIv1WV00kqN53q-o6REvc-e3ddFLJyWnrLBqe0uFrtMKDOUtwirpgrxVheLuSloTlhzbwNHt1Yc2o213jAn0GEBvpI1AmriGshdlJZ-P2zM5o042z9vOdTw4jxf_X5aAg3XF5Ss4QLbGbRR-4zaL78Ey8lziI1xWT5GeAsiyW68JJAfTOj_Oauax8dnsIW7saULmLUwsLi9Hrd-dHQnYkuwryk9gAMzMa3ouCKdASycf4xh0I8O1oK3dh5HBFu2VoNpz-WEmbNb6j3Wrz6OGccFuqzy-CTA2n-SgbX1CDNBk7RhEDbdxvOuZ0Mt0zXMU3QGkj2dPiG4JbTeog_27OP0LpLY70cksZVK05dW0Mx0IMgXBv26gaNCYQcGNYy1pSd06ECNdDZViVELaFfrFA5ffehN1Zzq0FPVhTqsh87J1z1CaNReRusDY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A70 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.450.0&bgai=BPJFugsFwYMuUNMqc-wagpYOgBgAAAAA4AeAEAg&bg=!KimlKW3NAAY56aLOOek7ACkAdvg8Wt9bUmNSd-n-2CGGyi8uvbtsNEC6qksMyv9OX6wGSJs4qFcFAwIAAAFSUgAAAG1oAQcKAATlur1nmQJEU-PPAvK3uZjEb94_KRnIMseHQ05iLzGxqM3Rh1gdDiIWCvj0R74jNO4yezakAp4aLohHilaV9i4gMXu-NCbt7AmGvby56BUsWXZHzjQxvr43WJ9aKMDzGcN9RIffukP_PbZRGMClWfegcJy02u31XKndz7p33aDQ7GMOyov0KDf3VPFBT2ibtGSD8E5K5fLsI47aSak9mqO6aF0D2Sm7xr-hOV_3y0EeWSkodwLrf5FzmBG-bqz6B0kJnUv0rCyk3oWhQO3aYWsSRExq_NO4hYWIb4656sfHZpJLlXu2lwAIXQbmjg6MKoy9TFXioBDYET36yLqN6FkoC8wkneljhaT3HCyHADBLia1q0AVSWC2DfnQFoKYICRByzNuuy8mnPEcIR_J2eulbmg37Qw3ut9MaeqAn6GH1d7QBjg3aa63YGLH-UBA_-RAjt0bMtSJbyMYQr5kNpvmNKoY7C8qUAFqCmqcdh4bVQTGATR1zQcdFWajvGjj9FSSB9Jecwf1sqeSO3LFbFwIgeGzl4UtLEElTY_iCcjlG8fp8mUOjcFnX-0h__gukP63dAMZn-50BdettHL2mYNPi7zp9NmwjrkkFaLvft9VvwoWw9iSI7dP0D38lCRy7ifTDFN_Djd2F7MQsED1ju7nK8mJ4tmOnR9O95eFDnG4gMANmLpCXVBSEOhkzazNWR-hX7rK5PhOrpOXfOujRqJuup9kt1GPxW5WISIJJNWsdLi4moc5VJKs7z3D4YaQ2BdDWHHQISXL-9eHNXQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26875&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-974353354871-020252-006-006895&cha=0.05&cb=36305306971&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=5ba4a8f046bd8ae57bbed75096ef5ff22c4ba2d3&d9=0000&ad=36&vi=100&ofpr=2.3&imid=a781052f81cee37517e7eadb4b61f7be_172312413_37323078&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1618002305284
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
dc_oe=ChMIy937pYjy7wIVSs7eCh2g0gBkEAAYACCO1KJFQhMIl9jgpYjy7wIVDeEbCh38mgFT;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1419,647,0,261,521%26mtos%3D1419...
ade.googlesyndication.com/ddm/activity/ Frame 4B4A 		42 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIy937pYjy7wIVSs7eCh2g0gBkEAAYACCO1KJFQhMIl9jgpYjy7wIVDeEbCh38mgFT;met=1;acvw=sv%3D893%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1419,647,0,261,521%26mtos%3D1419,2066,2066,2327,2848%26amtos%3D0,0,0,0,0%26mcvt%3D2066%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2848%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D594%26pst%3D521%26dur%3D36138%26vmtime%3D2708%26dtos%3D2066%26dtoss%3D1%26dvs%3D2066%26dfvs%3D1419%26dvpt%3D2830%26is%3D275%26i0%3D274%26ic%3D1%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D923%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D8,3,0,1,2%26avms%3Dexc%26qi%3D449318739%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D1618002309981%26pngs%3D9,14,15s%26veid%3Dumt%3A0,xdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2848;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1618002306956;ecn1=1;etm1=0;eid1=200000;
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B4A 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstH6nQZPnzYVOnslhU46jE0yIQboTS3Shc6qxV-YQR8WPv7JOH5ugfj4zcGgcpBryV4AkAA3DxsIvlDL6r9iIqsABLqj0EKWfAXaq-qqw0irNcboEIKSywgxy4&sai=AMfl-YTLodc24FspYo83Rml9sn1d6ILkU7zuqDra9XP_zagP1n6sbRA_dETDN83s4gRpM-oirbfpo5pvw0Meehs-fFExLjv6FnvHIP2i2lY6qyxDsULyfeyaWSFwEwO3&sig=Cg0ArKJSzFPWECfaLPsUEAE&cid=CAASEuRo9CN8R5PSbmKQ6OgO_3Bbcg&id=lidarv&acvw=sv%3D893%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1419,647,0,261,521%26mtos%3D1419,2066,2066,2327,2848%26amtos%3D0,0,0,0,0%26mcvt%3D2066%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2848%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D594%26pst%3D521%26dur%3D36138%26vmtime%3D2708%26dtos%3D2066%26dtoss%3D1%26dvs%3D2066%26dfvs%3D1419%26dvpt%3D2830%26is%3D275%26i0%3D274%26ic%3D1%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D923%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D8,3,0,1,2%26avms%3Dexc%26qi%3D449318739%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D1618002309981%26pngs%3D9,14,15s%26veid%3Dumt%3A0,xdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2848&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1618002306956
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26879&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-985888694871-020974-015-008521&cha=0.7&cb=98757756381&d9=0000&AV_WIDTH=600&AV_HEIGHT=338&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5ec3e3871f5e5c792c20f9f7%7C5e8b3e740cd6ad6132403f66&h=1ed3744a45f690ac4e6a360f5cbd7baa25234822&d9=0000&ad=36&vi=0&ofpr=2.3&imid=bfb2fca8855530fefa2b2f313651e3b5_17231289_36308602&e=sec3&vi=0&d1=vpaid&fv=3&cb=1618002305368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CH&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=26875&t=1618002303&cip=185.236.201.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1618002303888-974353354871-020252-006-006895&cha=0.05&cb=36305306971&d9=0000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=5ba4a8f046bd8ae57bbed75096ef5ff22c4ba2d3&d9=0000&ad=36&vi=100&ofpr=2.3&imid=a781052f81cee37517e7eadb4b61f7be_172312413_37323078&e=sec3&vi=100&d1=vpaid&fv=3&cb=1618002305284
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.206.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-206-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:05:10 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
dc_oe=ChMIwM70oojy7wIV_4WDBx2vbA39EAAYACCX7qU9QhMIq-K5oojy7wIVLeG7CB2PLQ0N;met=1;&timestamp=1618002311501;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 37EA 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIwM70oojy7wIV_4WDBx2vbA39EAAYACCX7qU9QhMIq-K5oojy7wIVLeG7CB2PLQ0N;met=1;&timestamp=1618002311501;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMImuL0oojy7wIVEIWDBx16aQZYEAAYACCX7qU9QhMIquK5oojy7wIVLeG7CB2PLQ0N;met=1;&timestamp=1618002311561;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 4C17 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImuL0oojy7wIVEIWDBx16aQZYEAAYACCX7qU9QhMIquK5oojy7wIVLeG7CB2PLQ0N;met=1;&timestamp=1618002311561;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIy7D4oojy7wIVZRWLCh32owddEAAYACCX7qU9QhMIqeK5oojy7wIVLeG7CB2PLQ0N;met=1;&timestamp=1618002311619;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9625 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIy7D4oojy7wIVZRWLCh32owddEAAYACCX7qU9QhMIqeK5oojy7wIVLeG7CB2PLQ0N;met=1;&timestamp=1618002311619;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Apr 2021 21:05:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

413 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| swfobject number| showmore_time number| showmore_time1 object| pos_arr number| start_x string| user_server_IP object| aImages string| base_url string| base_url_new string| loginpop_url boolean| tellafrnd_flag string| cardcustommusic object| extraopts string| studio_mus string| logged_in_id string| logged_in_email string| logged_in_name function| checkEmail_site function| setCookie function| getCookie function| setSessCokieNew function| getSessCokieNew function| getCardType function| isIE function| detectIE object| googletag function| NewDFPADCode function| PreRollAd function| embed_flash function| load_json function| loadTopNav function| showMore function| closeMore function| clearCloseMore function| showMore1 function| closeMore1 function| clearCloseMore1 object| CardRating function| showViews function| showSent object| CardRelevency object| CardTags function| Tab123 function| blankOnFocus number| nl_timer object| nl_vars function| nl_email_validate function| nl_setTypo function| preload function| addthis_click function| showSearchTagClouds_New function| showSearchTagClouds function| showCardsTagClouds function| showCardsTagClouds_new function| showYouTubeCard function| embedswf_swfobject function| show_embed function| makeCopy function| setCookie_new function| showPreview_new function| showQuickSend function| quick_send function| LoadMusic_New function| changeAudioMusic undefined| v_api undefined| a_api function| Load_Video_Card function| video_callback function| Remove_Video_Card function| Remove_Audio_Card function| changeMusic boolean| mopTipFlag boolean| openMopTip undefined| mopTipW undefined| mopTipH string| mopTipID object| mopTipFunc undefined| mopTipPin undefined| mopTipContent number| mopTipTime object| contact_arr object| contact_email_arr number| is_photocard function| showHideComments function| sendFeedback function| unescapeHtml function| get_evcal function| set_evcal function| setUserPref function| getUserPref function| setSessCokie function| getSessCokie function| addCommas function| selectMusic string| mus_vol function| PlayMusic function| StopMusic function| SetMusic function| GetMusic function| showcard_takeover function| shareFriends_init function| showFriendsAddr function| showLoginBar function| showLoginSignupPopup function| loadConfigData function| SetAsBookmark function| showHPCustomBlocks function| getUsrCountry function| loadCustomMusic_Studio function| LoadHeaderMenu function| socialMediaShowHide function| ShowMantle function| getCookieConsent function| showSpecialExitAd function| CheckAD_Blocker function| Show_Animation function| ShowSearchAutoCom function| getInternetExplorerVersion number| start_y function| HP_init function| clearCloseMore_new1 function| closeMore_new1 function| showMore_new1 function| clearCloseMore_new function| closeMore_new function| showMore_new function| v function| w function| smus function| tmus function| play function| LoadMusic function| LoadMultipleMusic object| a object| b object| c object| d object| f object| g object| h number| player string| defaultmus string| agt boolean| ie boolean| win object| mt string| nse string| p string| n string| cat_q1 string| sub_cat_q1 object| params function| gtag object| dataLayer number| offset object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| timer object| email_uid function| showBoxContent function| getHappyBirthdaySubCat function| getAnniversarySubCatNew function| getHappyBirthdaySubCatNew function| showCardData function| showPreviewCardData function| showFbUserData function| checkDate function| fillDay function| fillMonth function| fillYear function| fillFullDay function| fillFullMonth function| getStatusCodes function| Show_Contact function| Add_Contact function| Edit_Contact function| Delete_Contact function| Import_Contact function| Do_Signup function| Do_Login function| Do_Logout function| Do_ForgotPwd function| Check_Login function| Validate_Login function| SetTypoVal function| Validate_Signup function| Validate_Newpwd object| allcontacts_arr object| allfriends_arr object| allpendingfrnd object| allmutualfriends object| all_imcontacts object| all_friendsactivity object| all_myactivity object| all_artists object| connect_data function| Show_Allcontacts function| Show_Allfriends function| Show_Pending_Frnd function| Show_MyFriends function| Show_MutualFriends function| Show_MyActivity_New function| Show_FriendsActivity_New function| Add_NewContact function| Edit_NewContact function| Edit_RemiderContact function| Delete_NewContact function| Delete_ContactNew function| Pending_FrndReq function| Pending_FrndReq1 function| Get_MutualFrnd function| Confirm_Email function| Confirm_Email_MyPage function| ChangePic function| ChangePicMyPage function| ImportContact object| filterArr function| Filter_Contact object| all_birthdays function| Show_Birthdays function| getFullDate object| all_reminders function| ShowReminder function| ShowReminderPrint function| SaveBdayReminder function| SaveAnnivReminder function| getSelectionText function| selectElementText function| copySelectionText function| AddtoSendCard object| eventids object| allevents_arr object| addevents_ids object| delevents_ids object| delidsarr boolean| isMyEventsCalled function| events_init function| events_init_mypage function| getMyEvents function| Show_MyEvents function| Filter_Event function| Add_Event function| Delete_Event function| SaveEventReminder function| Show_Artists function| Delete_Artist function| Follow_Artist function| Follow_Artist_Mypage function| Show_FollowArtist function| ChangeTemplate function| SetPreview function| ShowFriendList function| AddFriendManually function| fillTime function| fillHours function| fillMinutes function| SetHiddenVars function| AddCalendar function| ShowInviteeInfo function| DeleteInvite function| SetJoiningOpt function| SaveRespond function| SaveInvite function| Validate_AcctSettings function| Validate_AcctSettings_MyPage function| AddNewFamilyMemberRow function| Validate_FamilyMember_MyPage function| SetTypoValFamilyMemberMyPage function| Validate_MarriedFamilyMember_MyPage function| SetTypoValMarriedFamilyMemberMyPage function| AddNewFriend function| Validate_NewFriend_MyPage function| Validate_Event_Reminder function| Validate_ProfileSettings function| AddNewFamilyMemberRowSettings function| AddNewMarriedFamilyMemberRowSettings function| Validate_FamilyMember_SettingPage function| SetTypoValMarriedFamilyMemberSettingsPage function| Validate_AddReminder_Manually function| Add_New_Reminder function| Validate_Manual_Contact function| SetTypoValManualContact function| init_scheduled_card function| Validate_AddReminder_Logout function| Validate_AddReminder_Login function| Validate_AddFriendsReminder_Logout function| Validate_AddFriendsReminder_Login function| Validate_ChangeMindReminder_Logout function| scrollToAnchor function| dropDownMonthDayChanged object| track_dataarr_received function| callAjaxMyPage function| SaveNewPassword function| SaveBdaySettings function| SaveAnniversarySettings function| SaveEventSettings function| SaveFollowUpdatesSettings function| SavePrivacySettings function| SaveNewEmailAddress function| ResendEmailVerification function| RemoveSecondaryEmail function| UpdatePrimaryCommEmail function| SaveFBConnectSettings function| Do_Blockuser function| Show_Paging function| Show_Paging_New function| DoExtra function| ConnectBlocks_in123g function| CallPlugin_api function| connect_blocks function| Show_ImportfrmCookie function| Show_EmptyAddrBook function| Show_PendingFrndReq function| TimestamptoDays function| showDateTxt function| Show_Thank_DeliveryDtl function| showContactsInvites object| bubble_data function| getServPath function| getCrossDomainMsgPost function| showNotificationCounts function| connectNotification_init object| sendCardData object| recvCardData undefined| sendCardDataCount undefined| recvCardDataCount function| showRecvdCards function| showSntCards function| showMyecardsSuggessions function| showUpBdays function| showBdayReminder function| showUpEvents function| showEventReminder function| showSuggessions function| ShowEventsCards function| connectWithFacebook function| LinkAuthed function| DelinkFB function| InviteFrnd function| InviteFB_Friends object| ggeac object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData object| config_data object| jQuery182020576389686300867 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| isopen boolean| flag object| boxFunc object| google_image_requests object| avntsWebpackJsonp number| avnts_player function| avPlayer object| storageAni number| google_global_correlator object| closure_lm_252008 object| closure_lm_832500 object| closure_lm_538742 object| closure_lm_629348 object| closure_lm_45813 object| closure_lm_876850 object| closure_lm_437387 object| closure_lm_165639

5 Cookies

Domain/Path Name / Value
.123greetings.com/ Name: _gat_gtag_UA_5085183_1
Value: 1
www.123greetings.com/ Name: config_data
Value: CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=1
.123greetings.com/ Name: _gid
Value: GA1.2.546187674.1618002299
.123greetings.com/ Name: _ga
Value: GA1.2.1023543622.1618002299
.123greetings.com/ Name: utm_source
Value: img1

3 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.123greetings.com/?%3futm_source=img1&utm_medium=newsletter&utm_campaign=Apr21_nl_wk2
console-api debug URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32)
Message:
a: 0.002197265625 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
avm.avantisvideo.com
bid.g.doubleclick.net
c.123g.us
cdn.ampproject.org
cdn.avantisvideo.com
cdn1.avantisvideo.com
cm.g.doubleclick.net
csi.gstatic.com
d0cfea0b38eb331a6d1c0c737cffff1f.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
events.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.123g.us
i.ytimg.com
ib.adnxs.com
imasdk.googleapis.com
m.123greetings.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
play.aniview.com
player.aniview.com
pubads.g.doubleclick.net
r4---sn-4g5e6nzs.c.2mdn.net
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.avantisvideo.com
stats.g.doubleclick.net
sync.aniview.com
tpc.googlesyndication.com
track1.aniview.com
trkn.us
us-u.openx.net
www.123greetings.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.jpada.com
x.123g.us
104.76.200.247
142.250.185.130
142.250.185.162
142.250.185.66
142.250.74.194
184.72.245.68
184.73.249.63
185.94.180.123
2.16.107.18
216.58.212.162
2607:f8b0:4009:805::2003
2a00:1450:4001:4c::9
2a00:1450:4001:800::2001
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2016
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:400c:c1b::9c
2a02:26f0:10c:48b::2c79
2a02:26f0:6c00::210:ba12
34.206.12.133
34.251.107.229
35.170.116.13
35.171.145.49
35.244.159.8
37.252.172.38
44.237.126.120
50.16.190.13
54.152.99.44
54.214.163.233
54.234.206.105
54.76.195.29
64.233.184.154
67.27.233.252
67.27.234.124
95.101.27.36
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
053990afd84588bd40110cabf78ad5db3202798ac9a66fe4dc27117443d773a6
0b38fe08394d5e15a3787a62394798973e5731417347035ed5b0086d0cc37bfd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d78f0e275929c1a9f449acaf371294207f532a67d6fcf109cb4385664cec099
0e5c7c8bfba820abfbaef04b4f048d1a7406c8a076a411239aae6fdb5b670b46
1028e6c264ccb5e7a11f656490b6388a0cd366c725dec74a5e66d53e51c9735a
10c942c62d32b338b43232032717fd7dde2cb4c8068f7f9ed52ad6145fe38252
1196b4918ac60d8e38f87e90fd90ceafd30e975bad67128e98503150dad8a0f0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
14a6ca7a6745f6b5b674e5af997bb0b477f860115f208076cac9947a1f82facf
19c95d9d46105c9c65f9b2642c5e0ff04ccfcd7cf72aee424db51088e03f74a0
1a7cd92d68c45ddda11b374e08941fc9b4ef428704408dc9de1a10fb7aa40668
1b91d59c4bdd90f11c17f875ae27b15c1efe83d42182702f51570fcc2063fd24
1be60b5a71bfa25af7110940b8d511410b158a723d455f72dd7c4ad89b674d68
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d44594c1739a91182d57a302cf6345f311a73a9dfd2b2a28b6a22d6488f490b
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
22b1c2331651968db0e0de90bc25809a690ef103138c939a59bf050395320d38
25d169dfd9c3d0ebbd3e5c52fcb4a55b668d731bb0631a68a2c735bf9398c799
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a98e591964c7cebda67d7470d2fa3d5d14d44fc22bf452bcb1eaee1e91e0a50
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3af61fbbc448701180217224c95ed0949549e882d8d9a2322b598fd70bbb4b3f
3d814ed0ad4f0f11374df1807a971c63a1c5b32269ec9b0a0935975a2fa93145
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038
41702ab238d3d687e2eca61ed3d5a4aa04262f0d815ed2bf155a47d88c82c548
4545946e62b8e831756006b646fbf7e97b5fb8b85e52b625bdcc8b5d83745eb2
47304303f0ca316cbe5c65701d18d346647a6249f86ee84e399e641efab9acfc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53c9ef3f3a5198a1fdf077272b946d1dfab0f836f49c5cd27c01fcd190c5ecf6
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
601b6089c539aff226f8978d0ad7c90efc412d1efe86aa91aece192703faad08
61d6b24d7fcd5cac14f8ac20c5c7abbc9425e6c880e675a3393c618d0eb4e7d5
632ef26ae5fddbaf66f6654d41e70be07225f325e8f2659e226fa1564a15d69f
65928fee7f92926a22e6ac5eab54b535fda42118d7767eea610f86928f6a32df
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b9e530a7d709568315f0d945f2391db61d74b01b23c5faf0432a0d00051be70
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6f38e6fe3de9aa55cd5e979abade60d68e885131107f0b26b4fc9e66f4725fe1
6fa7cc9128819e7ca7402c739772daba7df959fd0ff1e62cd39e6ad73a08f976
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7353d254f9839a38752e417a7d130d5d4d4b987848140de71aa43cb9200d39b9
740805840530fc380a98a616103ec6ac971d77c016b0f4309f6632381a8871fe
74bcb4774171fd12c6b5fc427958839bc2a5287776d2c445dcee84c6e61762f6
7ae9fa1fbc1caad812a3b620f407059e9f071e29025dc32793f390dcf9fc69b4
7bf16b091c6f992f6427231147a5aaee5dd60fb941ea0f05fb784c383ec72b7a
7d686acfc12a44fc472fb2a3c0ff9baa4638ced8f0da5b32f9ae5c15a2611def
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb
85fa671de07a815cbbf410723bfe4f16629310278430ec3334f870074c088712
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8caeb1059ac2c4d2c9b19fca77f965680a7c875362e4321d0473e0ae02ca3a1f
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8f3159a453a23f76ab3e4d9ecaba14486a4390bf88454e7e6cdab50a8cd4f637
8f36de792907cb5860c4b4b732895ae9fff50fa642cc027cac068c5d2106b6c1
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
8fb98d3b3e4b59c071e34ac3743525615c0b4ff1d4677d8730de4ca73cb2becb
92a0d49fe99fd78ef700b38555b1c6c88ae7c628f5f620e6779e948cc735b6d1
95de438f33df29fcc0af2e830df1ef7dd81cfa4ac429736fa770241d76e47b8b
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a962a303befd0ac2d2fcf4761144b74ba8886a185f0a81433ee101aba1ae449c
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ae0ed93adc23fcab05df4accfd8d3f0e6bc9ae9e63cbaadf8d36162317ef2807
af5885715f403edb9be18e3f244de575862229474d957e5bcd75cb5e036bc9ca
aff7f19aec2f8cc735fea9fe810f077c751224ce0b487d77d4ef725cfe4cf481
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a17c32be59cdbe4ce2f2f19dfd21c43098fae1b80370de1d94b9fc744c7d39
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b3467944d5ee4cefef7001118b2a683126bd6a14c3ef8b8f4e3de317d9212298
b5474822f2c0ff20ba41097c37b6f27786fbc9311bf5c42d5ddd6bc8cf4981c9
b64050576e612443e7dbecf837711e846c12c029f41d3de3a6e8cac16ca09037
b7ed87eb3e2363cb3f400e1c0632629b585889681393b452766dce53d5f23f2b
bc542b1a6b82e2ec539fae662e4d5cad3bd8db4f0a2f1d7a28477da16b6c3973
bc6af120d25e80e0b255f9904dd8127248abdcf10a3d83aee74a9a431d2606f8
c1007009952286ca4d5dedf9ec66c3769c45589ac29b42cc9512c3cb766b72d5
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c4d0b25e2cb75fa9cc645c474a57b4328fb9ae377be8f76e58a81a4879f757b0
c5082e7556f08bec08045a276ca40a6d2ee17fa4ce6e87aa4689dd1d373159c5
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c947d4065c3991b929389c0e6a6d0aa40e1c8899b2be0c3210e67bbbbf26cf90
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cba664ede4f6b7e99cbce004e6fa8995fc69477d940a8b830d42c28c172669db
cc52b6f9ccc366389cb97714c5cf72d1f2c9fa1f0a295c9869716b69e6b6d8bd
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1cf61716edef5a3a568306c7ad460ce38511aaade3a138fa8584b9cd8dec630
d3ab39caa3e13dce4db1292f5d99f7aaafc5405ecd8aee36ec2c2e807a77d591
d3f02c00360712f19741829b5db7dc0f8e081bea9713cfa9a3b5d2d09c286bcb
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df593244193c3cf046b26a486cc6d9b03d94406e3ace812307bdc3d9e0e54b9d
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e8723aa4c801d46bb5d8ceb33b4c9c30e89a3224ae57e6d24a7cec8b34794b96
ec04f5116abfd269c31ae2a44429a232d08152968738380158b702b1dca3af84
ed21722adc27b8f2274c4617f5448d1c9312f83accbc9b7be6bd823f2e719cf2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f44665977f5ecc716890ab05d7aa3830c1ee5571da659f6d61422763e7a03952
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f76661d58bf5e79e76039c7b311e08225476eb3457afc673635ec51786fdc0b0
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fb4bd5945ceedfa61085a9645c5e708eea82c796d043dfd8cdb9a5bfb7df50bb
ffe58dae78938ad4e82938fd50ee7de19bdbb144292a7a837cf219f5c51700c5