www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.maqors.com/cgi-bin/click.pl?cid=nl010952202102&lid=206822&uid=203601343
Effective URL:
https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Submission: On September 04 via api (September 4th 2021, 4:28:11 am UTC) from US

Summary HTTP 395 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 52 IPs in 7 countries across 37 domains to perform 395 HTTP transactions. The main IP is 184.72.245.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.

This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.235.95.241 54.235.95.241	14618 (AMAZON-AES) (AMAZON-AES)
1	184.72.245.68 184.72.245.68	14618 (AMAZON-AES) (AMAZON-AES)
21	67.27.234.124 67.27.234.124	3356 (LEVEL3) (LEVEL3)
24	67.27.233.252 67.27.233.252	3356 (LEVEL3) (LEVEL3)
2	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
75	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	54.227.131.5 54.227.131.5	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
27	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
39	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
11	2600:9000:215... 2600:9000:2156:ac00:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3 8	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
5	2600:9000:215... 2600:9000:2156:fe00:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
8	2600:9000:215... 2600:9000:2156:400:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
10	52.34.57.2 52.34.57.2	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28a::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	3.235.208.250 3.235.208.250	14618 (AMAZON-AES) (AMAZON-AES)
2	52.1.46.74 52.1.46.74	14618 (AMAZON-AES) (AMAZON-AES)
3 6	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.196.245.189 34.196.245.189	14618 (AMAZON-AES) (AMAZON-AES)
3	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
3	18.159.16.69 18.159.16.69	16509 (AMAZON-02) (AMAZON-02)
3	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4 18	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
4 4	54.93.162.63 54.93.162.63	16509 (AMAZON-02) (AMAZON-02)
3 7	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
5 5	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 4	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3	2404:6800:400... 2404:6800:4005:804::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400e:2::a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:6a::a	15169 (GOOGLE) (GOOGLE)
2 4	209.54.176.128 209.54.176.128	16509 (AMAZON-02) (AMAZON-02)
4 4	135.125.160.160 135.125.160.160	16276 (OVH) (OVH)
1	38.91.45.7 38.91.45.7	398989 (DEEPINTENT) (DEEPINTENT)
2 3	23.79.154.245 23.79.154.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	52.209.104.25 52.209.104.25	16509 (AMAZON-02) (AMAZON-02)
1	35.241.40.233 35.241.40.233	15169 (GOOGLE) (GOOGLE)
1 1	185.183.112.148 185.183.112.148	60350 (VP) (VP)
1 3	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
7	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
395	52

1 54.235.95.241 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-95-241.compute-1.amazonaws.com

www.maqors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.72.245.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com

www.123greetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 67.27.234.124 (United States)

ASN3356 (LEVEL3, US)

c.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 67.27.233.252 (United States)

ASN3356 (LEVEL3, US)

i.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.227.131.5 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-131-5.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:2156:ac00:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:fe00:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:400:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.34.57.2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-57-2.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 3.235.208.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-235-208-250.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.1.46.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-46-74.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.88 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.196.245.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-245-189.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.124 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.159.16.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.93.162.63 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-162-63.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4005:804::2003 (Central, Hong Kong)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:2::a (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

rr5---sn-5hnekn7k.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:6a::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr5---sn-4g5ednsl.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.176.128 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 135.125.160.160 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.79.154.245 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-154-245.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.104.25 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-104-25.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.183.112.148 (Paris, France) 1 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
110	googlesyndication.com pagead2.googlesyndication.com e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	1 MB
59	doubleclick.net 6 redirects googleads.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net	267 KB
45	123g.us c.123g.us i.123g.us	794 KB
34	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com cdn1.avantisvideo.com avm.avantisvideo.com events1.avantisvideo.com	331 KB
27	aniview.com play.aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	392 KB
22	google.com 3 redirects adservice.google.com www.google.com	4 KB
17	casalemedia.com 4 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	15 KB
14	googletagservices.com www.googletagservices.com	465 KB
13	googleapis.com fonts.googleapis.com imasdk.googleapis.com	2 MB
10	ampproject.org cdn.ampproject.org	203 KB
8	2mdn.net s0.2mdn.net	2 MB
7	yahoo.com 3 redirects ups.analytics.yahoo.com	5 KB
7	advertising.com 4 redirects ads.adaptv.advertising.com pixel.advertising.com	2 KB
6	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com	5 KB
5	google.de adservice.google.de	844 B
4	dyntrk.com 4 redirects gu.dyntrk.com	2 KB
4	amazon-adsystem.com 2 redirects s.amazon-adsystem.com	3 KB
4	adsrvr.org 2 redirects match.adsrvr.org	1 KB
4	indexww.com js-sec.indexww.com	4 KB
4	gstatic.com fonts.gstatic.com csi.gstatic.com	31 KB
4	googleadservices.com partner.googleadservices.com	1 KB
3	owneriq.net 2 redirects px.owneriq.net	1 KB
3	spotxchange.com search.spotxchange.com	3 KB
3	trkn.us 1 redirects trkn.us	3 KB
2	googlevideo.com 1 redirects rr5---sn-5hnekn7k.googlevideo.com rr5---sn-4g5ednsl.googlevideo.com	1 MB
2	everesttech.net 2 redirects sync-tm.everesttech.net	671 B
2	facebook.com 1 redirects www.facebook.com	2 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	69 KB
2	ytimg.com i.ytimg.com	9 KB
1	adotmob.com 1 redirects sync.adotmob.com	689 B
1	brand-display.com dmp.brand-display.com	253 B
1	adroll.com 1 redirects d.adroll.com	112 B
1	deepintent.com match.deepintent.com	44 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	123greetings.com www.123greetings.com	9 KB
1	maqors.com 1 redirects www.maqors.com	314 B
395	37

	Domain	Requested by
61	pagead2.googlesyndication.com	www.123greetings.com pagead2.googlesyndication.com securepubads.g.doubleclick.net e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com srcdoc
39	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com www.123greetings.com e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com cdn.ampproject.org googleads.g.doubleclick.net imasdk.googleapis.com
24	i.123g.us	www.123greetings.com
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com www.123greetings.com googleads.g.doubleclick.net www.googletagservices.com
21	c.123g.us	www.123greetings.com c.123g.us
17	track1.aniview.com	player.aniview.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.123greetings.com
14	www.googletagservices.com	c.123g.us pagead2.googlesyndication.com securepubads.g.doubleclick.net e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com googleads.g.doubleclick.net
12	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
11	www.google.com	3 redirects tpc.googlesyndication.com www.123greetings.com e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com googleads.g.doubleclick.net
11	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
10	events1.avantisvideo.com	cdn.avantisvideo.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
8	dsum-sec.casalemedia.com	2 redirects ssum-sec.casalemedia.com
8	pubads.g.doubleclick.net	imasdk.googleapis.com
8	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
8	s0.2mdn.net	e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com imasdk.googleapis.com
8	cdn.avantisvideo.com	securepubads.g.doubleclick.net cdn.avantisvideo.com
7	ade.googlesyndication.com
7	ups.analytics.yahoo.com	3 redirects ssum-sec.casalemedia.com
6	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com ssum-sec.casalemedia.com
5	cm.g.doubleclick.net	5 redirects
5	player.aniview.com	cdn.avantisvideo.com player.aniview.com
5	static.avantisvideo.com	cdn.avantisvideo.com www.123greetings.com
5	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	gu.dyntrk.com	4 redirects
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
4	pixel.advertising.com	4 redirects
4	js-sec.indexww.com	player.aniview.com ssum-sec.casalemedia.com
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
4	partner.googleadservices.com	pagead2.googlesyndication.com
3	ad.doubleclick.net	1 redirects
3	px.owneriq.net	2 redirects ssum-sec.casalemedia.com
3	csi.gstatic.com	imasdk.googleapis.com
3	htlb.casalemedia.com	player.aniview.com
3	ads.adaptv.advertising.com	player.aniview.com
3	search.spotxchange.com	player.aniview.com
3	ib.adnxs.com	player.aniview.com
3	secure.adnxs.com	3 redirects
3	cdn1.avantisvideo.com	cdn.avantisvideo.com
3	e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	trkn.us	1 redirects www.123greetings.com
2	sync-tm.everesttech.net	2 redirects
2	sync.aniview.com	player.aniview.com
2	go1.aniview.com	player.aniview.com
2	www.facebook.com	1 redirects connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	www.123greetings.com connect.facebook.net
2	i.ytimg.com	www.123greetings.com
1	sync.adotmob.com	1 redirects
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	d.adroll.com	1 redirects
1	match.deepintent.com	ssum-sec.casalemedia.com
1	rr5---sn-4g5ednsl.googlevideo.com
1	rr5---sn-5hnekn7k.googlevideo.com	1 redirects
1	play.aniview.com	cdn.avantisvideo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.123greetings.com
1	www.123greetings.com
1	www.maqors.com	1 redirects
395	63

This site contains links to these domains. Also see Links.

Domain
studio.123greetings.com
itunes.apple.com
play.google.com
nl.123greetings.com
www.addthis.com
info.123greetings.com
blog.123greetings.com
widgets.123greetings.com
help.123greetings.com

Subject Issuer	Validity	Valid
*.123greetings.com Go Daddy Secure Certificate Authority - G2	`2020-04-29` - `2022-04-29`	2 years	crt.sh
*.123g.us Go Daddy Secure Certificate Authority - G2	`2021-08-11` - `2022-09-12`	a year	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-06-14` - `2021-09-12`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2021-01-19` - `2022-02-20`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.avantisvideo.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-17` - `2021-10-26`	2 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-01-29` - `2022-02-02`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh

This page contains 63 frames:

Primary Page: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Frame ID: 8CE2C1FCF7B32FDB223CE9EA0A8AFD16
Requests: 124 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html
Frame ID: 312436FB96D0A1D4A944CAD4BBD2C0BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1630726591&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729672788&bpp=3&bdt=326&idt=83&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8470767941255&frm=20&pv=2&ga_vid=829018337.1630729673&ga_sid=1630729673&ga_hid=342726312&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C21066435%2C31062297%2C31062093&oid=3&pvsid=2172006518661525&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=106
Frame ID: AB7E7ED18A83F251A6C95C6D9B57267A
Requests: 1 HTTP requests in this frame

Frame: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60D96D4CE74570B828E246AC0064109D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3aa0a177fb5a3c%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff28aba999cf311%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320
Frame ID: F4F523437AA0566BF4EC54F0B6EDE04C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C164E08E5B50B5D23E2272D5497A2BAD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F1741E2CFA8239FB104AD8D2A496850
Requests: 1 HTTP requests in this frame

Frame: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 711760DFEC7D278BFA56373BD9E69D1C
Requests: 15 HTTP requests in this frame

Frame: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2B609F4413B240EA0D20F6DAC5E5588F
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 9B287189838748C11639A5AA3A4B1D30
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 67B9ED7D9F70579FDA47D1EAE4FA1350
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: 405C75438D44BAE73C72AFAE476E3EB3
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs
Frame ID: 10D7901667DE735595631A913EAF8932
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2CA4D9CC1C76828E84B759F4F7D45B75
Requests: 13 HTTP requests in this frame

Frame: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Frame ID: 36DD1455405B90D802F7B704307810F3
Requests: 9 HTTP requests in this frame

Frame: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Frame ID: DB70535F92ED65A6D30632A490B64956
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhimyMehATAB&v=APEucNVkvECNttS6nkiIYE0rTvtgTw04e-xBmWf5cQKQDehw9GWm5vf8XQfj3t45_Zvr0wW6zOWjVGlTIZiL2azXJ8UXOEp9bg
Frame ID: 0B7E2A2EB7DAEAFDFB62254D8F78E76A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD_0OkBGIqD76MBMAE&v=APEucNXpvkAcY6c5YuszPFxwA-CRIPh0EjOZOr640f7nHm_CyJ5L1eWKVjZ3C74EP-Mt9xl2_2lyluTXuzpaIS0rTf5Pws3vJw
Frame ID: 2F4C90D0EFEE2A832080FA9ED463CA85
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=816031646&pi=t.ma~as.1176616588&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673881&bpp=15&bdt=109&idt=262&shv=r20210831&mjsv=m202108240201&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=2&ga_vid=690623086.1630729674&ga_sid=1630729674&ga_hid=202956110&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=2262215379&scr_x=0&scr_y=0&eid=31062388%2C31062297&oid=3&pvsid=1724332846867215&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6c8wcwrqeye7&fsb=1&dtd=284
Frame ID: 73A824A52782E5D335D15B5142EDC9F5
Requests: 11 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 2087C405C798CCE22C516C25A6235209
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: E19D6C220AEB4BAA545DAF877FEF4F06
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530243&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673927&bpp=10&bdt=149&idt=264&shv=r20210831&mjsv=m202109010101&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=1&ga_vid=1287187888.1630729674&ga_sid=1630729674&ga_hid=70758983&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1873&biw=1600&bih=1200&isw=300&ish=250&ifk=2425728672&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3704028310640407&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b9p82kmszpio&btvi=1&fsb=1&dtd=277
Frame ID: 9C26C984E51C56D014B9E681C55C06C0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530254&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673957&bpp=7&bdt=161&idt=258&shv=r20210831&mjsv=m202109010101&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=1&ga_vid=2118872761.1630729674&ga_sid=1630729674&ga_hid=189062493&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2725&biw=1600&bih=1200&isw=728&ish=90&ifk=821144746&scr_x=0&scr_y=0&eid=31062297%2C31062094&oid=3&pvsid=2386615321560936&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.i9nblqn2zjsl&btvi=1&fsb=1&dtd=272
Frame ID: 58183C3600CB033CFCD6063894BAC93C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 72D94FF64AFC9DD1154C0F7D1450214D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8EC2A9C3AA5790B37DE9168951BC7509
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6DCEC6AD8419F2520F3C0F5E13D1E2A5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B7366648792B62E050A1C22672AFCE1D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9AC63176777405AF3AF074031BCC2000
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 04EE4585BC7371633E2105D90C1FA276
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Frame ID: 6CE027801FB67318E9883487064329F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js
Frame ID: 4B48075A92D7041BC9428FB7E595ADF5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 078ECF0804C35710D20FCD56ECE3A57A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFFEBE1CB8C4E17D956859E59F18C2D1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 99E0D5347ACA4C89D8BA467C5386F645
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 149D3005C0BC834FDC4B54077D9ED571
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 5ABB6F1662858985F0DDC49115D8DCE6
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: CA3A81AFA9CBD30F5F0C1C8E52D1582A
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: 520F5DC4C34D5F6936E5A96C1A74AC12
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1630729676418-932538396603-007976-002-004453&biddername=55&key=8774370042371763753
Frame ID: 8062F046A84CAB8EBC6D75C442D5456B
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1630729676042-919282496603-008207-007-001317&biddername=55&key=8774370042371763753
Frame ID: AB184843F3C27244641E27308FB7AF9F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 12751AC2A72D1E9C5C2CF991AFC6B411
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: AFFF4B2E4E062E443C87EBAE72707970
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Frame ID: E18E7C72480C856F26EB268FD1B5CCCC
Requests: 41 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Frame ID: A9CD1262BF30180A45414A1ED056079E
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E6A027F7F84EBD5DF99C568E3E673EF9
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 00CD73D097DC73E3814AEC21F20FB3A5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8E0C980D83E00027767F14620E1C2CD8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5C269405DEE06310B6BD4092A72F9305
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Frame ID: EEB662C33DE054A2B24C4DCB1F7C6FFE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Frame ID: B9DC458D129D3805591F3CA54F43D2DF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 375794A84218D4A92122EDB0412BEC75
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A3534D520498B78AC8E8553A3B2BBB6C
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8BB957041818166B1A3F281736D98253
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C514BD10CFC1F4BD7A8320911570ECBD
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 90CF1EB51D92ECEEBDE5364171A48BD4
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 07FCB995E554821BAF2B70E950F0B0EE
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: DFD7651024728D782D8F1A865A412FF2
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FC23E0EC0783309DE97F5843A4115A26
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Frame ID: 747F99FDE6E320D5D8CC7722D262775E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 6DBCA71EE1CC96006EE3747A1409D670
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Frame ID: F6AF0C204B2CC893E649B4E6BC23C693
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2DBFD24C2EBCD9B536DC5BA40847E219
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A9845BBD65F0328CD490D15C287F1F8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Teddy Bear Day Cards, Free Teddy Bear Day Wishes, Greeting Cards | 123 Greetings

Page URL History Show full URLs

http://www.maqors.com/cgi-bin/click.pl?cid=nl010952202102&lid=206822&uid=203601343 HTTP 302
https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=... Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

395
Requests

100 %
HTTPS

49 %
IPv6

37
Domains

63
Subdomains

52
IPs

7
Countries

8873 kB
Transfer

18830 kB
Size

7
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://studio.123greetings.com/
Title: Studio

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/in/app/123greetings/id718873921?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.g123

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/blog/
Title: Editor Bob's Blog

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/company/pressroom/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://blog.123greetings.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://widgets.123greetings.com/
Title: Widgets

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/tell-a-friend
Title: Recommend Us

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/contact_us.html
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.maqors.com/cgi-bin/click.pl?cid=nl010952202102&lid=206822&uid=203601343 HTTP 302
https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2983251427.184923&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&dvis=visible HTTP 302
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2983251427.184923&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&dvis=visible&ip=159.48.55.4&cuidchk=1

Request Chain 70

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3aa0a177fb5a3c%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff28aba999cf311%26relation%3Dparent.parent&container_width=320&height=287&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2F123GreetingsCom&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=true&width=320 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3aa0a177fb5a3c%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff28aba999cf311%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 213

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 217

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 263

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1630729676418-932538396603-007976-002-004453%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1630729676418-932538396603-007976-002-004453%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1630729676418-932538396603-007976-002-004453&biddername=55&key=8774370042371763753

Request Chain 271

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1630729676042-919282496603-008207-007-001317%26biddername%3D55%26key%3D%24UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1630729676042-919282496603-008207-007-001317&biddername=55&key=8774370042371763753

Request Chain 305

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YTL1zQAEPaI3PwAC HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YTL1zQAEPaI3PwAC&_origin=0&gdpr=0&gdpr_consent=&_test=YTL1zQAEPaI3PwAC HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YTL1zQAEPaI3PwAC&_origin=0&gdpr=0&gdpr_consent=&_test=YTL1zQAEPaI3PwAC&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YTL1zQAEPaI3PwAC&_origin=0&gdpr=0&gdpr_consent=&_test=YTL1zQAEPaI3PwAC&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec&verify=true

Request Chain 306

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3YWVjNTFkYS0wZDM4LTExZWMtOGYxNy0wMjgzNzMwZTI3ZWM%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEJSFkadUAFAuMsEjDKJwdfA&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJSFkadUAFAuMsEjDKJwdfA&google_cver=1&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec

Request Chain 307

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=c2783d87-968c-411c-8372-9db753403315&_origin=1&gdpr=1&gdpr_consent=

Request Chain 322

https://rr5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1630758477&ei=zfUyYbTBJs-k1gLMj7uICA&ip=159.48.55.4&id=04dee240511b65c4&itag=22&source=youtube&requiressl=yes&mh=bg&mm=31&mn=sn-5hnekn7k&ms=au&mv=m&mvi=5&pl=25&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.054&lmt=1630686056042680&mt=1630729488&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgLxH2Tuyrv6tmmekxFMCkTXqwXg0JoQuyWCP6iHSL8YgCIFB0PcAjg-jgEuUTD0BCHiCBjQd9R8xUWiWFy7F4rEmD&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAK2ZgFFbW6WUnucKsXjvfj8w1Ch7DVn7JQjUh_zR_rgaAiEA--yhSNPaTI4ZQ96840z5kdaQJOHTQTxmZ1si_GuHbq8=&cpn=vLbDNoFP9hH7qGfe HTTP 302
https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1630758477&ei=zfUyYbTBJs-k1gLMj7uICA&ip=159.48.55.4&id=04dee240511b65c4&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.054&lmt=1630686056042680&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgLxH2Tuyrv6tmmekxFMCkTXqwXg0JoQuyWCP6iHSL8YgCIFB0PcAjg-jgEuUTD0BCHiCBjQd9R8xUWiWFy7F4rEmD&cpn=vLbDNoFP9hH7qGfe&redirect_counter=1&rm=sn-5hneld76&req_id=4b2e96a881c636e2&cms_redirect=yes&ipbypass=yes&mh=bg&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5ednsl&ms=au&mt=1630729488&mv=m&mvi=5&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgRKmVzoeQN_7cY50QapMlNHp6Li2mCAtA_TPCnmouAxQCIQDaeNo0QfbrtJhx9vsCssX_EF6LVRCSPW2M1LKEMNK87w%3D%3D

Request Chain 324

https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 325

https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 334

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YTL1zSjYt0I.gB3a8GtbXQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4l-EjrZNhokKqyKBctFzU&google_cver=1&gdpr=1&google_hm=2

Request Chain 336

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YTL1zSjYt0I-gB3a8GtbXAAABIsAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIezuahmOmgt8_TyrEV4h5I&google_cver=1

Request Chain 337

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXAAABIsAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXAAABIsAAAAB&dcc=t

Request Chain 338

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 341

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6840160781666244914&uid=Q6840160781666244914&ref=%2Feucm%2Fp%2Fcc HTTP 302
https://px.owneriq.net/noop?ct=image%2Fgif

Request Chain 344

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YTL1zSjYt0I-gB3a8GtbXQAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIezuahmOmgt8_TyrEV4h5I&google_cver=1

Request Chain 345

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXQAABHYAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXQAABHYAAAAB&dcc=t

Request Chain 347

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YTL1zSjYt0I.gB3a8GtbXQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4l-EjrZNhokKqyKBctFzU&google_cver=1&gdpr=1&google_hm=2

Request Chain 348

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 350

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06ab2204079c70ca725196e5&expiration=[EXPIRATION]&gdpr=1

Request Chain 351

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

Request Chain 355

https://ad.doubleclick.net/ddm/trackimp/N1018932.3545954DV36012/B26055166.307433118;dc_trk_aid=500286583;dc_trk_cid=153506821;ord=535323665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1018932.3545954DV36012/B26055166.307433118;dc_pre=CMKdx7m95PICFd7juwgdFFQPfw;dc_trk_aid=500286583;dc_trk_cid=153506821;ord=535323665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

395 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.123greetings.com/events/teddy_bear_day/
Redirect Chain

http://www.maqors.com/cgi-bin/click.pl?cid=nl010952202102&lid=206822&uid=203601343
https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

34 KB
9 KB

524ms
210ms

Document
text/html

184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

a2a89ce9e38e4fe4b9caf2ca725576fd755097fbda47179b2369271cd691846b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.123greetings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:27:52 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8259
Connection: close
Cache-Control: max-age=900
Content-Encoding: gzip
ETag: "87a9-5cb231f2eadc0"
Last-Modified: Sat, 04 Sep 2021 03:36:31 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
x-frame-options: SAMEORIGIN
Expires: Sat, 04 Sep 2021 04:42:52 GMT
Age: 0
Accept-Ranges: bytes
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

Redirect headers

Content-Type: text/html; charset=iso-8859-1
Date: Sat, 04 Sep 2021 04:27:51 GMT
Location: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Server: Apache/2.2.15 (CentOS)
Content-Length: 393
Connection: keep-alive

GET
H/1.1 200
OK sub_categories_R1.css
c.123g.us/css/ 9 KB
3 KB 109ms
27ms Stylesheet
text/css 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/sub_categories_R1.css
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0596974ea0a4aa88cce0d0683b3af837fb80d633788395a98723d319f39c8de4

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 15 Aug 2021 11:31:12 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 11:23:06 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1702600
ETag: "225f-571586732da80"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2397
jake_test: Test_Pass
Expires: Tue, 17 Aug 2021 07:18:01 GMT

GET
H/1.1 200
OK 337353_th.gif
i.123g.us/c/esep_teddybearday/th/ 8 KB
8 KB 137ms
27ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_teddybearday/th/337353_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2d3b2e22d70008bb3169f94e559402dea13c50bbafe6326abf99b87855476d63

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 15 Aug 2021 02:54:15 GMT
Last-Modified: Wed, 30 Jan 2019 08:35:06 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1733617
ETag: "1f8a-580a8c9706280"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8074
jake_test: Test_Pass
Expires: Mon, 30 Aug 2021 08:15:40 GMT

GET
H/1.1 200
OK 103377_th.gif
i.123g.us/c/esep_teddybearday/th/ 7 KB
7 KB 135ms
29ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_teddybearday/th/103377_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3d1069fbf31ff9fc80f2b1fdcc55f1cbb574e3f24ef46dcda23ab3dc96383b7c

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 22:35:26 GMT
Last-Modified: Mon, 24 Feb 2014 09:45:20 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1144346
ETag: "1bab-4f323d46a8c00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7083
jake_test: Test_Pass
Expires: Wed, 25 Aug 2021 10:11:42 GMT

GET
H/1.1 200
OK 335449_th.jpg
i.123g.us/c/esep_teddybearday/th/ 6 KB
6 KB 134ms
28ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_teddybearday/th/335449_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bdaf76e731501c265355ceb0a5d876fc2f3026860658752bb23dab7183f95c2c

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 09:00:22 GMT
Last-Modified: Fri, 07 Sep 2018 12:17:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2316450
ETag: "1665-57546fc809900"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5733
jake_test: Test_Pass
Expires: Sun, 08 Aug 2021 09:15:22 GMT

GET
H/1.1 200
OK 340250_th.jpg
i.123g.us/c/esep_teddybearday/th/ 8 KB
8 KB 134ms
28ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_teddybearday/th/340250_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 734916dd2274c2a453b0153da2cfa97a176ca0cabdf6bb0c9bff7a4a27d71b63

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 05 Aug 2021 17:29:41 GMT
Last-Modified: Mon, 02 Sep 2019 10:08:41 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2545091
ETag: "1fc4-5918f28001c40"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8132
jake_test: Test_Pass
Expires: Fri, 13 Aug 2021 04:29:27 GMT

GET
H/1.1 200
OK 330575_th.jpg
i.123g.us/c/esep_teddybearday/th/ 4 KB
4 KB 136ms
30ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_teddybearday/th/330575_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 72ab9d3d6e9dfa553ef2f8d32ed0e0d1d0d5ae732f96d23949edd896c3749c6b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 16 Aug 2021 15:40:54 GMT
Last-Modified: Thu, 07 Sep 2017 14:02:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1601218
ETag: "f48-55899e91102c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3912
jake_test: Test_Pass
Expires: Mon, 23 Aug 2021 13:05:44 GMT

GET
H/1.1 200
OK 342130_th.jpg
i.123g.us/c/esep_teddybearday/th/ 8 KB
8 KB 49ms
28ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_teddybearday/th/342130_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 07a30bec2509a7e82bdfa701d2968dcb0d8daaee6db5a8ee7ddc2816a4b7af25

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 18:32:51 GMT
Last-Modified: Fri, 07 Feb 2020 09:37:11 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1331701
ETag: "1f50-59df922463fc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8016
jake_test: Test_Pass
Expires: Thu, 26 Aug 2021 17:11:25 GMT

GET
H/1.1 200
OK 103381_th.gif
i.123g.us/c/esep_teddybearday/th/ 8 KB
8 KB 32ms
29ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_teddybearday/th/103381_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f9d3489d449d8a660f12f3040b6678e5ae0206fbaeb35df49c47b7c3fe0df3ab

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 02 Sep 2021 17:06:13 GMT
Last-Modified: Mon, 24 Feb 2014 09:45:20 GMT
Server: Apache/2.2.15 (CentOS)
Age: 127299
ETag: "1ff7-4f323d46a8c00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8183
jake_test: Test_Pass
Expires: Thu, 02 Sep 2021 17:21:13 GMT

GET
H/1.1 200
OK 340324_th.gif
i.123g.us/c/esep_teddybearday/th/ 5 KB
6 KB 30ms
28ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_teddybearday/th/340324_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2f63c98f61325998b3ae75aa14a6ab0af5c46ecc0c6a68b4f899ca398b12f50

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 14 Aug 2021 08:43:31 GMT
Last-Modified: Wed, 11 Sep 2019 13:33:51 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1799061
ETag: "15c0-59247124e2dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5568
jake_test: Test_Pass
Expires: Sat, 14 Aug 2021 08:58:31 GMT

GET
H/1.1 200
OK 340299_th.jpg
i.123g.us/c/esep_teddybearday/th/ 8 KB
8 KB 32ms
30ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_teddybearday/th/340299_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 31f2f7a06f6255bde723d3b0e1732860c1194ffe3933143fb408d62577f2ad93

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 21:23:27 GMT
Last-Modified: Fri, 06 Sep 2019 10:24:16 GMT
Server: Apache/2.2.15 (CentOS)
Age: 25465
ETag: "1e70-591dfd7189400"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7792
jake_test: Test_Pass
Expires: Fri, 03 Sep 2021 21:38:27 GMT

GET
H/1.1 200
OK 112623_th.gif
i.123g.us/c/esep_teddybearday/th/ 8 KB
8 KB 31ms
30ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_teddybearday/th/112623_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b4f8f96d9f1763edb767893e20c4c74a9069fee7143d98eb1899cafbad88fd66

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 04:36:56 GMT
Last-Modified: Mon, 24 Feb 2014 09:45:20 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1381856
ETag: "1fba-4f323d46a8c00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8122
jake_test: Test_Pass
Expires: Fri, 27 Aug 2021 16:52:56 GMT

GET
H/1.1 200
OK cal_block2.gif
i.123g.us/images/special_block/ 24 KB
24 KB 54ms
29ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/images/special_block/cal_block2.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21026407398ed753d48cd817a1f47881738ab30f449b90aa3f83d179ff3ed267

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 06:26:44 GMT
Last-Modified: Mon, 05 Jul 2021 06:17:05 GMT
Server: Apache/2.2.15 (CentOS)
Age: 79268
ETag: "5fd2-5c65a4117fa40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24530
jake_test: Test_Pass
Expires: Fri, 03 Sep 2021 06:41:45 GMT

GET
H/1.1 200
OK 333131_ic.gif
i.123g.us/c/birth_happybirthday/ic/ 3 KB
4 KB 32ms
28ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/birth_happybirthday/ic/333131_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0677a3e17670aa44ed3ec4f010d6dfdc869b02f79aec76a79f7de6fcc7679833

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 03:59:46 GMT
Last-Modified: Sat, 17 Feb 2018 06:15:32 GMT
Server: Apache/2.2.15 (CentOS)
Age: 88086
ETag: "d6e-5656263602900"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3438
jake_test: Test_Pass
Expires: Fri, 03 Sep 2021 04:15:04 GMT

GET
H/1.1 200
OK 340306_ic.jpg
i.123g.us/c/esep_roshhashanah_happy/ic/ 2 KB
3 KB 30ms
29ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_roshhashanah_happy/ic/340306_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 8ff93a61ffca62bd50b92cd3d9988832e62634f89a7cbb6fb56625b6a556cd12

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 20:44:18 GMT
Last-Modified: Sat, 07 Sep 2019 06:28:06 GMT
Server: Footprint Distributor V6.1.1162
Age: 287014
ETag: "8fd-591f0a856e980"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2301
jake_test: Test_Pass
Expires: Thu, 02 Sep 2021 08:12:05 GMT

GET
H/1.1 200
OK 105816_ic.gif
i.123g.us/c/esep_roshhashanah_thanku/ic/ 2 KB
3 KB 36ms
35ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_roshhashanah_thanku/ic/105816_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 08d00ff2cce487220599803e146a8e6ec56c64c9e44111d6e4cd259fedb779f3

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 23 Aug 2021 07:18:33 GMT
Last-Modified: Mon, 24 Feb 2014 09:45:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1026559
ETag: "9f7-4f323d49852c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2551
jake_test: Test_Pass
Expires: Thu, 26 Aug 2021 18:58:53 GMT

GET
H/1.1 200
OK 325316_ic.jpg
i.123g.us/c/birth_fun/ic/ 3 KB
3 KB 30ms
29ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/birth_fun/ic/325316_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 14c9fbe3c72b37dee6b92294dd299a1a5ef9e6473921d1077bb6cb81019a353e

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 03 Sep 2021 11:01:50 GMT
Last-Modified: Tue, 30 Aug 2016 07:10:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 62762
ETag: "b21-53b44ae801dc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2849
jake_test: Test_Pass
Expires: Fri, 03 Sep 2021 11:16:51 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/EKQrBURDtQE/ 5 KB
5 KB 27ms
7ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/EKQrBURDtQE/default.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a36d6c6c03c7ba4db1d35c8e00d933fc1ce336cc52bfdf50652134be67d4d759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 03:05:19 GMT
x-content-type-options: nosniff
server: sffe
age: 4953
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4966
x-xss-protection: 0
expires: Sat, 04 Sep 2021 05:05:19 GMT

GET
H/1.1 200
OK 120707_ic.gif
i.123g.us/c/esep_laborday_happy/ic/ 3 KB
3 KB 55ms
31ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_laborday_happy/ic/120707_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: aea7b1303319ccfd89bc9a9770e30917bbe180a40b7db8587e633ac0a065147b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 18:24:30 GMT
Last-Modified: Tue, 20 Aug 2019 13:53:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1937002
ETag: "c43-5908cc6484700"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3139
jake_test: Test_Pass
Expires: Fri, 13 Aug 2021 08:33:01 GMT

GET
H/1.1 200
OK 103105_ic.gif
i.123g.us/c/esep_flowerofthemonth/ic/ 3 KB
3 KB 33ms
27ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_flowerofthemonth/ic/103105_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3644c7d20e5506c54c5b0a56ee92f2346f93263115b1ca259c6138cffeabc6bb

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 29 Aug 2021 23:33:04 GMT
Last-Modified: Wed, 05 Aug 2015 10:55:34 GMT
Server: Apache/2.2.15 (CentOS)
Age: 449688
ETag: "a2b-51c8e3df5b580"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2603
jake_test: Test_Pass
Expires: Mon, 30 Aug 2021 05:55:53 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/2cyY3Z3Pm-U/ 3 KB
3 KB 26ms
8ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/2cyY3Z3Pm-U/default.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce04f68d2b035b6adfab2de7758c64c455c8c2a1db70d0df2f2725ae7c41426d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:26:51 GMT
x-content-type-options: nosniff
server: sffe
age: 61
etag: "1345738479"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3320
x-xss-protection: 0
expires: Sat, 04 Sep 2021 06:26:51 GMT

GET
H/1.1 200
OK 111086_ic.gif
i.123g.us/c/esep_laborday_weekend/ic/ 4 KB
4 KB 32ms
29ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_laborday_weekend/ic/111086_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4859383f77274f674ef678cde3203242dc5fd669c701466e7efc77832cd12ee4

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:15:49 GMT
Last-Modified: Mon, 24 Feb 2014 09:41:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 335523
ETag: "e15-4f323c6873fc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3605
jake_test: Test_Pass
Expires: Thu, 02 Sep 2021 08:02:51 GMT

GET
H/1.1 200
OK 318697_ic.jpg
i.123g.us/c/esep_roshhashanah_family/ic/ 3 KB
3 KB 31ms
29ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_roshhashanah_family/ic/318697_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b0528499b441e38c1df530e872b6674aba3c4c55abcd811d1292bccb4c0bae5a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 14:39:36 GMT
Last-Modified: Fri, 04 Sep 2015 14:43:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1950496
ETag: "b1f-51eecedd7a0c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2847
jake_test: Test_Pass
Expires: Sat, 28 Aug 2021 10:36:56 GMT

GET
H/1.1 200
OK 120028_ic.gif
i.123g.us/c/esep_roshhashanah_friends/ic/ 4 KB
4 KB 29ms
28ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_roshhashanah_friends/ic/120028_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 25e03362f174b3808a73c0cc86e56fb7a13d88b4490709fe7370587651f50b92

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 16:25:44 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 734528
ETag: "e28-4f323d01fea00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3624
jake_test: Test_Pass
Expires: Thu, 26 Aug 2021 16:40:44 GMT

GET
H/1.1 200
OK 103117_ic.gif
i.123g.us/c/esep_nathoneymonth/ic/ 2 KB
3 KB 28ms
28ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_nathoneymonth/ic/103117_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5d64b7235acc0c2316fc199c7d90707105d389eeac3dbc3d49470faa5b2d2dc7

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 17:31:40 GMT
Last-Modified: Wed, 05 Aug 2015 10:55:59 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2199372
ETag: "8f6-51c8e3f732dc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2294
jake_test: Test_Pass
Expires: Wed, 18 Aug 2021 17:47:19 GMT

GET
H/1.1 200
OK 105952_ic.gif
i.123g.us/c/esep_laborday_thanku/ic/ 4 KB
4 KB 28ms
27ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_laborday_thanku/ic/105952_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9775d6c214a05f699701974c19e12cb9d1ac1b6ef9eb815335b22f7276133c1c

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 08:35:38 GMT
Last-Modified: Wed, 05 Aug 2015 11:52:01 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1281134
ETag: "e52-51c8f07d73a40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3666
jake_test: Test_Pass
Expires: Fri, 20 Aug 2021 08:50:38 GMT

GET
H/1.1 200
OK 105807_ic.gif
i.123g.us/c/esep_roshhashanah_shalom/ic/ 4 KB
4 KB 29ms
28ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_roshhashanah_shalom/ic/105807_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b658a8b132845145dbc692bf1d77e8597ef503daae1d1bd918ef590819c9d674

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sun, 08 Aug 2021 16:07:03 GMT
Last-Modified: Wed, 05 Aug 2015 13:54:33 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2290849
ETag: "edc-51c90be0dd840"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3804
jake_test: Test_Pass
Expires: Mon, 23 Aug 2021 14:49:41 GMT

GET
H/1.1 200
OK 335289_ic.jpg
i.123g.us/c/esep_roshhashanah_greetings/ic/ 29 KB
30 KB 28ms
28ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/esep_roshhashanah_greetings/ic/335289_ic.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: bd842cf720db8dd91f5445eb93ca810e2d6fbce902fe76aa648097daebcbf070

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 18:21:38 GMT
Last-Modified: Fri, 24 Aug 2018 10:05:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1159574
ETag: "7551-5742b83128cc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30033
jake_test: Test_Pass
Expires: Wed, 01 Sep 2021 10:22:10 GMT

GET
H/1.1 200
OK jquery-1.11.1.js Show response
c.123g.us/js2/ 94 KB
33 KB 113ms
28ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery-1.11.1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 21:34:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 716030
ETag: "2c463-1762e-54a227db65c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33234
jake_test: Test_Pass

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
c.123g.us/js2/ 7 KB
3 KB 186ms
101ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery-migrate-1.2.1.min.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 21:34:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 716030
ETag: "2c442-1cb3-54a227db65c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3152
jake_test: Test_Pass

GET
H/1.1 200
OK swfobject.js Show response
c.123g.us/js2/ 10 KB
4 KB 112ms
27ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/swfobject.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 18:35:56 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 899516
ETag: "261f-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3868
jake_test: Test_Pass
Expires: Wed, 25 Aug 2021 07:33:04 GMT

GET
H/1.1 200
OK 123g_utils_v1.js Show response
c.123g.us/js2/ 123 KB
30 KB 113ms
28ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_utils_v1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 06 Aug 2021 06:10:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Jun 2021 12:51:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2499413
ETag: "2c3d8-1ed3a-5c3f026148680"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30667
jake_test: Test_Pass

GET
H/1.1 200
OK utilsopt.js Show response
c.123g.us/js2/ 22 KB
7 KB 113ms
28ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/utilsopt.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 18:39:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 10:41:25 GMT
Server: Apache/2.2.15 (CentOS)
Age: 726474
ETag: "57b2-5b3459efc3f40"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6801
jake_test: Test_Pass
Expires: Thu, 26 Aug 2021 18:55:00 GMT

GET
H/1.1 200
OK 123g_subcategory_opt.js Show response
c.123g.us/js2/ 9 KB
3 KB 30ms
29ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_subcategory_opt.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 987a85ec33287307910313fc7b22a8ab6cd0dc24e9fe5945f8a42af4223c1550

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 26 Aug 2021 09:49:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 12:15:33 GMT
Server: Apache/2.2.15 (CentOS)
Age: 758314
ETag: "2c43e-2257-5afe5ec74c340"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2831
jake_test: Test_Pass

GET
H/1.1 200
OK rakpanel.js Show response
c.123g.us/js2/ 3 KB
2 KB 29ms
27ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/rakpanel.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 30 Aug 2021 00:05:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Aug 2018 13:50:01 GMT
Server: Apache/2.2.15 (CentOS)
Age: 447721
ETag: "d4c-57300e747f440"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1626
jake_test: Test_Pass
Expires: Mon, 30 Aug 2021 11:15:29 GMT

GET
H/1.1 200
OK jquery.ajax_autocomplete.js Show response
c.123g.us/js2/ 32 KB
10 KB 30ms
28ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 02:48:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 08:18:53 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1993159
ETag: "7f11-5b19d2e943540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9770
jake_test: Test_Pass
Expires: Thu, 12 Aug 2021 08:00:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 56ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d42551b36f344c14cbab00492d682f78ff716f25436e56f2ec19605017f49071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49509
x-xss-protection: 0
server: cafe
etag: 7468415767210843005
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 04:27:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a037373f80e4a76c30cdb23c1a3246c797bd7c75ff21fbd7fc4105326bc237ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:52 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41196
x-xss-protection: 0
last-modified: Sat, 04 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 04 Sep 2021 04:27:52 GMT

GET
H/1.1 200
OK styleopt_R1.css
c.123g.us/css/ 80 KB
16 KB 28ms
28ms Stylesheet
text/css 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/styleopt_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/sub_categories_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796

Request headers

Referer: https://c.123g.us/css/sub_categories_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 21:40:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 11:38:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 802025
ETag: "13f87-5c3625216f1c0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16152
jake_test: Test_Pass
Expires: Wed, 25 Aug 2021 21:55:55 GMT

GET
H/1.1 200
OK modal_window_R1.css
c.123g.us/css/ 33 KB
7 KB 79ms
73ms Stylesheet
text/css 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/modal_window_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/sub_categories_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Referer: https://c.123g.us/css/sub_categories_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 11 Aug 2021 08:16:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 09:39:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2059895
ETag: "8220-5a7b79d367980"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6727
jake_test: Test_Pass
Expires: Sun, 22 Aug 2021 07:33:17 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73a7582944ea3d2436e48c69e3c095eb97fc14311b107a078ed0ba41c4a34c7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: W3yd+nj9BY2tikga7+6pjQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: LVykdIJVFXItS+gn8XYhddIMjDOy2Lq3+cYA40/qFJsx65jCc11HNuGm8SE2t7AT7z6QAQsMk8/qi05FHiiJ5A==
x-fb-trip-id: 917726464
x-fb-content-md5: 753ce7e9327b19aee0a9f27cf8d2e881
x-frame-options: DENY
date: Sat, 04 Sep 2021 04:27:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "77a10680bab3a594763cff52319d0ddc"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 04 Sep 2021 04:37:09 GMT

GET
H/1.1 200
OK 123g_master_bg.png
c.123g.us/images/ 145 B
501 B 31ms
26ms Image
image/png 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_bg.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 07 Aug 2021 13:30:21 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2386651
ETag: "91-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
jake_test: Test_Pass
Expires: Tue, 17 Aug 2021 21:32:38 GMT

GET
H/1.1 200
OK master_img_menu.png
c.123g.us/images/ 6 KB
6 KB 30ms
27ms Image
image/png 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_img_menu.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 21 Aug 2021 12:06:49 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1182063
ETag: "1861-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6241
jake_test: Test_Pass
Expires: Sat, 21 Aug 2021 12:22:23 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
141 KB 29ms
28ms Image
image/png 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 14:04:28 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1434204
ETag: "230cb-5979e1c4d2cc0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass
Expires: Wed, 18 Aug 2021 14:19:30 GMT

GET
H/1.1 200
OK big_img_sprite.png
c.123g.us/images/ 134 KB
134 KB 28ms
28ms Image
image/png 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/big_img_sprite.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 15:00:08 GMT
Last-Modified: Wed, 11 Sep 2019 08:42:36 GMT
Server: Apache/2.2.15 (CentOS)
Age: 653264
ETag: "9cd35-21653-5924300b6d700"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136787
jake_test: Test_Pass

GET
H/1.1 200
OK master_icon_set_2.png
c.123g.us/images/ 88 KB
88 KB 29ms
28ms Image
image/png 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Mon, 09 Aug 2021 06:34:22 GMT
Last-Modified: Tue, 16 Feb 2021 07:04:35 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2238810
ETag: "15fce-5bb6eb70666c0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90062
jake_test: Test_Pass
Expires: Mon, 09 Aug 2021 06:50:10 GMT

GET
H/1.1 200
OK 123g_master_icon_set_2.png
c.123g.us/images/ 60 KB
61 KB 28ms
28ms Image
image/png 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 12 Aug 2021 11:32:56 GMT
Last-Modified: Tue, 16 Feb 2021 07:04:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1961696
ETag: "9d037-f1d2-5bb6eb68c54c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61906
jake_test: Test_Pass

GET
H/1.1 200
OK request.js Show response
trkn.us/info/ 2 KB
1 KB 430ms
106ms Script
application/javascript 54.227.131.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2983251427.184923

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.227.131.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-227-131-5.compute-1.amazonaws.com

Software

Apache /

Resource Hash

0cf3c727c01b15b57816eb62caae78199b484c0e3bf532a72940fbf4549aa107

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 732
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H/1.1 200
OK addressbook.js Show response
c.123g.us/js2/ 401 KB
76 KB 28ms
27ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/addressbook.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82bd02cee2c77b75a28a94f51c1163035315c09ef8eafe6fa5f79f35b97424e5

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 08:44:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 31 Aug 2021 08:44:13 GMT
Server: Apache/2.2.15 (CentOS)
Age: 330179
ETag: "2c7ab-6427b-5cad6f43cf140"
Vary: Accept-Encoding
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
jake_test: Test_Pass

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 70 KB
25 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33f741884d49aa4540005845acbcfc179b071230ead16ff1f950b0c88e7e184c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "977 / 659 of 1000 / last-modified: 1630707028"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24940
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:52 GMT

GET
H/1.1 200
OK closeBtn_h.png
c.123g.us/images/ 1 KB
1 KB 27ms
27ms Image
image/png 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/closeBtn_h.png
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:17:28 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1278624
ETag: "9cf1d-42a-54a227b6344c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1066
jake_test: Test_Pass

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 227 KB
67 KB 14ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=280bec38d52ecf3209710ba0de9c1a8e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd64252b3cfbe5d390ad0c7313b1fdeffe8eeb394d932ce7b55f950f892b1539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.123greetings.com
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Y6zqJSkJ82Y/N0YKBWUpDw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68285
x-fb-rlafr: 0
x-fb-debug: iWgpftsk7VYPsPRX1EgdjPpH/8acD1bcTwSoxFCy8is2qGqPvxBEBqx9uV1xdazV1LSc8CIjTOZkcooM73HXgQ==
x-fb-content-md5: 03963dbf90327f2a998b0fb7afedeb35
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 04 Sep 2021 04:27:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f4f0f9c49110f789c5f84af8b6c42cc5"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 04 Sep 2022 03:38:59 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ 250 KB
93 KB 50ms
36ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95178
x-xss-protection: 0
server: cafe
etag: 9330497266985682447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 04:27:52 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/ Frame 3124 10 KB
5 KB 7ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210831/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 03 Sep 2021 16:02:37 GMT
expires: Fri, 17 Sep 2021 16:02:37 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 44715
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5752
date: Sat, 04 Sep 2021 02:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 04 Sep 2021 04:52:00 GMT

GET
H2 200 pubads_impl_2021090101.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 96ms
35ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8d9f1e7a5653eade39c663ba7e740f5f8b51fde9a7fcc7e2d59b0338598e5075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Sep 2021 08:42:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119248
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:52 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 414 B
844 B 95ms
35ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e91e7d4b434bf577e8f9f0fef4a45ab94c41fd0493ff9e760bcd398732f6fdc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:52 GMT

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 201 B
466 B 27ms
27ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 05:58:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 944979
ETag: "2c454-c9-54a227db65c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
jake_test: Test_Pass

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
12ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=342726312&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ul=en-us&de=UTF-8&dt=Teddy%20Bear%20Day%20Cards%2C%20Free%20Teddy%20Bear%20Day%20Wishes%2C%20Greeting%20Cards%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=819175845&gjid=2004811687&cid=829018337.1630729673&tid=UA-5085183-1&_gid=1995542822.1630729673&_r=1&gtm=2ou910&z=109003289

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
664 B 95ms
34ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0df444b2019f1ce03bd76009856b8973928a00e590a4de7da6b5465b224b9600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 18ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB7E 0
19 B 79ms
65ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1630726591&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729672788&bpp=3&bdt=326&idt=83&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8470767941255&frm=20&pv=2&ga_vid=829018337.1630729673&ga_sid=1630729673&ga_hid=342726312&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C21066435%2C31062297%2C31062093&oid=3&pvsid=2172006518661525&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=106

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1630726591&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729672788&bpp=3&bdt=326&idt=83&shv=r20210831&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8470767941255&frm=20&pv=2&ga_vid=829018337.1630729673&ga_sid=1630729673&ga_hid=342726312&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C21066435%2C31062297%2C31062093&oid=3&pvsid=2172006518661525&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=106
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Sep 2021 04:27:52 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Sep-2021 04:42:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 04 Sep 2021 04:27:52 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:52 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
88 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-5085183-1&cid=829018337.1630729673&jid=819175845&gjid=2004811687&_gid=1995542822.1630729673&_u=YEBAAUAAAAAAAC~&z=534480049

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 04 Sep 2021 04:27:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 196 KB
34 KB 683ms
649ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2172006518661525&correlator=1951244079854057&output=ldjh&impl=fifs&eid=31062462%2C31062351%2C31062297%2C31062093&vrg=2021090101&ptt=17&sc=1&sfv=1-0-38&ecs=20210904&iu_parts=46400095%2CDesktopWeb_SubCategory_LB%2CDesktopWeb_SubCategory_Mrec%2CDesktopWeb_SubCategory_SecondMrec%2CDesktopWeb_SubCategory_LowerMrec%2CDesktopWeb_SubCategory_BottomLrec%2CDesktopWeb_SubCategory_BottomSecondLrec%2CDesktopWeb_SubCategory_LowerLB%2CDesktopWeb_SubCategory_Video%2CDesktopWeb_SubCategory_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C728x90%7C970x250%2C1x1%2C1x1&cust_params=site%3D123greetings.com%26section%3Desep_teddybearday%26page%3Dsubcategory&cookie=ID%3D458872c4098ffce1-22229dcdeec80099%3AT%3D1630729672%3ART%3D1630729672%3AS%3DALNI_Mbi3kpD-ZhowW-RoUYZqOYNCGBQmQ&bc=31&abxe=1&lmt=1630726591&dt=1630729673034&dlt=1630729672462&idt=545&frm=20&biw=1600&bih=1200&oid=3&adxs=560%2C970%2C970%2C970%2C970%2C970%2C310%2C0%2C320&adys=47%2C236%2C518%2C1873%2C2155%2C2437%2C2725%2C2918%2C1157&adks=3914305483%2C1127719608%2C4293624944%2C3694362538%2C3926068587%2C1178609660%2C2276923048%2C933155397%2C4230775942&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&flash=0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90%7C320x262%7C320x262%7C320x262%7C320x262%7C320x262%7C980x37%7C1600x2898%7C630x0&msz=728x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C980x0%7C1600x0%7C630x0&ga_vid=829018337.1630729673&ga_sid=1630729673&ga_hid=342726312&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C0%2C0%2C0&ohw=728%2C300%2C300%2C300%2C300%2C300%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2ea52239d097b4c56c63e249ca063b930f4f56c06c3face99a59238b77b5a664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35251
x-xss-protection: 0
google-lineitem-id: -1,-1,4675581572,237051735,-1,-1,237051975,5501288042,5461263814
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138233506852,99278132415,-1,-1,99278302815,138326033967,138321279906
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 60D9 6 KB
3 KB 49ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 04 Sep 2021 04:27:53 GMT
expires: Sun, 04 Sep 2022 04:27:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

/
trkn.us/info/
Redirect Chain

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2983251427.184923&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial...
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2983251427.184923&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial...

42 B
780 B

110ms
109ms

Image
image/gif

54.227.131.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2983251427.184923&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&dvis=visible&ip=159.48.55.4&cuidchk=1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.227.131.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-227-131-5.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Sat, 04 Sep 2021 04:27:53 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=2983251427.184923&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&dvis=visible&ip=159.48.55.4&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H3-29

200

/
www.facebook.com/login/ Frame F4F5
Redirect Chain

https://www.facebook.com/v2.4/plugins/page.php?adapt_container_width=true&app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3aa0a177...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%2...

0
0

113ms
113ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3aa0a177fb5a3c%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff28aba999cf311%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=280bec38d52ecf3209710ba0de9c1a8e

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3aa0a177fb5a3c%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff28aba999cf311%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 0YYbnKsxYFYSj/i39xt6TWqasJD/gfLQgMa5C4qhbUcHmCsB0SFqvEwoMteyIX8ydgInXYVavOPCberbP5uc0g==
date: Sat, 04 Sep 2021 04:27:53 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D6268317308%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3aa0a177fb5a3c%2526domain%253Dwww.123greetings.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.123greetings.com%25252Ff28aba999cf311%2526relation%253Dparent.parent%26container_width%3D320%26height%3D287%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F123GreetingsCom%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26small_header%3Dtrue%26width%3D320
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v4.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 5aIHzG2GhrYoYUTg+JwjdLI5wwY0acH76Scr9Od70uXRyaF/bwA75ivX7pxtD8IzjSpGuFiHaP8pP709P6cgTQ==
content-length: 0
date: Sat, 04 Sep 2021 04:27:53 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 33ms
19ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096cc8119b1a9ce89f961459276ef8711dacdb3b3a2d45e20f45d5658731749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8476
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 281ms
260ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C164 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 03 Sep 2021 16:41:00 GMT
expires: Sat, 03 Sep 2022 16:41:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F17 783 B
780 B 16ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3d782c3f7de838e429284d3b51d54265a54b3a5b97d94ee659719df9051370b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-daR85cuBdOgmiHxdDcjRlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 04 Sep 2021 04:27:53 GMT
date: Sat, 04 Sep 2021 04:27:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-daR85cuBdOgmiHxdDcjRlg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7117 6 KB
3 KB 20ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 04 Sep 2021 04:27:53 GMT
expires: Sun, 04 Sep 2022 04:27:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2B60 6 KB
3 KB 16ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sat, 04 Sep 2021 04:27:53 GMT
expires: Sun, 04 Sep 2022 04:27:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 9B28 100 KB
35 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37af42f21ea09e957001348e06d2c85e1caec157ad715c9209a9998044ac48bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36059
x-xss-protection: 0
server: cafe
etag: 3179341780554732889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B28 122 KB
37 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 67B9 99 KB
35 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f38b8c2336c96e72481aae984bb3af88e05e786b06e056c51f610ba93293d702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35542
x-xss-protection: 0
server: cafe
etag: 8783041051664089655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67B9 122 KB
37 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame 405C 188 KB
55 KB 32ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 198768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 21:15:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 21:15:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 405C 13 KB
5 KB 46ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 199677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 405C 89 KB
28 KB 46ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 199677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 405C 4 KB
2 KB 47ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 199677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 405C 40 KB
13 KB 48ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 199677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 405C 5 KB
665 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 04 Sep 2021 03:35:09 GMT
server: ESF
date: Sat, 04 Sep 2021 04:27:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/8832493995685798799/ Frame 405C 27 KB
28 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8832493995685798799/2076313506083323656

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de1b1554b2894de2110c2808f519e4f19d8fef62838ccf33143d9fc02edea885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 11:33:15 GMT
x-content-type-options: nosniff
age: 320078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28153
x-xss-protection: 0
last-modified: Tue, 18 May 2021 08:55:32 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 11:33:15 GMT

GET
DATA 200
OK truncated
/ Frame 405C 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a439cc77df8ecb0a4fbca7b642ddd84ebd453de4442a057a5c7959dddbe6edd

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 405C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c7e337c3a62c61956a296e38e61cb5d629639ef85e4155b01139fb16110fd7b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108170213000/ Frame 10D7 188 KB
54 KB 33ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 198768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55333
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 21:15:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "55ff93a1040e5c38"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 21:15:05 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 10D7 13 KB
5 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 199677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b551ff8c0a78d7e"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 10D7 89 KB
28 KB 28ms
8ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 199677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28538
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "523ca413d5eb4bb0"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 10D7 4 KB
2 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 199677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1653
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a4d9605fb26cf0ce"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108170213000/v0/ Frame 10D7 40 KB
13 KB 31ms
12ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108170213000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 199677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Wed, 01 Sep 2021 20:59:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd81b3ba02634f28"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Sep 2022 20:59:56 GMT

GET
DATA 200
OK truncated
/ Frame 10D7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 860080a1b20c4ed1904cdfb18c5d1b80c81099809b3fb633d74f9432d903b1ab

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 2CA4 99 KB
35 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f38b8c2336c96e72481aae984bb3af88e05e786b06e056c51f610ba93293d702

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35542
x-xss-protection: 0
server: cafe
etag: 8783041051664089655
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CA4 122 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ Frame 36DD 31 KB
11 KB 33ms
6ms Script
application/javascript 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 26003
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
date: Fri, 03 Sep 2021 21:14:31 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: U2uoM6lM5a1cpkU8i4Ecn9yYPgkCzpCnJ2suGEyLubdVLp4u-zLjrQ==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36DD 122 KB
37 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ Frame DB70 31 KB
11 KB 30ms
7ms Script
application/javascript 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 26003
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
date: Fri, 03 Sep 2021 21:14:31 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: EBC8TAj7vz3Fp_rA3EZ4oHle-OQKBAp5MMavdA5Zqdb8jycfD_JCtg==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DB70 122 KB
37 KB 36ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090101.js?31062462

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 405C 2 KB
2 KB 15ms
10ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 62620
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:04:13 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 405C 295 B
319 B 10ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 73806
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 04 Sep 2021 07:57:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 405C 0
0 16ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSi88U0UyeKh9oaG9p0U1pMTfAhnv8Zmkk4WD9yYCsoxcA-7Bi1C3M3cH2DkuKoxdDoQVLa
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 405C 0
0 39ms
36ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cqs0QyfUyYayMCImv7_UPxZm_gA6phI7rYaWU95OnDZaCzYWIFhABIO_2kCFgkYSAgPwXoAHW59b1A8gBCeACAKgDAcgDCqoE-QFP0ESJdg99hmgKQOrGVwDEt_RVheoG6imCVE2nu0jxA_0PkRquZ95mQtk6AgtrgCIn8GnVQbQtczXF0_WuDBYB-dUr9nMAP9jGl167Y9GcQsQdGuc-a1IcANpfa_5kv-NVknVoWUT6GxGsZGijEwFyncfLJ-qhjcQStipNA3DiYGWYiJQYZheHK0NpTP4Z_Pu5Fg9iyrCEWTf6ftwLIvIDriX2w702Igqbhve7qMD8fee_oQpUjF5XLvsSqEjQo0f4GGMt1QglvV8hTFapy3_ZKOC05J8OMCxOxGBNOlhCTd592MavTGBmTWK-gXgl5rwMwEOfn7IR3XXABNaYm42uA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeSmKkKqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBCirgbSCAkIgOGAcBABGB2ACgPICwHYEwyIFA3QFQGAFwGyFx4KHAgAEhRwdWItNDYyNzUxNzY4MDI0OTY3MBj_1xc&sigh=Xnt6daI07oY&uach_m=[UACH]&template_id=484
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 15172362209608185037
tpc.googlesyndication.com/simgad/ Frame 10D7 49 KB
49 KB 12ms
10ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15172362209608185037?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlTmuRz1TqgBgljfAqBWHGqlNcMGQ

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

021f9089e7fe358f8be4fd80f24b65df45c53720a7da122683d305993672993f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:10:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 02:13:35 GMT
server: sffe
age: 551830
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50019
x-xss-protection: 0
expires: Sun, 28 Aug 2022 19:10:43 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 10D7 2 KB
2 KB 11ms
10ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 62620
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:04:13 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 10D7 295 B
319 B 10ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 73806
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 04 Sep 2021 07:57:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 10D7 0
0 15ms
14ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQc7ijNmXkrmlLF5Xfu4sbPXg3rgguhXk39iREitgrpTQby2HzH_ObokBXLGz1F_87nBlr_
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 10D7 0
0 39ms
38ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CsIiyyfUyYeKNCImv7_UPxZm_gA6pge21ZJGboZuGDq6Px9eWDhABIIXskgJgkYSAgPwXoAGt3IqIA8gBAuACAKgDAcgDCKoE8wFP0G3lYUx9ilAymRin9cfCsI3f99cuKya-w8VhdfEKOTEF6QkxJnUkZuLJRRA8iXK6NaQWA_K_YS20tvwLFyshFQd2BiLe6nhBMz-rWEjwAlNmdL9A5IPYp_dxtao77wgdN6D0E86Ipwus5jlN3HRsDaAr1dRIuUekWLFfcN_mFhhrLTCvZU2QT7W9XbwPtSBtGOLruhpGmDt4T-IEGcvBP6ampYP_M9uGtqYd5hLqgH-mbpzlvsRYsqJ4fhk3KGvxkBh1c141eJCmgudeN9yBywimR4judfhHhptwUlyqbTf1QrrR2EyjyWLl0I9yJth-HQXABImRwrPXAeAEAZIFBAgEGAGSBQQIBRgEoAYCgAeCpsVqqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBCVpQnSCAkIgOGAcBABGB2ACgHICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItODI3NTMwMjEwNzY5MzY2NBj_1xc&sigh=9OTYD29o3FA&uach_m=[UACH]
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B28 0
0 39ms
38ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyGwdYRG6neiEGLLVICOzDNJ_ZFr5qSHkFmNNCe6t5dJOLGY579uqTFEULhUbxhquzl7uViDVEbiaTKLxdN7VULvZj7U41UzsdYfpGGENfeZwyyuDG0gwbS3gAS5NEnKke2CFv9IM3gIklCKaTRiWC5UiAph-vQslC3CrenIJCzU0t4-k3KbdeLSoxiMa-ZyBseWvacg5YZf673facOKFC170K5BWENp0QJmUAF09GtLoFMO-T0sJ7cClEKXabd6glGcH39myXN7vBseONXIYBZfCgd72ABhc5fHgwr-K5RAcvOvWWVW1UC5g3qqabWhuMknvmSyP817-qPp8lCud-t9AsxHA&sig=Cg0ArKJSzJcwPGGNKeR7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 67B9 0
0 37ms
36ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNJVHAcRvvhfD4iQB6jdNfHktp03n0rHEk_-jryGb9cnvzg2W-086oDS2HBqIWybBE1eZSDIOoL81Dux-tD_6iypwdRQnfqtbxOL_LyWNCzyusZBDu1OnFYR_1Y6jiHk16nvGZ6SWMwVfvDpD3ZC2uPI2XV7LS7qNZ5Fv05hnJiFMxGG1fPDLqU39AW7kWSF40-hTRftCLs8hXuROvb2TMFS9wuTyD1jE32M9RT5GBKFi5iJM4a_7hcXvTfm3D4aSElL-KqLV4TRpOV6j5jmq3NyYyiyHipZ4-Ltb9Wk6dUENzq9gkh1slzMZL1vbQjTR3dqUSH5jgdYBk76IwmwUnhX4&sig=Cg0ArKJSzEZx-aiydccgEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2CA4 0
0 37ms
36ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMzSq4s70XnPH7rg6ecsKGSCw7btnhez4qdV0rfUHxboHKFmUEFCdIb60VCKfUKEMp9yB9W5ROFZlN_gnR_i3T8D_SwlGXii5BssWEqMX1t0Ewuy7eL7bjYUzxjG23T1JPtFDeXGER7q37OeYrr-MJ9ABCfIOny_G-1mKYtz1uZ4zLAm8WUstNs8bGzDP7tmUohM2UUdNI_5TpRO-68Oo2PV2sBINFXjC7okFR_51v4bpSVN4ZQvVw2HFssTPyk0NVoFgi3pNFw_cc6sUopseoA-Jul15p54F8HjjuOh_aHoQ5rsFmlr-PvtoSa30AhpHq4ILUJbsgSmrn_Nw4EX-s&sig=Cg0ArKJSzJCbze1qkpXEEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36DD 0
0 41ms
37ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvo7zud6ufstKw_nb6f155zcSahNeUo1naf827OxntWmgZuo91Mdz2Ou7xld3kOYmLpxmSNjuSKp4BFUt95op6ZnvZY-Tt3PtguAUTGo0ycUH0igsHg_d_Z08SuwQwjucjL1KtKnDVfI_i9mDSi50FkikUkKcdd2QNAn6Vf9s6zzDTRfr18ujHM3U31n0t_DvfOlTrOLceDB30mbqaU2ksQQWBEUXweqE6-wKBqjCfp2mjPmT0XXNMAv1aIu105XeJp2zbVYRbFYbRzZHfSCH4kdSSUUrgh5GXtsU54YG_0yOFjngB-PrSZsZxoOj7uFRaEMb4j3TcbXZtI2IJV4gAv&sig=Cg0ArKJSzKDPXUNJcKk5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DB70 0
0 37ms
37ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst98JHSp8xJunlf6l8R07fc0FcQg-SuDJW5uP3oGW2TWRNDTrnQahE3arNJW014wQyg-cmWiZmKvt_ydFJGO43mbcEVS0QSS4putxjhBCD2vwgyHyokqhpGvePOOVxy5dZrEuSPVJ3yE-UbzCNdj-2Sv0CHLWLXFLrvvMQHGpIsESr6TxA5sBoVtNONnDm-TBleqeBVfKwYe2VlRXjDiHMmsz51UrkKZ2-binJ9VqdTkQ3Mm3OjTsd7WjZsVtqYK_vBcK-RiImVBxiN6pVc62v0_ndHBe-K0_A_G0cXFvXhyba8k8-cQxSSh4mrp9Z_hoXnPzehBaKSECLnIQJe4qmHENMQVWvibKkc&sig=Cg0ArKJSzFtVFP2Ox6DOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ Frame 405C 31 KB
31 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.123greetings.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 22:56:57 GMT
x-content-type-options: nosniff
age: 279056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31624
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:16:38 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Aug 2022 22:56:57 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240201/ Frame 9B28 252 KB
93 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31062388

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9d77c77cf756b06f15f8d820a3c900973c8f8a869976673dfb9459424c05533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95603
x-xss-protection: 0
server: cafe
etag: 4080028730874516
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
DATA 200
OK truncated
/ Frame 9B28 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12f492b4abdff146139e0cb4d053f4d9b1b7a379d60c36e6ebd10d734c4830c4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ Frame 67B9 250 KB
93 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95178
x-xss-protection: 0
server: cafe
etag: 9330497266985682447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
DATA 200
OK truncated
/ Frame 67B9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06ce32716993929806136944db26089c565154a85602e1bb65f752d228dc0ec1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ Frame 2CA4 250 KB
93 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95178
x-xss-protection: 0
server: cafe
etag: 9330497266985682447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 04 Sep 2021 04:27:53 GMT

GET
DATA 200
OK truncated
/ Frame 2CA4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e40076b0d923d20a23a8170e020cf67a600fbfc09f5ebdf1dcf12d32449f113c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DB70 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0544909d1e823777823b631b929676619577a1b6f37f39042303d5e2c2eb08fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 36DD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e7c2ba8669e318ee2d42aa9a4392ebd04204e515f8808d8410e274d37c4a26

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0B7E 0
55 B 16ms
16ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4aTvAhimyMehATAB&v=APEucNVkvECNttS6nkiIYE0rTvtgTw04e-xBmWf5cQKQDehw9GWm5vf8XQfj3t45_Zvr0wW6zOWjVGlTIZiL2azXJ8UXOEp9bg

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMX_6gIQ4aTvAhimyMehATAB&v=APEucNVkvECNttS6nkiIYE0rTvtgTw04e-xBmWf5cQKQDehw9GWm5vf8XQfj3t45_Zvr0wW6zOWjVGlTIZiL2azXJ8UXOEp9bg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmK1em8mw3sBZ0PAHYkUizFGUQ_OUzkthNyQ_UZic_qkZwBRASrC0FhdLMOgW0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Sep 2021 04:27:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7117 53 KB
25 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxILCOBwWGc67-w5XWz4_O1eK0NoEkcw2IF9hYRkx_hUKMhNOowa-534oiJ_kxKBFcvzSvcv6ALjKlyJ80R1UtCjtvUflytdB8FrrxOhC3efgI16iA_hQhCZtbM9CsP6znHx8vObSQ8xfPj1A_2LOywFCL5g&dbm_d=AKAmf-BqIjoD2D6gOV5OWNkyqECIYhgoTMOgsU6g2Xaed6xyhK4FOe_gdT_2_P0_es-kz1_ww5ilIO_jBk-N4PErSr2fDQzR3vjpuJPmUV5Iwc2zTSusrS1MAfcHBq6pNMXxwggBI7PvzCiuWN0yql3GUgApNrOLdOEBGdutO0kgFsAM8mu-cKw6U0IVHKm6wYWTsKFMZxPwxIHjSofnfhGI_9cJUwZUyO7CpbjyQYCrGaLOMTl_Q9am0uRlOcCPJpB40MZnca-sn2GivGct7bly4TtisyIVJnAuyGV6xdppQpEjDDwiDFCHAobbW6kqazELcRxiA_OVqz0rd2eVo9JovLeaj7_4j0LBlg-J8CIehUmhswPCFBYNvGI1xuiijzGJHznx1RVb2YqMIq77IV5JGzByigsiCacwMgfA2kgticErmUWY59zTJMLw_uIWqp4dfVq0eMLzt6x70pYLqQiszyFJIOrqg5SzKWQzv1rMzqpzBxYvBHZuykBZzC-1P7ZG4XCrNNnnpbZBAWHix5ZNgpjJb-JSQ3_9j34k9ztY1mD_1BdDchAYKeZdOBCF7LRb-LD0BH7-umLERuzLNK2wvW1a0Eq2x4JlsmwTzX5EfXHXDvHXWKU_i53EWPBil6AcFldDJAz7DkQwPe7-iKB9TuFbofNqTSwOPP7RWMc6DPnUXwP1JDVet7CvpZ-jLiit3R1XCUsSyr0d6orA9G0VWcmt81YO2HQwHf7Nf4f_cWEte6DCVdS4MndF0lMP0wCLAIP2FAF0yBNKhLARoTrIoQBzIeKrIvTsbfSi-DzVRd3B6irKwUY59g9Jo8PfbWSRPmpxNA8bj-Yl_IeP1Ll0yb2zE8QelNHReB5PO7Diy_0K31n14RbRNvosnl0-lel_3T8rhgHNOLgzG8knEh8YqzCxbdzGznnxAP9fscx2-UTWLG_1iDhT7CqYc68KbIhcTIzP6TZyIV8vexz11Jx5uLLPX1ViJH0qpuli0h0ZxzmGuXl2uixWH7rPeQwtbEvPHcRDriPx4Ccj1Lm67RO_OFJAp3clBd470bvmvxCvdOi8fYrg3Yx3R2IUG9cF18_y_5t14jfOl9UvzwZp-SNFcQzlCCI-BaIuEohqMH1GpzD2CtPp33_3OZxFmvB805MFZYdGwaNpn2fx7gM3xoNHnPOtKiPmPWFxvNVpYiyqIuVNJn1TXM2rqbxwYTcy_komDQTC3HiPdR007mLQlZvgJTbMt4xUDR74YipPH5IIndkTlfK9x3IqJ6YvibSFX3_T1cwQbbRcIn7vH-tkC2pgEQW8tqWVrJYI2rw9uJwkNBL6_mubCI8ZutM1WhpoSpCBNlO0jC_k6Pej9VWh1D6BqQkxHwPH50kuAqqxmG7iW3mQ16PDc4wP9gqAeE_kDVQYyZr7MbOKZ2HDDL8gblWCDkwp43jYd02w54e9Pt0VXw4FSsVX3rRhryuyabBZOmNihAvRQZWa9L9pVJv2vllY1HV-OeqlmmUN5DsnrLqatpmvTbwIBjGtIuFsCrhMGkVzLyShlKRpdxkA6jM6qOy8_IzeUJqjIEvVzj_8bjUCzAikMvZKX9elqr3WH6XHG4FHTIIpF6KFDW2D_YmXYipaVPBp5ebTzO_nG_mRQCR2l-VMydUe2nBbAq87ZoWlUwwtwBFEdJj1neRwU6WLjXvmSrACjJ5eNm-1muT7osNnBQo8_bZvGOIQq-mOrC5LwvjpvpcD7PU4YJIQ-gZevE45ayDQBYHUufx8ye3oZFwU2qEIClRFrtM9ZSZjx5PrBAhPOn--tGyTpECwnx-Kp29oOuaZa2zcEWLk5nY5e0l-rfvN_qwvr4IDHkrJKVTPyU8pw2DaNd3L0a-0SOrNCwwIFztpFDqfRLhBp_yee6whfKaZAP0pLVXUgSy_12mMTVToIoo752NP_tgIk86m52f3fP1jLNJYT9KVxE5jnXQX7O4KpSJqtQFrrDKe9VI1NyB5jZExSAynp1Y4iRvqF_TXZZYGRbK6iToiYV_WjxQdR6aLOnrSItT6DPCJ1JEnJwRNBd2iwubggIFEffP9wg4S607XyRahUX0If_jlY6oLem4FOyQfFTUpw5GbqyjxfWpPky5cm_Un-yb7qmJ0vFW38Ri3EkSPia9_4b6l4DoXJU-XDmyPi4RA8NJlQoy7xFkOgTi7aZaLO6XTr2U0xINP5V9NKKujPyZ63WT3bJh0373N7zCXE7qJEM3Ku7bURVAgDUCoFH8UqJCyxqcxP4_Bjm6kFbWv643bqy9FLxnZj_LIW_m1VFjkH-BwvyJavDPwqQYNG7fMR7oIB7vRgRIkJ1bw9aSNbTzOyV1VZnpCM-9EwdqMHiMOZsMea5eRHXcDSAOTy2kFWrQlap-pkU0AoGe3fCNxXOKmxxnV0NBwiTXNAHyi-a_KsfQLaTV2zp8kdC_EB9isCQpjLqNytSdSbf-R_nzNSrl7NQSn-UboY3KQf8SlujR93t5f1yW1zzs_eLSzmO-3BTtB85wOg1FVs-nthh_H3ru-I4kuRd_CICBvRXmgLy5O7tkNuqbnRArZiz_vU4FMQTQcHYCqUjLD7PuuPOovq0_tCIC-Ywk3TvZT39uP-Pp-yVZEU57P27PWy_zuB2RWaeZWtKcicFD-P64W9WP20Y5uL-Ocdb1I3t_UjGMsiiunIFLcmrqZxq9bYU7Id0OVPRebXXQcN2MnfuRKSbhIBPRvtqkZIpNRJJAWcsEMec-b99ga22JDMAfxd_C93U0moC7GU_2xecoBrc__t2MVjwtUrfb2LboMQxzNEDDhpHoFaBRwTO96LHsIyRSdeOYIPzIdCdpsbqIE15zeAl9qvzm4MpYpSWoSXbyrV6HAkrbmtxMlH06Tu5io1--isx6xHVqmdKYvBASdqcedC34O_bkQjCVVW1Q2UBhOMm0a5S_iuIUEA0l6F0ry1L01RYfddIo60wnHmClg5Nh1csstQT7k-8XT9n_UnSBg1DQ7sq1_iYzlgKMAaoQ4QRdHGaivM0RZnd1QF0fnNHRy8wVtS7egd8sEFTHipTsUg5bYdCm821Edkk9XWXt9TyiBplKXRZNJ7E7HR6Gr8kXqWEfRPul-wg2Oil_30Q0KZd4hiMcbTF5UYPUb5MagVZ-P219kr5NklHOuSR_iLYj924MLureDZcLty1A0A9Ly2YREmxxA7gTWgMpe_28a2iBJNj0HOx0mBoxArxrJFmz4TAot5Gbihmt29IKB_fK25W23K-8HL5VsRQD2aD9o3LCtKL-acc3IxddLd93nVQ_qKORXop4N4Dexf9b00bYBZ4naCug&cid=CAASPeRo7nY3797crkvO7a-FlIugt8XZuV1YvApWkSL-MDqr0qNpdXK7clGtDvOqcQT0lV0X9qbBxUTgusDhg0k&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041444b556ebfa412f45a168e7899df614e38bed233fa630ab6055db734df39c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25574
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7117 42 B
63 B 15ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-v3fMKoBnLYKBCBU3Y3pdzAa7QBc2z8t1NVpNHt4GaVuCZ23DDAauDkKU9Fz7l1TjVAFepmq26PGT3uMD6p2m_Kxf3JDhMIiBCA5dSuirvI0XueQ

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 7117 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:21:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7117 122 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 7117 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:09:48 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7117 0
0 15ms
15ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTtiY-E2WjfA6vWQLkTmNdMQjSTZ0vPIdH9EIrGIM0OqewgkpX9tNoxZ4cqNGs7kUOlMt0o
Requested by: Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2F4C 0
53 B 16ms
15ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNupDBD_0OkBGIqD76MBMAE&v=APEucNXpvkAcY6c5YuszPFxwA-CRIPh0EjOZOr640f7nHm_CyJ5L1eWKVjZ3C74EP-Mt9xl2_2lyluTXuzpaIS0rTf5Pws3vJw

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNupDBD_0OkBGIqD76MBMAE&v=APEucNXpvkAcY6c5YuszPFxwA-CRIPh0EjOZOr640f7nHm_CyJ5L1eWKVjZ3C74EP-Mt9xl2_2lyluTXuzpaIS0rTf5Pws3vJw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmK1em8mw3sBZ0PAHYkUizFGUQ_OUzkthNyQ_UZic_qkZwBRASrC0FhdLMOgW0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Sep 2021 04:27:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2B60 53 KB
25 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPE_vTO5b-vW5rLeFvfo0Ys5zTFTxRpik0AiaHNSmLlA8OCFGooUMof6z24JG6C-4xKX3RggZ1BOKCFZnX5c33KOyh-DLMWaNlLpMYTDw66SIuy3gK7xKD6cJiajtKpRDxpUelveyYOQMuXXLvz8Pe4G4g-A&dbm_d=AKAmf-DpvzlbwP8XCI0RfJscPmRs13A_UkHd7GTIURVElGygk47unWqos91dOiaFtjCmC8HWs5IugucnRIL8x71Dlxd9T437uxo2Pfnz05u6q4RCmcqPtvWWRswzWI7e_uEZz-kLujNmUONhalY7F9sUnMtPClAxI6lUxiF1upsaGSvtgXsJAE-fZYLNmgGCJTM_taHLrLA4GgRTFslL5fRp_nLx-kJQSKWxJgzi5jG1OR7ZL_Oxnp0_OZ04VoPofY9C36fLDYo9ZoJqH5quK40KBDq6Sdj0CCkfSn3eSonYTNjPiUGJTaVZjkLeIylQdnCVOJcQM4Xoxj8smRh9kfA9LCovkfdgYKaM8NB2f9nxHaMiCXa-J-YunjwUmfVyypxPRCLhH19Lb7_L2gHh_Kv33sNIZdgAVGFqBxrLYUPxw_rY48iLBFU55rU33ve57QKYcKKFd_7Pdc2iei-C8et7YHEajLySUd5bAo8XYtiCzT6uItplUxb-p_xdTBSQs4IyXjJpBOqooMIZCE3IgPk2vtqTEKKNmyAx7CbRWdhvn79kH9Oy5mxm-DRvNeGrSJ-GYHi6EKH7xTMPTxGO8I_xCjMD3E9h1kyPk78ouFY_K0lAbChthX78_DZ1BRcsPPFEgOdVDrc6EAQCAV8XFpwlp6HqjUpbkD6lPLe_WGVuhotejdUgI4KwlV0KKSzuzoJBDrPCW_AUXvTq4YqDIMJJtq685rq5_bfF71kYuhJLunR0GEZp1kLS9aazuZ-BvauuuqSmUNNX0SYJ9RVxWN4hmbq_2NGyQtkVNpQ891mkV5Gqsu_QtQwPdUCo8v9CjMtT0cSGhOL1rjE1RtV8k0HLiqXG29Wp8dKyfhM3syqN4vmZ43cO3PZlfzl6i6hgHXsOLULUbcI_1f2oZ23E-J9jVU8LsnlFx8X6h2RTn23R5IRAcR2TL9MK1mpMsWqvyLnSUZ2EzPvIstYH3Kj4nfWvpC5SFMSZlIpNGPfcTsB795zQwc0IJIhnnXCQtCZ6EiqeedesXj-4j8yeQABJ0s5xWxOk-nMaw-yY361zOJK2o9oWiU-LESAL2ftGB7O221n7IIqDRHjpNAFB0xN-cPE-JosVVxBLF2M623fAy-U0-vlfsMqn2GeNT94lTeetFWbOvDQ3MjD8yHnbPfpmDBLZ6mzHPIZHjTfb-ORieChV_f-Wg2PxCnpmhNd36leR96vpyBmicROqd8b-y3WhkXpFbA0bv2vMxbvqzoMNFuQD7gR6kvf3gNcjQjvxUOkOwBhu8OrqWVB-YBvNuCWMvAFZ-Mzd6lZsWfby8UhT2WPhjh0YY3DVeGrcjnGfPKgvE9ouht7JvmCNjnM5mhSEfc-yycJoLAh98eoL6WntrQavkjJev7itoYPUBTzxyjn67V7pHfJ2MUjZ0DGhMnBbZb3d5IxFqjviDR4jtsawJ0mg8B2V2YH5ckJc4fgzB5_SfedIGCKG5RxcaJcVJjJZgaljLs_v91rRmlUcm9H2qlagCWtoLvBpH-WtftNlnXKuRXuyM01BxfmWfMRNUeAuK2uDZDWyNAziE5cEbuau_dcrYhlZTy8e4jDlQ9nKNVamX_cUotjS7OmflUWYiyd1YZ0tShOVbFKnhyjXXK7ebO4ww7SSICNsjjOvutOCvfdOG_CoccH1CZ6Ru2u4G-tr____bNI531_ED7AOWH9qROoFx2BEe0_1quy-TtELOjc8NW0GUP6-d0Y9GqGB5z7-AKakN6HRb9WJxP7SylCy2UPPB63XmFFAKHnBxHW4V2QQdEBCLcds7trXVTpMt3AjMedjMNjAJfmRRRy-IdYPYaJcNXGR-n_QXpuCJG1pLvte1br7ucvzW8xZTbHFhvc_dpOTEQmH78zVFbvkGtvmsHMLpWc3Eq4newEF278PS6WSwXqQt5Mb9Y6Tfd5TJ44AtDIlUum4Ol6aLwvMmnBE-aHQvb8OeP2IAKS9uJyu_WPtD2OdLj3nl9oBtcP75hfbZFNZ1_cXoFDZy8PDYrPDwnGtYkvjBT8jxgRubxGxq38WAuhCUBtQpg1LPfOIBszUmYJc5NgcCNF81zKaolyy9BObx9fXAE1yrlGCGr2yaR7_spiHiCzz-xY74PoG0fJNUPLmvgE8ebjFZM0VA0yX_70BwowKS2V_gq6viHNl6sAYWS49cN0g66fnEZnesUN9Aa7W2AOC2ctzzh9gqlezP8ouleOmYOeAaGBEsIJWp66Ooiu_h66wCERQz_4xzPmPne-dqqJv6MPo-Xz1oVcmZ9OsVwC-HUbjwu2R48V8ENhA16MA4NqU0SRXZQ4f_FW4KQe98o5E6qRbTN77sWZpkWUEwe-oO_gQzOZxz7JLFrSxehB-ZkQ5e9E76dm8T5gQFwrUaTQXeyxZwrxfpL0HbKvPc_iMFgAnsnjWPtjkKnUKv741qhwaFNInHvKWaSyZCM7jGlwUI2QLUJiq0mIplMRmmzZ57jFzV5sucvsIrfpXFdrK9eCtWKEFztGYvf38kxwhB8s88VAJFR49cn8wcyVSdgk4ZE-g_0yNPt_IBLIOR2kk7qxpoHJGvkmJqwKRntULCA_MxtjmAb8FKkZAtozOCA9_6H5o1rCQwCD8pC5A84b_OLTiVZGMe6XecUoNAFJ-XW3xrOFOUHzPKhvLfXLCL1uaMhvFFV73QJbZjuUutMl0xtewLZUll0vkRYwyMAeeEKz7zcJo8EFQSBwA6wZ13rmtRNaat2542c0ga1o0Irmcl8Fl5c7gXQ5pxLKWmOW21c7bO15JCJPNSkD9V4Xe-UXadZA7c3D9LwiO-MAzhm6v3VfF2iJWldrWusMdAKNW9OsGV9cIbtH5zhlAtYO0oq4lBJeAvjTOPKV49x5daWSnKs3wHkg4tINTEiBt1NZUtFT8K6EfnYVxj2C57bV21ze8Ozn_REL8y6x0oNgwezBB8uPneitedMo8r-QwrmbdmesqICzKt3DkrRaradTktDow5KjnYk67TqcmxF5rcWtpckhxRTyi6Ropl5sQQtjoNVyLVii_EN4GFRcqg_jEcKaaCzOD2IxnHQgxeUVHDku8gbTmu_BMSMxHzbQm95XjiYMrm68REETLOITb2LTGwy-FCjxAWyz0vcx9Zj4p7F2-caFa8BHcJvQfiWiQTPWyk_quAOHzs2UWKvcsRI6XSGPeOEoBFADtYon6XgBhxAVNqu7yaavO-bO-DgJ0vnPE3tyM5L3nLD5e741dz9dlLsOrILqJf9kTsA2YeH84X62Qsyxkkt0wr0bLL0pEpTs8k63gu-DeKaJU5dEzJaNuIXExhBSpV_BRvG8UPNKwKcfwvEp16V01&cid=CAASPeRoA_lPqZisGL4lO8PaJ2wgbjWGwOBW41kGkdWX2Q_WA1KWx5_rTH2X23skFgKatXFrZ9F8ijQw4TXYni4&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

422d343bcf18609001546a5a7f0c205b657365afcc177744c47c5486e32f917a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25516
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B60 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BpKJlZb9xJgBJDIfMQNQojxfG8Sn850qLM5NPkuQEwdUKDTEcB_xxLeqijYR30b5Rl00I0xC9Yj-FhLvBD0VNvlTcDkCAFwsXCf33_1jNYlC1-4s0

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 2B60 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:21:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B60 122 KB
37 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 2B60 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:09:48 GMT

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame DB70 20 KB
5 KB 33ms
7ms XHR
text/plain 2600:9000:2156:fe00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fe00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2468d8defc10a0ab4f1c4cdfdb085d486de1d1190998cc1b0ef86f0540da2d34

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Sep 2021 14:33:58 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 14:33:35 GMT
server: AmazonS3
age: 50037
etag: W/"f23827029dd04ecae86e39a98fd24430"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PgKlHMzQ8wrl4etDWQShUehRhahJERZ4T_IG-0FDbdvv6vu6knOgxg==
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame DB70 20 KB
5 KB 32ms
8ms XHR
text/plain 2600:9000:2156:fe00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fe00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2468d8defc10a0ab4f1c4cdfdb085d486de1d1190998cc1b0ef86f0540da2d34

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Sep 2021 14:33:58 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 14:33:35 GMT
server: AmazonS3
age: 50037
etag: W/"f23827029dd04ecae86e39a98fd24430"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YZu5_1T4CPaSZttCKUFx27aEMoTky-0bs07qZKNHqU98UIPi8BmbOQ==
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame 36DD 20 KB
5 KB 31ms
8ms XHR
text/plain 2600:9000:2156:fe00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fe00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2468d8defc10a0ab4f1c4cdfdb085d486de1d1190998cc1b0ef86f0540da2d34

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 14:33:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"f23827029dd04ecae86e39a98fd24430"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-id: illFHHLM7pIdbn86i1XXKVFao41e3C1oeTJkXoPnsjSdnuVp54WM8g==
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ Frame 36DD 20 KB
5 KB 31ms
9ms XHR
text/plain 2600:9000:2156:fe00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fe00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2468d8defc10a0ab4f1c4cdfdb085d486de1d1190998cc1b0ef86f0540da2d34

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 14:33:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"f23827029dd04ecae86e39a98fd24430"
vary: Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-id: LPp2VjXyn_hnxqwGCfRsXt9vobYyvgGxtJ4nj1A-Zth_PVEa7wOK4Q==
via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DB70 0
0 70ms
37ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3JGwksS_4R4kK53ozDD1pQroDbhm88ZJHtbrLRdMg9uK6zFdM1w4vKfjtcLNGTK4MTkjekrufEiDwE5WT_hAShaZX_4ur0I8mUFaI9sMMF6d-9-gweW0clMCW4m_nKvYkVWAuR-2QgYzO6DH6zniqbdWkyvUkxOkQ1hfWuPR9kvJ0xRQumnF_7dRyutHxgPh6StmzI-ChqnUbIQUPqxReF3W7cOWvFZ0euZC6UE5jsDr5bXnjvHbOD1kfutyERj3ACjQQPQe3-wO4RqJ2pxW0xiOD4rUuMDgrw7El8ugqoRGI7DhTu8PBHxrSS3qh1N4H761mtdFXT9kqlwg7YazWYLckqYzi35YwMPc&sig=Cg0ArKJSzIE_K5WgvWi4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36DD 0
0 67ms
38ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseN0hXWUsu1IVqhG-EExggry0uZ4imQ2-v4-FDDKbMOd2rQQNq2QUbrV4dPMxhbvnuONrcEHPqLj44RMpyWP6g1hScvDKfBBzYQRHBfjo2ZB5dhJ_LnQvhE6zm8uzAYMtrqXqRIicxVb3xoCUp4iO4_KRvs-QAU5u4_yF8ZqYieORIeiFicJkHzFsIvcF2jTpA5Ja08jWZ4vkEd-j5buG_grDOFYQ8YDo63hzFctnPRPLMGlEAJWueLrNY_NJAbQ-YcktPTDKyK2pAF2SOiU4KVUGMKTNJBQfU7cbn9nr9xwjUQp2zrWcmalI6a9PpKGZiAQrSiEz5ab8I22rcTT3SAyg&sig=Cg0ArKJSzCZIUGoaihMYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 10D7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Redirect headers

date: Sat, 04 Sep 2021 04:27:54 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 405C 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 62621
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:04:13 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 405C 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 73807
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 04 Sep 2021 07:57:47 GMT

GET
H3-29 200 15172362209608185037
tpc.googlesyndication.com/simgad/ Frame 10D7 49 KB
49 KB 8ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15172362209608185037?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlTmuRz1TqgBgljfAqBWHGqlNcMGQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

021f9089e7fe358f8be4fd80f24b65df45c53720a7da122683d305993672993f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 19:10:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 02:13:35 GMT
server: sffe
age: 551831
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50019
x-xss-protection: 0
expires: Sun, 28 Aug 2022 19:10:43 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 10D7 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 11:04:13 GMT
x-content-type-options: nosniff
server: cafe
age: 62621
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 04 Sep 2021 11:04:13 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 10D7 295 B
319 B 9ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 03 Sep 2021 07:57:47 GMT
x-content-type-options: nosniff
server: cafe
age: 73807
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 04 Sep 2021 07:57:47 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 9B28 206 B
263 B 34ms
34ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240201/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&bust=31062388

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d19f2f7ecec4aa29e97fdb6bf94bd887c10d884a0a0a32cdde99aae34b5a1d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9B28 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9B28 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73A8 53 KB
21 KB 260ms
259ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=816031646&pi=t.ma~as.1176616588&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673881&bpp=15&bdt=109&idt=262&shv=r20210831&mjsv=m202108240201&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=2&ga_vid=690623086.1630729674&ga_sid=1630729674&ga_hid=202956110&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=2262215379&scr_x=0&scr_y=0&eid=31062388%2C31062297&oid=3&pvsid=1724332846867215&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6c8wcwrqeye7&fsb=1&dtd=284

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30e55894e265bde81cd5430a3d9c3ac7c65fc3b2e9d6a1fdb57912ea73755e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=816031646&pi=t.ma~as.1176616588&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673881&bpp=15&bdt=109&idt=262&shv=r20210831&mjsv=m202108240201&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=2&ga_vid=690623086.1630729674&ga_sid=1630729674&ga_hid=202956110&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=2262215379&scr_x=0&scr_y=0&eid=31062388%2C31062297&oid=3&pvsid=1724332846867215&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6c8wcwrqeye7&fsb=1&dtd=284
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmK1em8mw3sBZ0PAHYkUizFGUQ_OUzkthNyQ_UZic_qkZwBRASrC0FhdLMOgW0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Sep 2021 04:27:54 GMT
server: cafe
content-length: 21079
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B28 72 KB
27 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 2087 42 KB
15 KB 8ms
5ms Document
text/html 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method: GET
:authority: cdn1.avantisvideo.com
:scheme: https
:path: /connect/u_d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
date: Fri, 03 Sep 2021 05:41:35 GMT
last-modified: Tue, 30 Mar 2021 10:01:49 GMT
etag: W/"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id: Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RmibpCT-zw5XC0TXHjT4sZqXSMhO_8_Sz5t9kXq_aBr0E-vuDBgDcw==
age: 81980

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame E19D 42 KB
15 KB 7ms
6ms Document
text/html 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method: GET
:authority: cdn1.avantisvideo.com
:scheme: https
:path: /connect/u_d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
date: Fri, 03 Sep 2021 05:41:35 GMT
last-modified: Tue, 30 Mar 2021 10:01:49 GMT
etag: W/"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id: Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4-JUc0tHrtMjpAsqeh_EtIhB0PjidswWYzGUeIksS_6idwfKW1XsuA==
age: 81980

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 67B9 206 B
217 B 34ms
34ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

cad23c540070d978828c6e5749c9895295c81d218f474db83629a0a8a9c818c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 67B9 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 67B9 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C26 52 KB
20 KB 191ms
190ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530243&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673927&bpp=10&bdt=149&idt=264&shv=r20210831&mjsv=m202109010101&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=1&ga_vid=1287187888.1630729674&ga_sid=1630729674&ga_hid=70758983&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1873&biw=1600&bih=1200&isw=300&ish=250&ifk=2425728672&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3704028310640407&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b9p82kmszpio&btvi=1&fsb=1&dtd=277

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e74b2379ce5629df54e839c1ac996960aa6ad6c31b44bc19e723f08c3e898e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530243&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673927&bpp=10&bdt=149&idt=264&shv=r20210831&mjsv=m202109010101&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=1&ga_vid=1287187888.1630729674&ga_sid=1630729674&ga_hid=70758983&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1873&biw=1600&bih=1200&isw=300&ish=250&ifk=2425728672&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3704028310640407&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b9p82kmszpio&btvi=1&fsb=1&dtd=277
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmK1em8mw3sBZ0PAHYkUizFGUQ_OUzkthNyQ_UZic_qkZwBRASrC0FhdLMOgW0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Sep 2021 04:27:54 GMT
server: cafe
content-length: 20460
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67B9 72 KB
27 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 2CA4 206 B
218 B 45ms
45ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6e4e05014fbab6aa2ddc30c348f497bdc08efac4ffc924012735d9dbf998a28a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 2CA4 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2CA4 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5818 603 B
65 B 99ms
98ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530254&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673957&bpp=7&bdt=161&idt=258&shv=r20210831&mjsv=m202109010101&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=1&ga_vid=2118872761.1630729674&ga_sid=1630729674&ga_hid=189062493&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2725&biw=1600&bih=1200&isw=728&ish=90&ifk=821144746&scr_x=0&scr_y=0&eid=31062297%2C31062094&oid=3&pvsid=2386615321560936&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.i9nblqn2zjsl&btvi=1&fsb=1&dtd=272

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530254&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673957&bpp=7&bdt=161&idt=258&shv=r20210831&mjsv=m202109010101&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=1&ga_vid=2118872761.1630729674&ga_sid=1630729674&ga_hid=189062493&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2725&biw=1600&bih=1200&isw=728&ish=90&ifk=821144746&scr_x=0&scr_y=0&eid=31062297%2C31062094&oid=3&pvsid=2386615321560936&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.i9nblqn2zjsl&btvi=1&fsb=1&dtd=272
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmK1em8mw3sBZ0PAHYkUizFGUQ_OUzkthNyQ_UZic_qkZwBRASrC0FhdLMOgW0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 04 Sep 2021 04:27:54 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CA4 72 KB
27 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496339498273"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27562
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 7117 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxILCOBwWGc67-w5XWz4_O1eK0NoEkcw2IF9hYRkx_hUKMhNOowa-534oiJ_kxKBFcvzSvcv6ALjKlyJ80R1UtCjtvUflytdB8FrrxOhC3efgI16iA_hQhCZtbM9CsP6znHx8vObSQ8xfPj1A_2LOywFCL5g&dbm_d=AKAmf-BqIjoD2D6gOV5OWNkyqECIYhgoTMOgsU6g2Xaed6xyhK4FOe_gdT_2_P0_es-kz1_ww5ilIO_jBk-N4PErSr2fDQzR3vjpuJPmUV5Iwc2zTSusrS1MAfcHBq6pNMXxwggBI7PvzCiuWN0yql3GUgApNrOLdOEBGdutO0kgFsAM8mu-cKw6U0IVHKm6wYWTsKFMZxPwxIHjSofnfhGI_9cJUwZUyO7CpbjyQYCrGaLOMTl_Q9am0uRlOcCPJpB40MZnca-sn2GivGct7bly4TtisyIVJnAuyGV6xdppQpEjDDwiDFCHAobbW6kqazELcRxiA_OVqz0rd2eVo9JovLeaj7_4j0LBlg-J8CIehUmhswPCFBYNvGI1xuiijzGJHznx1RVb2YqMIq77IV5JGzByigsiCacwMgfA2kgticErmUWY59zTJMLw_uIWqp4dfVq0eMLzt6x70pYLqQiszyFJIOrqg5SzKWQzv1rMzqpzBxYvBHZuykBZzC-1P7ZG4XCrNNnnpbZBAWHix5ZNgpjJb-JSQ3_9j34k9ztY1mD_1BdDchAYKeZdOBCF7LRb-LD0BH7-umLERuzLNK2wvW1a0Eq2x4JlsmwTzX5EfXHXDvHXWKU_i53EWPBil6AcFldDJAz7DkQwPe7-iKB9TuFbofNqTSwOPP7RWMc6DPnUXwP1JDVet7CvpZ-jLiit3R1XCUsSyr0d6orA9G0VWcmt81YO2HQwHf7Nf4f_cWEte6DCVdS4MndF0lMP0wCLAIP2FAF0yBNKhLARoTrIoQBzIeKrIvTsbfSi-DzVRd3B6irKwUY59g9Jo8PfbWSRPmpxNA8bj-Yl_IeP1Ll0yb2zE8QelNHReB5PO7Diy_0K31n14RbRNvosnl0-lel_3T8rhgHNOLgzG8knEh8YqzCxbdzGznnxAP9fscx2-UTWLG_1iDhT7CqYc68KbIhcTIzP6TZyIV8vexz11Jx5uLLPX1ViJH0qpuli0h0ZxzmGuXl2uixWH7rPeQwtbEvPHcRDriPx4Ccj1Lm67RO_OFJAp3clBd470bvmvxCvdOi8fYrg3Yx3R2IUG9cF18_y_5t14jfOl9UvzwZp-SNFcQzlCCI-BaIuEohqMH1GpzD2CtPp33_3OZxFmvB805MFZYdGwaNpn2fx7gM3xoNHnPOtKiPmPWFxvNVpYiyqIuVNJn1TXM2rqbxwYTcy_komDQTC3HiPdR007mLQlZvgJTbMt4xUDR74YipPH5IIndkTlfK9x3IqJ6YvibSFX3_T1cwQbbRcIn7vH-tkC2pgEQW8tqWVrJYI2rw9uJwkNBL6_mubCI8ZutM1WhpoSpCBNlO0jC_k6Pej9VWh1D6BqQkxHwPH50kuAqqxmG7iW3mQ16PDc4wP9gqAeE_kDVQYyZr7MbOKZ2HDDL8gblWCDkwp43jYd02w54e9Pt0VXw4FSsVX3rRhryuyabBZOmNihAvRQZWa9L9pVJv2vllY1HV-OeqlmmUN5DsnrLqatpmvTbwIBjGtIuFsCrhMGkVzLyShlKRpdxkA6jM6qOy8_IzeUJqjIEvVzj_8bjUCzAikMvZKX9elqr3WH6XHG4FHTIIpF6KFDW2D_YmXYipaVPBp5ebTzO_nG_mRQCR2l-VMydUe2nBbAq87ZoWlUwwtwBFEdJj1neRwU6WLjXvmSrACjJ5eNm-1muT7osNnBQo8_bZvGOIQq-mOrC5LwvjpvpcD7PU4YJIQ-gZevE45ayDQBYHUufx8ye3oZFwU2qEIClRFrtM9ZSZjx5PrBAhPOn--tGyTpECwnx-Kp29oOuaZa2zcEWLk5nY5e0l-rfvN_qwvr4IDHkrJKVTPyU8pw2DaNd3L0a-0SOrNCwwIFztpFDqfRLhBp_yee6whfKaZAP0pLVXUgSy_12mMTVToIoo752NP_tgIk86m52f3fP1jLNJYT9KVxE5jnXQX7O4KpSJqtQFrrDKe9VI1NyB5jZExSAynp1Y4iRvqF_TXZZYGRbK6iToiYV_WjxQdR6aLOnrSItT6DPCJ1JEnJwRNBd2iwubggIFEffP9wg4S607XyRahUX0If_jlY6oLem4FOyQfFTUpw5GbqyjxfWpPky5cm_Un-yb7qmJ0vFW38Ri3EkSPia9_4b6l4DoXJU-XDmyPi4RA8NJlQoy7xFkOgTi7aZaLO6XTr2U0xINP5V9NKKujPyZ63WT3bJh0373N7zCXE7qJEM3Ku7bURVAgDUCoFH8UqJCyxqcxP4_Bjm6kFbWv643bqy9FLxnZj_LIW_m1VFjkH-BwvyJavDPwqQYNG7fMR7oIB7vRgRIkJ1bw9aSNbTzOyV1VZnpCM-9EwdqMHiMOZsMea5eRHXcDSAOTy2kFWrQlap-pkU0AoGe3fCNxXOKmxxnV0NBwiTXNAHyi-a_KsfQLaTV2zp8kdC_EB9isCQpjLqNytSdSbf-R_nzNSrl7NQSn-UboY3KQf8SlujR93t5f1yW1zzs_eLSzmO-3BTtB85wOg1FVs-nthh_H3ru-I4kuRd_CICBvRXmgLy5O7tkNuqbnRArZiz_vU4FMQTQcHYCqUjLD7PuuPOovq0_tCIC-Ywk3TvZT39uP-Pp-yVZEU57P27PWy_zuB2RWaeZWtKcicFD-P64W9WP20Y5uL-Ocdb1I3t_UjGMsiiunIFLcmrqZxq9bYU7Id0OVPRebXXQcN2MnfuRKSbhIBPRvtqkZIpNRJJAWcsEMec-b99ga22JDMAfxd_C93U0moC7GU_2xecoBrc__t2MVjwtUrfb2LboMQxzNEDDhpHoFaBRwTO96LHsIyRSdeOYIPzIdCdpsbqIE15zeAl9qvzm4MpYpSWoSXbyrV6HAkrbmtxMlH06Tu5io1--isx6xHVqmdKYvBASdqcedC34O_bkQjCVVW1Q2UBhOMm0a5S_iuIUEA0l6F0ry1L01RYfddIo60wnHmClg5Nh1csstQT7k-8XT9n_UnSBg1DQ7sq1_iYzlgKMAaoQ4QRdHGaivM0RZnd1QF0fnNHRy8wVtS7egd8sEFTHipTsUg5bYdCm821Edkk9XWXt9TyiBplKXRZNJ7E7HR6Gr8kXqWEfRPul-wg2Oil_30Q0KZd4hiMcbTF5UYPUb5MagVZ-P219kr5NklHOuSR_iLYj924MLureDZcLty1A0A9Ly2YREmxxA7gTWgMpe_28a2iBJNj0HOx0mBoxArxrJFmz4TAot5Gbihmt29IKB_fK25W23K-8HL5VsRQD2aD9o3LCtKL-acc3IxddLd93nVQ_qKORXop4N4Dexf9b00bYBZ4naCug&cid=CAASPeRo7nY3797crkvO7a-FlIugt8XZuV1YvApWkSL-MDqr0qNpdXK7clGtDvOqcQT0lV0X9qbBxUTgusDhg0k&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 03:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 03:11:26 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/ Frame 7117 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 01:16:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 01:16:10 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7117 0
592 B 105ms
44ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnRnTIwtpxsAU86xq2eoeX5w0_vxftmft8AeyOxPm7QCMbvgSYhKMgZ7FHEZ9dBLkI3txyTx6DRYy0iSDQ2zSb9sApmq86jNi2tD05JjWCH9Gm3pweIB4AXh_UDxqFXLtY3PFxrYdzxroDzZg0N1x5AX_pIdHH40ovK8YqgeSm7H8Z0biGMm09PwLX6H9RlR8hUmUyLmeDNAlKY4klFtX02DdfuI8A1eri9SzxWsZjXYSj9xxmeddyEmxMvQdvhn-NW2sZ5DSh1TRThLvmxYVNkrNNGJQhjZtctcIqtPBUJ9SALtc5_3c1xrIJWmRQL0AeOt81vw8oE89GidCKvo5d3D2lA9m3cxoJN_tvwtPnyVfQ8ZiznOGgy5gCBcb5k5PTFDneqre_DkNjb6JDxo2M8a_ZBo9_4KSWyMnxSnBSw4ajXxvSMcd66IQWaTijyxqVLvJ0P8gwHI4oHkTgjEF__4NZ_Gp4AMskgjWBNm4_VglwYxi2ViuGquE0GfWSs52vXcEAknfD3b1XOo49BP1BDk-y1n-xPPGh7dBNVU663wC4TWbeUNCzaTyI1zQetxHMmXZWYx18mL04LnaPuwFtrdxD5yqH3UOd1ou-Euyj4ohFQXCAh61e_C_oZ6w2MynCfTHETrjoIbEax3ku1ztY6xqIZCSiQwcsuec-cJT9N91av2uWe5IGiGeljcu6blT5p2eBne8bHExu4fsNtwoe4aYnahXiFBtzTrA7-wlBZQI9lW0j3Hg26iyKxumLpfCVcse8Gla-pavRt_R-E0Srw-Ew7nWYJyZWXzJEnViqySl83BWNdr-ddla-MoDKwGKXT1coV9fYVLgi-AeQi5jY3gXCfZAPUaiJIj0fn2qNAyp1SQolFEQ0Nh0yppKdGgPs0pivi_Ezs7882vHKO6BOwqE20sbDEhGzC0arczFiO2IoTdvtlKKHSF0Nx2sMgaKpKxjpZG7Ftw1ts4bNIyHDFXoaecea2QcC6lsYdKdYMinGevIXYB1r_xS0zvuU51oEOmhYG_C5cdVpm_rHzeTHWiAeUgqhmE-v8mahyiDkH8pWT34AN3khnbsTNgqTs6G4K0nou2DGiBAIXtP7fm5vmNVpUtfUiCw6js2sbAarXl57R_KYejIv3EYTFZReonfscfWbQWnkOSdnw2M&sai=AMfl-YSadmQ5MiCyd9TrQl9sZQ_mscZqMgUYzBxH0gq-hKm3Zlc4LQvPvI540K9nkJbCKLnWsW1nrFYn8y98Fiiyu_C_3ybBnx4EY2qCi1deBLeT_ME-AQMOUQDxUeRt5ijpoEtlp9h1vbR8zBYI6BxT_niKfOywnf0Oi75tSCS9w1s-3zNNY7fJhcwMxot0Qzi4T1_ScWmdIqeUBY14abp4vCys4XA23tUkRzX1QxB7PA&sig=Cg0ArKJSzK4tkUwXjxMQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210831.34085&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 04 Sep 2021 04:27:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7117 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 12:28:31 GMT

GET
H2 200 nl-banner-MY22-update-trial-2-728x90.jpg
s0.2mdn.net/9957158/ Frame 7117 35 KB
35 KB 27ms
7ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9957158/nl-banner-MY22-update-trial-2-728x90.jpg

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8ee3878706308d6510ccd26c48cc3d67beb8fb85fdfbfc170b1f7a81e53994f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 23:13:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Mar 2021 11:17:57 GMT
server: sffe
age: 18855
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35732
x-xss-protection: 0
expires: Sat, 04 Sep 2021 23:13:39 GMT

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame C164 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 2B60 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPE_vTO5b-vW5rLeFvfo0Ys5zTFTxRpik0AiaHNSmLlA8OCFGooUMof6z24JG6C-4xKX3RggZ1BOKCFZnX5c33KOyh-DLMWaNlLpMYTDw66SIuy3gK7xKD6cJiajtKpRDxpUelveyYOQMuXXLvz8Pe4G4g-A&dbm_d=AKAmf-DpvzlbwP8XCI0RfJscPmRs13A_UkHd7GTIURVElGygk47unWqos91dOiaFtjCmC8HWs5IugucnRIL8x71Dlxd9T437uxo2Pfnz05u6q4RCmcqPtvWWRswzWI7e_uEZz-kLujNmUONhalY7F9sUnMtPClAxI6lUxiF1upsaGSvtgXsJAE-fZYLNmgGCJTM_taHLrLA4GgRTFslL5fRp_nLx-kJQSKWxJgzi5jG1OR7ZL_Oxnp0_OZ04VoPofY9C36fLDYo9ZoJqH5quK40KBDq6Sdj0CCkfSn3eSonYTNjPiUGJTaVZjkLeIylQdnCVOJcQM4Xoxj8smRh9kfA9LCovkfdgYKaM8NB2f9nxHaMiCXa-J-YunjwUmfVyypxPRCLhH19Lb7_L2gHh_Kv33sNIZdgAVGFqBxrLYUPxw_rY48iLBFU55rU33ve57QKYcKKFd_7Pdc2iei-C8et7YHEajLySUd5bAo8XYtiCzT6uItplUxb-p_xdTBSQs4IyXjJpBOqooMIZCE3IgPk2vtqTEKKNmyAx7CbRWdhvn79kH9Oy5mxm-DRvNeGrSJ-GYHi6EKH7xTMPTxGO8I_xCjMD3E9h1kyPk78ouFY_K0lAbChthX78_DZ1BRcsPPFEgOdVDrc6EAQCAV8XFpwlp6HqjUpbkD6lPLe_WGVuhotejdUgI4KwlV0KKSzuzoJBDrPCW_AUXvTq4YqDIMJJtq685rq5_bfF71kYuhJLunR0GEZp1kLS9aazuZ-BvauuuqSmUNNX0SYJ9RVxWN4hmbq_2NGyQtkVNpQ891mkV5Gqsu_QtQwPdUCo8v9CjMtT0cSGhOL1rjE1RtV8k0HLiqXG29Wp8dKyfhM3syqN4vmZ43cO3PZlfzl6i6hgHXsOLULUbcI_1f2oZ23E-J9jVU8LsnlFx8X6h2RTn23R5IRAcR2TL9MK1mpMsWqvyLnSUZ2EzPvIstYH3Kj4nfWvpC5SFMSZlIpNGPfcTsB795zQwc0IJIhnnXCQtCZ6EiqeedesXj-4j8yeQABJ0s5xWxOk-nMaw-yY361zOJK2o9oWiU-LESAL2ftGB7O221n7IIqDRHjpNAFB0xN-cPE-JosVVxBLF2M623fAy-U0-vlfsMqn2GeNT94lTeetFWbOvDQ3MjD8yHnbPfpmDBLZ6mzHPIZHjTfb-ORieChV_f-Wg2PxCnpmhNd36leR96vpyBmicROqd8b-y3WhkXpFbA0bv2vMxbvqzoMNFuQD7gR6kvf3gNcjQjvxUOkOwBhu8OrqWVB-YBvNuCWMvAFZ-Mzd6lZsWfby8UhT2WPhjh0YY3DVeGrcjnGfPKgvE9ouht7JvmCNjnM5mhSEfc-yycJoLAh98eoL6WntrQavkjJev7itoYPUBTzxyjn67V7pHfJ2MUjZ0DGhMnBbZb3d5IxFqjviDR4jtsawJ0mg8B2V2YH5ckJc4fgzB5_SfedIGCKG5RxcaJcVJjJZgaljLs_v91rRmlUcm9H2qlagCWtoLvBpH-WtftNlnXKuRXuyM01BxfmWfMRNUeAuK2uDZDWyNAziE5cEbuau_dcrYhlZTy8e4jDlQ9nKNVamX_cUotjS7OmflUWYiyd1YZ0tShOVbFKnhyjXXK7ebO4ww7SSICNsjjOvutOCvfdOG_CoccH1CZ6Ru2u4G-tr____bNI531_ED7AOWH9qROoFx2BEe0_1quy-TtELOjc8NW0GUP6-d0Y9GqGB5z7-AKakN6HRb9WJxP7SylCy2UPPB63XmFFAKHnBxHW4V2QQdEBCLcds7trXVTpMt3AjMedjMNjAJfmRRRy-IdYPYaJcNXGR-n_QXpuCJG1pLvte1br7ucvzW8xZTbHFhvc_dpOTEQmH78zVFbvkGtvmsHMLpWc3Eq4newEF278PS6WSwXqQt5Mb9Y6Tfd5TJ44AtDIlUum4Ol6aLwvMmnBE-aHQvb8OeP2IAKS9uJyu_WPtD2OdLj3nl9oBtcP75hfbZFNZ1_cXoFDZy8PDYrPDwnGtYkvjBT8jxgRubxGxq38WAuhCUBtQpg1LPfOIBszUmYJc5NgcCNF81zKaolyy9BObx9fXAE1yrlGCGr2yaR7_spiHiCzz-xY74PoG0fJNUPLmvgE8ebjFZM0VA0yX_70BwowKS2V_gq6viHNl6sAYWS49cN0g66fnEZnesUN9Aa7W2AOC2ctzzh9gqlezP8ouleOmYOeAaGBEsIJWp66Ooiu_h66wCERQz_4xzPmPne-dqqJv6MPo-Xz1oVcmZ9OsVwC-HUbjwu2R48V8ENhA16MA4NqU0SRXZQ4f_FW4KQe98o5E6qRbTN77sWZpkWUEwe-oO_gQzOZxz7JLFrSxehB-ZkQ5e9E76dm8T5gQFwrUaTQXeyxZwrxfpL0HbKvPc_iMFgAnsnjWPtjkKnUKv741qhwaFNInHvKWaSyZCM7jGlwUI2QLUJiq0mIplMRmmzZ57jFzV5sucvsIrfpXFdrK9eCtWKEFztGYvf38kxwhB8s88VAJFR49cn8wcyVSdgk4ZE-g_0yNPt_IBLIOR2kk7qxpoHJGvkmJqwKRntULCA_MxtjmAb8FKkZAtozOCA9_6H5o1rCQwCD8pC5A84b_OLTiVZGMe6XecUoNAFJ-XW3xrOFOUHzPKhvLfXLCL1uaMhvFFV73QJbZjuUutMl0xtewLZUll0vkRYwyMAeeEKz7zcJo8EFQSBwA6wZ13rmtRNaat2542c0ga1o0Irmcl8Fl5c7gXQ5pxLKWmOW21c7bO15JCJPNSkD9V4Xe-UXadZA7c3D9LwiO-MAzhm6v3VfF2iJWldrWusMdAKNW9OsGV9cIbtH5zhlAtYO0oq4lBJeAvjTOPKV49x5daWSnKs3wHkg4tINTEiBt1NZUtFT8K6EfnYVxj2C57bV21ze8Ozn_REL8y6x0oNgwezBB8uPneitedMo8r-QwrmbdmesqICzKt3DkrRaradTktDow5KjnYk67TqcmxF5rcWtpckhxRTyi6Ropl5sQQtjoNVyLVii_EN4GFRcqg_jEcKaaCzOD2IxnHQgxeUVHDku8gbTmu_BMSMxHzbQm95XjiYMrm68REETLOITb2LTGwy-FCjxAWyz0vcx9Zj4p7F2-caFa8BHcJvQfiWiQTPWyk_quAOHzs2UWKvcsRI6XSGPeOEoBFADtYon6XgBhxAVNqu7yaavO-bO-DgJ0vnPE3tyM5L3nLD5e741dz9dlLsOrILqJf9kTsA2YeH84X62Qsyxkkt0wr0bLL0pEpTs8k63gu-DeKaJU5dEzJaNuIXExhBSpV_BRvG8UPNKwKcfwvEp16V01&cid=CAASPeRoA_lPqZisGL4lO8PaJ2wgbjWGwOBW41kGkdWX2Q_WA1KWx5_rTH2X23skFgKatXFrZ9F8ijQw4TXYni4&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 03:11:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4588
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9263
x-xss-protection: 0
server: cafe
etag: 16747441857000454541
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 03:11:26 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/ Frame 2B60 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210831/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 01:16:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 01:16:10 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2B60 0
61 B 73ms
44ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv608xC17Jgce4nStfJf0uthETftjScFmEVyH2pYOzre5N9i29Fas6WwYMMjizUUEJWdFLoLFPSBk6WRmmq_jTuy0zHqZwJYG_lEcqoGMA6mzSO-J14xmFHurA4uUWn9aLjQl1cjMnGCrjspdOr4J_H3I6PpdqFt5Um9RE64i88431TP55IFlHO1Y_RNDHsuMVklUAfLipI7JNbJYIV6Xdydv-fBUiJsbLcM20hoS03Fbz4Suo2DQ9NHzzdi0dDOlWUseADVq2dkVqY7Qh_mnfwUuwphsNE19KPFZ6DzfmuMAWpS4cA9PMfS2-2DK1sUSZfDWmrPPcEaPd39VJSvWUn0rdiQez9j7JZTcKglIAsq8oNlO_eIa8g4pgrMDmTq4mGHW6fnY2me-aEuDyQjSZ-igCizJACYm9cdFKTQOtEPkjAqztJf4NpFPlTMaxxgmwL3xzoTmlZsGrfFTAYVkO_Cl6fSidN-Y5ySsLApYudrW2T85qSpew9PaN3LmlWxKe2jS0qsWdLCpPqENjaOIjzLEWYzT5sSuF83opRVAtR-VFScovmxbIy0BXd9ChSyNaGtu0R9_3x8tUCkGmh4evQlbEZGUYUekpCMoa74FPr2L-TzSC0O_HhDMq1xkzGB4ALJ3QyMHtAtdwKhBvBvvNcBMRG51nFshpByEIg_RSnQSxvQurq3PZshBdLyKwv2tpyRzMrM2Xk0S_EqNMa4uj_r--DNcw9HlMAWzojnVblD7R67xX3fgCNwYbuozgOr2uP7Wz3P85hUtsBYObKBYq6oxBn8WXoon1yF4LW1ZnZKTTNWiv1-98ZtSoNiaLxRK8XNx9uZ3QVyvghAb5srk5xwp2LNyiKVjXiS6wuTSh4SWN7J7v31DnRahk9oUWK3bWSlwdbNJjPKP7VomW0jnkMru9ZD2z58p1iFVnRVDT1pqa9zQ-qHuhQ1yt31JVd2q10Oe0IIQNvfhtCYqt-jh52u35GMlMHNIZN60RRWWnFRHxVgmrkOGrkgm8NW518HQZYiMa44gfyMeUM7hw2H1C0c2kg-WUuvxLbAVwdXLeeESebRtbO4Hb-_F3fA119kT3HZGIkQ1w4HJvM-iuTNjpzC_BfHbTdetemGOhg6DT4dGX5mBiLiaHfZuk7ozas5yeUEZgpMSboXu_bh4I_Z8kVk8EP69tWWZWhvEy3WcoNV4BaCXQm8g&sai=AMfl-YQdYFW0Z1mzFmhMbXxnIx4ftFtIWaaQr5AD2E1xRtwXnIn5x6E5dcdU5_mf4FgcDBjPhxZz1lhPDcuY7jn1gkaLKlC6qVffDrVu9IzxZnhUVisvjTUcB8uTxAVkoUWrtoxm6vaNq13DxjVlzhHfmbLn8824idH2aYkNipAiGXThh7EZYflpvvirSdufTXBDHTM89_v1aDx6G7r1QsPuAK9ZgIWtt2xNu3UTe49UbA&sig=Cg0ArKJSzIk6gL4j4nykEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210831.76694&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 04 Sep 2021 04:27:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2B60 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 12:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 12:28:31 GMT

GET
H3-29 200 04142021-014925693-300x250.gif
s0.2mdn.net/5521455/ Frame 2B60 2 MB
2 MB 25ms
10ms Image
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/5521455/04142021-014925693-300x250.gif

Requested by

Host: e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
URL: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0d991f07cc8cc18f1a3acbe06e168af9ccb26e33c760b6cf433f9f3485cd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 15:20:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 08:49:25 GMT
server: sffe
age: 47238
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1802162
x-xss-protection: 0
expires: Sat, 04 Sep 2021 15:20:36 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7117 0
23 B 73ms
40ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 72D9 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 05:13:41 GMT
expires: Thu, 01 Sep 2022 05:13:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 256453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 2087 116 B
871 B 157ms
157ms XHR
application/json 2600:9000:2156:400:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:400:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3fbe9ac8b0affe8e4bdec2fec63a1577596cb3377ad23af8b57ff5ed879f36e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 116
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Sat, 04 Sep 2021 04:27:54 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: s81rGw46TiL_RlUvhjplUm_jXB_yWfU9X3qllMTli1VjmLfXqZRStQ==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 184ms
150ms Preflight 2600:9000:2156:400:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

2600:9000:2156:400:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8XFgIUSSZ_hXr7VlLXhbJZ9gRR7VlnB-KeYfYoX34mxNKPqroYi-KA==

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame E19D 116 B
870 B 149ms
149ms XHR
application/json 2600:9000:2156:400:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:400:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3fbe9ac8b0affe8e4bdec2fec63a1577596cb3377ad23af8b57ff5ed879f36e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 116
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Sat, 04 Sep 2021 04:27:54 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: 0dlLrFLavI-RBRYO6eeW7zZLlNKJmiHDa7vvVPrK7lc4-bkMEMbGTA==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 184ms
153ms Preflight 2600:9000:2156:400:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

2600:9000:2156:400:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GabOi0gmrEFcP5NEnSXbsDUEoVZXx4YGCTaLB9zMqNwBrBZBkEmHTg==

GET
DATA 200
OK truncated
/ Frame 7117 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3d4c59262464ac626eec4a5d33c3cd116b43bd515fab22723d2af726e5b90a8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8EC2 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 01 Sep 2021 05:13:41 GMT
expires: Thu, 01 Sep 2022 05:13:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 256453
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2B60 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 921d1de33f247f7219294a6460b8edafb596544e90a175b65f537a24f20612a1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 13991337640087671439
tpc.googlesyndication.com/simgad/ Frame 9C26 124 KB
124 KB 8ms
7ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13991337640087671439

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530243&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673927&bpp=10&bdt=149&idt=264&shv=r20210831&mjsv=m202109010101&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=1&ga_vid=1287187888.1630729674&ga_sid=1630729674&ga_hid=70758983&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1873&biw=1600&bih=1200&isw=300&ish=250&ifk=2425728672&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3704028310640407&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b9p82kmszpio&btvi=1&fsb=1&dtd=277

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33c145990b55dfe153d5e99b1057c5d06f5a3fdfa2a7b1a17b2aa8ff3cbb1726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 03:05:39 GMT
x-content-type-options: nosniff
age: 91335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126870
x-xss-protection: 0
last-modified: Sun, 15 Aug 2021 02:55:31 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 03:05:39 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 9C26 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:24:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 9C26 2 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:21:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C26 122 KB
37 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 9C26 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:09:48 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 9C26 26 KB
11 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 18:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10845
x-xss-protection: 0
server: cafe
etag: 14737611871312058204
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 18:46:31 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2CA4 0
0 36ms
36ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVcAx55QZ4woI8tb3aAdd55PI_IEi9IkhqCkLTlSXcVeBVt0W8SkBKwoh0zLHdjKWTYgFm5RDzu0ylRKVBxXx2X-3f-KrtpM5TdLT-aF2uNqXRqEQrvv_pB9mbAFqvXNcdFZZ2_mG3tJcHD1k-w74gx7kypWJe5Aas_0tOUrpmEwdeb5Xkr7tA5pmbizFpGQvbjKMc4VAkjhsbqnMcRm30x7zVGxszQEEpc8YfbTMC230Z_aU9f3pojKa0IaDwbMoGBBIdOGsIqG7NFje68lbukAXBkkIwqCKwAly6uPVMYw9ESCACxyVXDhlXChmtmAW9xzYGs4Ks4Rat-HaYkPDncyQ&sig=Cg0ArKJSzBtHvDFPyncnEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2CA4 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d739e4202da4367d6efe7444d3a3a17182f27fcdd8c7338d7282cafdad58520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8622
x-xss-protection: 0

GET
H3-29 200 3300553818976041256
tpc.googlesyndication.com/simgad/ Frame 73A8 148 KB
148 KB 7ms
7ms Image
image/gif 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3300553818976041256

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=816031646&pi=t.ma~as.1176616588&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673881&bpp=15&bdt=109&idt=262&shv=r20210831&mjsv=m202108240201&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=2&ga_vid=690623086.1630729674&ga_sid=1630729674&ga_hid=202956110&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=2262215379&scr_x=0&scr_y=0&eid=31062388%2C31062297&oid=3&pvsid=1724332846867215&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6c8wcwrqeye7&fsb=1&dtd=284

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1be8f472a7c51fa0cbe4690d33377bd48164e57663813c0def7ef58399144cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:20:20 GMT
x-content-type-options: nosniff
age: 72454
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151529
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 13:11:08 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 08:20:20 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/ Frame 73A8 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:24:54 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 73A8 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:21:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:21:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 73A8 122 KB
37 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630496346997469"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 73A8 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Sep 2021 04:09:48 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 73A8 0
0 14ms
13ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQT9zvZWRIyHJG4S1jTGGzwVXksGyGdwo7A8pJvTtiutmh53PIudt1eG5to7vsQL_7bI-sT
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=816031646&pi=t.ma~as.1176616588&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673881&bpp=15&bdt=109&idt=262&shv=r20210831&mjsv=m202108240201&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=2&ga_vid=690623086.1630729674&ga_sid=1630729674&ga_hid=202956110&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=2262215379&scr_x=0&scr_y=0&eid=31062388%2C31062297&oid=3&pvsid=1724332846867215&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6c8wcwrqeye7&fsb=1&dtd=284
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/ Frame 73A8 26 KB
11 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210831/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 18:46:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10845
x-xss-protection: 0
server: cafe
etag: 14737611871312058204
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 18:46:31 GMT

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 72D9 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DCE 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530243&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673927&bpp=10&bdt=149&idt=264&shv=r20210831&mjsv=m202109010101&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=1&ga_vid=1287187888.1630729674&ga_sid=1630729674&ga_hid=70758983&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1873&biw=1600&bih=1200&isw=300&ish=250&ifk=2425728672&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3704028310640407&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b9p82kmszpio&btvi=1&fsb=1&dtd=277
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmK1em8mw3sBZ0PAHYkUizFGUQ_OUzkthNyQ_UZic_qkZwBRASrC0FhdLMOgW0; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=272530243&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673927&bpp=10&bdt=149&idt=264&shv=r20210831&mjsv=m202109010101&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=1&ga_vid=1287187888.1630729674&ga_sid=1630729674&ga_hid=70758983&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1873&biw=1600&bih=1200&isw=300&ish=250&ifk=2425728672&scr_x=0&scr_y=0&eid=182982300%2C31062297&oid=3&pvsid=3704028310640407&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.b9p82kmszpio&btvi=1&fsb=1&dtd=277

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 04 Sep 2021 03:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2CA4 17 KB
6 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B736 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=816031646&pi=t.ma~as.1176616588&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673881&bpp=15&bdt=109&idt=262&shv=r20210831&mjsv=m202108240201&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=2&ga_vid=690623086.1630729674&ga_sid=1630729674&ga_hid=202956110&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=2262215379&scr_x=0&scr_y=0&eid=31062388%2C31062297&oid=3&pvsid=1724332846867215&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6c8wcwrqeye7&fsb=1&dtd=284
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmK1em8mw3sBZ0PAHYkUizFGUQ_OUzkthNyQ_UZic_qkZwBRASrC0FhdLMOgW0; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=816031646&pi=t.ma~as.1176616588&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673881&bpp=15&bdt=109&idt=262&shv=r20210831&mjsv=m202108240201&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=2&ga_vid=690623086.1630729674&ga_sid=1630729674&ga_hid=202956110&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=2262215379&scr_x=0&scr_y=0&eid=31062388%2C31062297&oid=3&pvsid=1724332846867215&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6c8wcwrqeye7&fsb=1&dtd=284

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 04 Sep 2021 03:57:38 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 8EC2 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

GET
DATA 200
OK truncated
/ Frame 9C26 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9db91125bfb4ba988f94064f61492ec86f7c4b2c8bd5e280a588abd3b4872e39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 73A8 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: de4fefe726dd6185b6d388713116405e96e568a3d3324548d1e3d744c1b90c33

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9AC6 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 03 Sep 2021 16:41:00 GMT
expires: Sat, 03 Sep 2022 16:41:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 04EE 783 B
530 B 16ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8898fa24d18d72b4cdc1ae5dde786012074f906223e6d7fe0b4a48c8eef1fce4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HedvX142gh0ok6Orddpatw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

expires: Sat, 04 Sep 2021 04:27:54 GMT
date: Sat, 04 Sep 2021 04:27:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-HedvX142gh0ok6Orddpatw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 67B9 0
0 38ms
37ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuuEq7ioOpoFiZkCn5-XKFMJxs388VlJcKLp_ElKGnAMD6ug8cuui8sKYzuDpnU7o8KhYWfEP1rNXaAqQoMR6ISZijOqPzgPiji6M0m6rQjuTdAHuvInLwPlZ271aSHMjxg3cHjcyJcMi7--SvcrNoXrF2OpfKY0PJzSwJgeged3DMEaXPZAr6gj5-1bEcC3xeRnO4dwYSh6BjOkcfXr6HBwvwjR7rkHAemVEW4rUF-y8zDAHKhzTUHkTqjVIKTel88j7LqZfAeFY9Od65h_MnijbwK8lgdvDUJyHqSr7PyTJatukz8Z5zYu24pDsXAmOg0JU8VQ0M9ThWas08gFJVudBvurQ&sig=Cg0ArKJSzHlYioFowSMsEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 67B9 11 KB
8 KB 24ms
23ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8530cade1947d725cb27c08a6a840cfd711bab775b77977b8e08ea77449daada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8595
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6DCE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmK1em8mw3sBZ0PAHYkUizFGUQ_OUzkthNyQ_UZic_qkZwBRASrC0FhdLMOgW0; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Sep 2021 04:27:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 04-Sep-2021 05:27:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 04 Sep 2021 04:27:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Sep 2021 04:27:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CE0 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B28 0
0 39ms
39ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWF96QLuK-7G84vgUiMjFrKmVmgMCrwzUAcgw3KUkBi4DjRcCnHMfOEnpkeBA-6dXZlDnjtioc_S0MBS3UwemOq3BsA80PnxY0cMtaksrPmgoYN9QzZwnV1Shz-Pv1gf41WphUKsFoaR6mukSP3LeeSNTe3FB-7H_uVDrW1yIs1YiRXDcOaKlKeo3rta06SJvXHlBNboEhnlVhRc6gdgNZtzHgdQfJpaIRPxyMjaYLe0hMcxZWYFShWeRAhkWvWxNHCqllfAt4hyG124BHlTf2AtIhA_hKagi0XwR6p_3KXX1CoiiESDfObImGhMWj5abe5qbCmq5Vnw3glYnLQt5fcb9aE3-YKQ&sig=Cg0ArKJSzCnDJfuCQp3hEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9B28 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210831&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ffdd97134640d7ca89f48eaa7e8eddf9aeacba9dd979c83e52b5034e49d6f82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8631
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B736
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmK1em8mw3sBZ0PAHYkUizFGUQ_OUzkthNyQ_UZic_qkZwBRASrC0FhdLMOgW0; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Sep 2021 04:27:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sat, 04-Sep-2021 05:27:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 04 Sep 2021 04:27:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Sep 2021 04:27:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 67B9 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B48 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ Frame 36DD 132 KB
39 KB 10ms
6ms Script
application/javascript 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5dc7ad3b3d9dffc2b9c95809de7a9ef6b5d9da3fd729c7cc5b116516ea7e6d4

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: kJMT9meJGpUB0zEsyDn5cumlXI8dkxWH
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 07:51:50 GMT
server: AmazonS3
age: 46154
etag: W/"6fd5a7225ddda220c0191533314e34e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
date: Fri, 03 Sep 2021 15:38:41 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HExCmaGzkqIfpjdANL0JeE1BeWP110Ug3bGNcXtI3cgQEGVxQDSEvQ==

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ Frame 36DD 132 KB
39 KB 14ms
11ms Script
application/javascript 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11a05afbf5502a5ee1f76168de53e9f2b18e5dccfce9f8488b040cbe6ff016c4

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:09:56 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:09:52 GMT
server: AmazonS3
age: 73079
etag: W/"afe56ce02ecafca022a24ddb31c9c756"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-version-id: jeI0yvEpalr_BHIWvTTvKdCqKuIBs5Hx
x-amz-cf-id: AXYuktgtNnzwG0hYSGJ8bXTPJuRdXsW5otU4s_OIrnIca2KHnm2A_A==

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ Frame DB70 132 KB
39 KB 12ms
9ms Script
application/javascript 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5dc7ad3b3d9dffc2b9c95809de7a9ef6b5d9da3fd729c7cc5b116516ea7e6d4

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: kJMT9meJGpUB0zEsyDn5cumlXI8dkxWH
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 07:51:50 GMT
server: AmazonS3
age: 46154
etag: W/"6fd5a7225ddda220c0191533314e34e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
date: Fri, 03 Sep 2021 15:38:41 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RiLj0lLTH9ZKzLqTTOtECFdh-GeCKYGXvV11WT4GrpER4MeCu40d5w==

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ Frame DB70 132 KB
39 KB 16ms
14ms Script
application/javascript 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11a05afbf5502a5ee1f76168de53e9f2b18e5dccfce9f8488b040cbe6ff016c4

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:09:56 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:09:52 GMT
server: AmazonS3
age: 73079
etag: W/"afe56ce02ecafca022a24ddb31c9c756"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-version-id: jeI0yvEpalr_BHIWvTTvKdCqKuIBs5Hx
x-amz-cf-id: CEYGWVXCmSlEVKphUmbIDScDTpP-YCPrr5jO-longw3GGz7o9ejwdQ==

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9B28 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:54 GMT

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 201 B
466 B 27ms
26ms Script
text/javascript 67.27.234.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.234.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 24 Aug 2021 05:58:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 944981
ETag: "2c454-c9-54a227db65c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
jake_test: Test_Pass

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
81ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210831&jk=2172006518661525&bg=!vL-lv_vNAAYJpm41CaY7ACkAdvg8WlhpDFa1JuNmAuTTfgJGS193a0j5xSDeAXHZz-ZP6PIYUA5WKQIAAAE6UgAAAC1oAQcKAKz1WEVGS6VVmF2_xrK5b04JqaCBY7kwLHceo1tqp-mWs6dadeUXNPybZ3IWN9v4tBoU2RM0ZTmVEhw5g6gHyOFWuuA9fI9kFOYpsm-LdQ03G6t4QGAPbHr6YEcGxlcxh59rclQbpS7QD-jyHCz25G961YFejfU3Iqcmaigz-n0RYrVoDpzA0p_q0YuadYRV5OCK5pCzdN3u7KeeEsaa_W7wIO_c9gwr62a4GmsLmQJ9B49tsZCHyndxljCUoyc6v2gYdPa34H7PF7RvbFtedBNV3UuSb9yNJmR4p9576ejyJ6dQuO-qv13LZrFM9m7kQmlppTNaBYQDfVPimkceUlatAjzdVxl1NFwPs9KHFJ7X-SDI6GN26pXGIFlLUvQcyoLm801xf8QaLEL4KEI2K05O_8EB57bAwziOd10Vjr1oVaize6Q_p4GNypBtrCNg_xWj5U7Q6cHoGL1KNFPSrJsSmn4dCNPtlOEE67486YNFVQMC5C1pP5birZ3PUXmhdGQPUKmCzMGxbwf7W_0byjvK7B3CteI53J4ngAggccn1rmQ6n0QWv7ipItci2TZgM-rEVxgQun2U-Wuh5owpBaXmwY2oRPBK15SGf6AjNfl-n0DB-6uWP7HMJEZzVGR1WwNIJfQ6rA7fOa1q55BVsHilkpfFIK9fzNqj77xQbba9kXJlHssb7w-3okpB3HyFBDmeU9MdG_xIWOBGCP-P4vo0yKaLdgbaYG9kL4-w_ix4leEzeco6exmT96HGwMJUse8pIj-4ktTIiQmTxFwWB-UV278lU9PDE9s7SUt1yJ6ottrI8dVWnZAk0TWhkZR7vmZy5H6W6r-lVxrYmdV-XwdHnUU3Vv7uqVSLGhXWMYLQ5RLgINa7uHhnQzTSpwVXoVtEfFpaTugMMW2DTw7My-5XYEEW-WMbFDJ-qd-6S4wAMnGM5GIK8n5VKye3e0Rx2UPNMUicAvwQK1eya94_74CemZ8vkQAZPLVKuJmbdS-snJwaAN8fRY6olBdRV03GdaT89ZRIJfpfBGsuhMcNZ2Q39qOZ0WfEtXFuE0F3H7Fc9k9IS5w-NVQu4Z6oFQ
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 078E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 03 Sep 2021 16:41:00 GMT
expires: Sat, 03 Sep 2022 16:41:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AFFE 783 B
534 B 18ms
17ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c4813d0e2e955fa901604a50ffd7ba030fe03307a97e2f842f337b4a4423b8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XgQCPi52y6r7pwElcxOivQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 04 Sep 2021 04:27:54 GMT
date: Sat, 04 Sep 2021 04:27:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-XgQCPi52y6r7pwElcxOivQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ 132 KB
39 KB 7ms
6ms Script
application/javascript 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5dc7ad3b3d9dffc2b9c95809de7a9ef6b5d9da3fd729c7cc5b116516ea7e6d4

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: kJMT9meJGpUB0zEsyDn5cumlXI8dkxWH
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 07:51:50 GMT
server: AmazonS3
age: 46154
etag: W/"6fd5a7225ddda220c0191533314e34e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
date: Fri, 03 Sep 2021 15:38:41 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: CnK4-Liu1r8RmzWtJO69_adf94H_BCsjd3vi2aUpRXIjgXR-UqX6hA==

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 132 KB
39 KB 7ms
6ms Script
application/javascript 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 11a05afbf5502a5ee1f76168de53e9f2b18e5dccfce9f8488b040cbe6ff016c4

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 08:09:56 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:09:52 GMT
server: AmazonS3
age: 73079
etag: W/"afe56ce02ecafca022a24ddb31c9c756"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-version-id: jeI0yvEpalr_BHIWvTTvKdCqKuIBs5Hx
x-amz-cf-id: 0th6ek3W58-YXIz2c6KZOYR5dMjmBguKyw24Ie9RYihdfzsvpSNoIQ==

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 99E0 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 03 Sep 2021 16:41:00 GMT
expires: Sat, 03 Sep 2022 16:41:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 42415
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 149D 783 B
531 B 16ms
15ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

930fa33a0b9938b3cf5dc4b3c3e35d0d66e9a4f6f6dc05fdbc67b3260637cc06

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a927WhnQU3iha9sxr/B/yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

expires: Sat, 04 Sep 2021 04:27:55 GMT
date: Sat, 04 Sep 2021 04:27:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-a927WhnQU3iha9sxr/B/yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AC6 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2B60 0
23 B 38ms
38ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 5ABB 42 KB
15 KB 6ms
6ms Document
text/html 2600:9000:2156:ac00:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ac00:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method: GET
:authority: cdn1.avantisvideo.com
:scheme: https
:path: /connect/u_d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
date: Fri, 03 Sep 2021 05:41:35 GMT
last-modified: Tue, 30 Mar 2021 10:01:49 GMT
etag: W/"f5694815436f3e426c35d9ae8274ad04"
x-amz-version-id: Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 450LaJFxxrbBfAlkX36ZIoMVZ7hz-m4HRCbFUju36wBaYIcHV5Vgsg==
age: 81981

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 72D9 0
20 B 19ms
17ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bs6afyvUyYZG_BL-S9u8P9JC-kA4AAAAAOAHgBAI&bg=!ZmWlZSHNAAYJpm41CaY7ACkAdvg8Wgnk7R0B93hZicinHrgm_H1XNb-ytXMZoYqB-GMEwWCT1UiIuwIAAAFaUgAAAEJoAQcKABzqIQed85G9hHgfJl1Z2rO_ALuC2jutok4wD8M5mQLOfs5_CvxnzoFEhKMKle3yza1jIc6z1T7SFzW0kBKuFpE1znh66D5TX6ETz_IUOXDj7OhiLzJ9VDt_AHXkgnp1ZU82hwqtvDiLRaWhF2lE3eo3hRuPDwjJUsi5Bt_fm0fgbwKllZqYNQnjZQMOraedet0jD10DkZcpdi3981aUdAWoF1woukLY98-9qvN6BNZ0nQwdwo6DCUU5AEjacs-xK2XK76KawG3kXFJ7I6wiWSntd3DsvGf4vJVlsQMZxzDdnG66A-1sIUzZC11P9T3bqe9tbdOi-0o8AfaAZDsDKyf3YaXA1jMakW_7sSDzhHKWy3hHpRi_o-3k12ECUlPT1ScQ8ETPinAWyHx4gSemBJqXbxZ21UFY8mrPysmFGGQaEcZn8tucEfFoXJ3VHSve4w2i_dTCEcDzHk7UlCTk1egfySW7RwgunuikTkhW4G1Jme66Wc0qVHshhZl4OCKG6FzvQOx-XFlBb9CwitCpk4_ih3sA1LBe5qqPFQ53TLuNBT6CY7ciDwvQu2I6KkfpYZp1REcv4khlVVlyuCTDVeyNmgcmujbqVzFA17p67mJhNdqUta6VaS0Bh4_hi3hJk_3eY3Zg3lVAhmsEANpwT4YFKKfnVTithohtbSmhD6iqPtyBVyNDrj7MtOVpH5BxKSXn5O5NB_STIkMab1lujyvlQb9xrRaAdhTpj3kiXGN__K5W9vNEaQ5LxDG3-Rxuj7sZOiCYOasgGM47oGqdD3Dcq53E4Wvfl-fQusLUabP_4MSPHC812LOCBwenSEVLT0a676kYTnnArNsC6h29lyNy4Usphmg2r1UFDl81PhJUFMeFziujKIaKdiFzQzzzggrEkZb1dIFFMDhiE_24vPp9-ld7g5Wy1gsgHGZR8JaNSL_d7it2V9ccjdJXif1xJtQzqe_xJNZkKWDtlhK-LC75G6XLyUkA9Tm3p8uYHw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8EC2 0
20 B 17ms
16ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQQMDyvUyYdLJBsfC7_UPrqqH-AUAAAAAOAHgBAI&bg=!zs2lzYnNAAYJpm41CaY7ACkAdvg8Wr1FdYzRV81XAGusDgyWT9EAnxr04Z8HFrBTDe6KkpRoemFPCAIAAAF7UgAAAD5oAQcKAHgebF1y-ZW--nMW9PxIR7Stx5c9BhqgpqBwNIRvvd8faRes70LLUCkmWLs8iBAp_t84UvmL-a2BrY5BGLJnaCFqGiUarsDTb5NhZnAx4MaYBiQnmuQ9nH_v8KdJ16JOiSZ3VESB5iAGF4ks7KJC6Jq_4VxOTGIdziyZAsZ1fjtu5jXEtgynLTcqv_X7XV6LNeEmQXzdxs2mdGU2tAexHMKbtjSsRlHtuM747JLHqR29SDF55uJS7vChG_cr4mNjPT5h0jIxM0rUBsGJjUCOQ-SESvmd3kaJ3tvk-KT2UXi8ZSqB-agFFyPLKJg6yir2aZVyWPEk64E3tTYYAKmmuRGna2NcYh7hBs8in0pcacrG3kBXw7L6A58rUgBXz7TvVvBw5qM_jAvF4-6AUYklyvOTpDYMstqI1RiluoD-eG9PbHOqCBr02aQX2SqwDPmr7czJ9NljAOagjWD6e7nKiYzsW8Pp4WDCmB3ZTmQkLohzzcqvhT-OhwYcs1OWJ7xVk4_BN7Bx1c6sxbR_H6EUFQrIsTmbMiXfGsuCE3-aYnriIGg8_d8yoFHm6vG8Q-UE6fSJUYxTsIrUlomD4zXRsSC1VswBkPTr3aFO255EwXJf-Sq89YZUuHGjMg6x9mA37xucdzppKEV9b4GkaSn1G12fk8EwyK2ngmHEBye_0vYzyJ2s8NBMSyaojo6gPXuw6OflR9eeFjn1DQGtHtbnbELSkgIJqcjvoRa523aLIc9Hj_Y-vi1tfveSglxJuJSuwoAQjtMEZtI7dkq0GADJmzLZJYq36_pPvQNjGoH5T0wO9sclH9wl-Mh64t8HHwCxOPqWAabAD1RdSM4EIOI-eojFti6JY2nJ0f7rBwbc9pfAeZyRWjqdd17L00KbY1TXkFPeQs4nobTDuF43Xqq3lNJwCzm5Bjd3z3uNIstra1I_SgVIQ3dl72S9cSuCwUoGygUgpBS2WZ1uRII5hXOD5L7LMwag9WrH547__azP_qpttATAtkzLrFR7EhMJuZT1kTCZBCxEO2IgN85dYhyPnbZaJPculROMRp8pZzp5p5Cb5t5eoq1BsFlfTRc82H56MHajTG_I5u2gt265it6c-ZVVlg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 5ABB 116 B
870 B 307ms
307ms XHR
application/json 2600:9000:2156:400:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:400:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3fbe9ac8b0affe8e4bdec2fec63a1577596cb3377ad23af8b57ff5ed879f36e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 116
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Sat, 04 Sep 2021 04:27:55 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: f0HLdTZf3oYKvtZ-f4AiZhUn4K2bx1UfNmUfXMv3P6AUCJh6l3ttxg==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 149ms
149ms Preflight 2600:9000:2156:400:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

2600:9000:2156:400:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 04 Sep 2021 04:27:55 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Zh19QOeprAjxfiZVKzeSaIboUE2cmtSXVVsCLnh7Z2Yt8-7Sokl7UQ==

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 078E 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

GET
H3-29 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 99E0 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 15:26:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 306084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 31 Aug 2022 15:26:31 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7117 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzz-Q4EN9KwLRHc1WaQna8VxfwJGtJCXAzK3ZLqYcnjtBTqdX3OBcvgmwaRoi_qz2rQR-9qCKQALlN-4i_fpU1vJzK3AL-loE_tL8Fgi6I79sk1ZNlgxCgNcqHCg&sai=AMfl-YTY6tL2hNap72kMWXpkV3luG3zfzX0aPeW96rFoOvQYAHOYPGNyv0OPR9EXEgJzRHb6upUoPVWwVv9BRVFg_EaGDC80l5I73f-fg-T3Mw6hDDxJgsOq3jAbbxg&sig=Cg0ArKJSzBFdF0FojiljEAE&cid=CAASPeRo7nY3797crkvO7a-FlIugt8XZuV1YvApWkSL-MDqr0qNpdXK7clGtDvOqcQT0lV0X9qbBxUTgusDhg0k&id=lidar2&mcvt=1026&p=47,560,141,1288&asp=47,560,141,1288&mtos=0,1026,1026,1026,1026&tos=0,1026,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&app=0&itpl=20&adk=3914305483&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630729673741&rpt=676&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B60 42 B
64 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEBQjcZOz9RNwvDM1tV68nosDUh37VWVq9PzSq4R5GDHEfcPyMm46O27JJlc7AbTq_v5r7q2af1wLG0tcyowhrg9EZ5yj1YU-Pu5AIqo_I6c2BRuQRiCv2glggmw&sai=AMfl-YSkbbvNAcYtqfdlmINUaOQrAWElRgcTfGN_MzEN7Nk1lhHdlgelGcXk-8gzvp19-x4rMLLN12NobkPRSVlU6keTr4kFORSRhNorh6JRHiiQAInFZ3GgdoDNd04&sig=Cg0ArKJSzGj3bwWWduWnEAE&cid=CAASPeRoA_lPqZisGL4lO8PaJ2wgbjWGwOBW41kGkdWX2Q_WA1KWx5_rTH2X23skFgKatXFrZ9F8ijQw4TXYni4&id=lidar2&mcvt=1015&p=236,970,490,1270&asp=236,970,490,1270&mtos=0,1015,1015,1015,1015&tos=0,1015,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=1127719608&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630729673744&rpt=723&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2CA4 0
0 51ms
51ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210831&jk=2386615321560936&bg=!tLelt_PNAAYJpm41CaY7ACkAdvg8Wi3Mv_3l4PqUqc48y-Luo6IexlFiUqzGgEeNTf9xPmcyQHM1SgIAAAFSUgAAADFoAQcKAFEevLtY9mkGcdCk8335tfhilZ7GJdVPDJy7D5JqS2UQ9LLPqkKMUfhhH-RcK4Vt2xQFXLIxdbY5fVDaNsgGFioQX4Nyil1JnZRrDifbUTmNvpmZAq3b2ZcmPg6HDKRAwAfuOjOW5AU0LNrxj8O3AXDPbbcM5KlEVDWb2mUOdKRpARpya2b1EuVVbvKp7DYSJpLzqjA5igdmCvnkMjQE9C6h5RwP55HG16y6-W_8TK6v--xxEXpjGkDNfOwVIgU_U3bY6cG8llvx-unmUTNDUcdij7Mz4a_9ImMtrRU4d_l2FdC3pf0tjCoSFjkRiG-bQXdJEcwAEcP4nnT9hk9dxbgXAk2E6aXsfNwdXqR_m6FwRGqCtzLe5PV0LEdNoVbYMkBeH-xPTTUDJGBcJYKiC4ljCA14wOVg_lL6PGfl9p7teq6jncDPamr4fIh7d5pcqbUZG4VkZRK8saKRIELB_23mFM-CkpoLDeOB48QNI1z1jeCQnYcSp1q675V-tK4m7QnowgTISSshO-2LnSKNhEkaF-K298gpTiAfwlH5EopXaElSLSYr2nzdfviDPJnGYCk6b0HwQZJVLL4HdmXMq8l_5VUXk3bDEt6YrOWML58Y1fK1Z24VKPhBfPKfmwHCOu7q6ognDAjsPhnacJGH9N3gd8VFrulHeTPFKqNkfIT0qu5BcRRwuVvQ4Tx0uSpl711h9-nbRGEYFoLYtnMRKKqORM8bBQW3HPEliPzvyZ-xQMv9bCoWGoHylYLlpZLRbhFpFMI88V1aiu4l3AoM2_l5jpQQbuxe0fe_9HdQNzJtS3TFAQEiHQuLE9Ibr5_OidDr14k9vHxdpwTOLBag2VSVGpV2Yur16MmgfEpunPPmhUgFKVkae_9rPSvnTTC7tBinOGVAsRFDOMPI6iEKierp0v-OkEeNlVwu3F19KkO95qG8osyyc5xRjeOvOCGA0_0PLwowzvEQFayHb4oS4z_YjalpRiOiDTLq7am7VpNwErJklozNaBuBtfe6aWw2zRJM
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 67B9 0
0 49ms
48ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210831&jk=3704028310640407&bg=!NzSlNHDNAAYJpm41CaY7ACkAdvg8WkKhyBxFuZPVEJGv-XMTvJjQW03asREZyJ0HjM4xffCnd4wKiAIAAAEyUgAAABBoAQcKAJp6Rw49YO0XdSn08PcXcEtcSsdCNXg5XN7CBXgAywuD_eduAmH9-T6YMCWZMZLDbdY_Hrf63RKykSkufWQxLmpdYD38yf7OCSEhr4q1I_rLE6xHTOYsHIWHeZUSm9nDPOiR37MJaRYXx8dVv0FVQdcott7s-e3-Nz1g7W02b5Rybo3fqmLNQuIToO_2WXYj9JQNMRFXldbDHiO4mQKSQ1-4DDRdrEalc8KhY2bKALzWUmX_22gMoGOD4HnnPNoR-n6dmWIl28IVEsYvsbexK0NGi9WaYuva98Pec9i0_sGhoZ1xbG08PjSV64K_jxgMPTwBbmyJruVrc6h_gfieJvNbzBBAWNCyI19vuiA3td2x1IEtNIAKzRblsYEavdtnrsBhw7UXwryDNQKPtg0EcRn3ODq5vRCuGRjnvcIdUBoAW4fzcQluU00aL0kElH-lVVO_DakCQQvFMgV8WZ5f134UVvqXBl2uf6vPcCHG1PXS4vbsFFGLMcoOge3527NqHMxyORqn9RExmkphTZJ31zIuyJJ8DeQuuh3puVFF3HvntW4A0ThXrOIotjsV5eunLoDjIl6JWGBtncHmG-ZdJPf_mmqBJ2jmfSU_t93hpgpLwC9B6ltFNJTlhsnt7HoN8_Ifk2GE4RnwIHehQNRKJAxyIp73kkudq3BB9rI4WL4ipbyP_UnhSWolFl8Sf146IVapGTBYEI5fjTU5iCUNNul2aKjm4QW5agfz5UKBDZA12AIZz-cI81VlMg5VeAfSQYAUX78UQJ5tpTHZsI2ByLuB0QyOtxW6ib2bQ4-X06056dpSzAKhUYtfO0O8pv38cwcFNVSIKh4W-zgi1B_XDRxM7Ne7kGC6Dpc2XF3FuiMhb0taoFZ7aSQ6xTWxoeO9e7P8_vDslp_vKmqErKPUerxS0lu1fRhkOj5Y5ldqIuGfo6D7-FBPkM_cshm2-JKvPpM4Blg1IxFn_x3Up2CS-licmwPZNH64H7TL2Pvlv8Rc_XynPq33KxC1N2urcJoAhk2gkcCLuoMnIO3gB3q_4R9PS6JgqGRliZm9KAjInS011U7CTFk2Fyx88X9NK0D00g
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9B28 0
0 34ms
33ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210831&jk=1724332846867215&bg=!m5ilmNzNAAYJpm41CaY7ACkAdvg8WjwP4smlgjcHg7TMMDxX-3D0bjivV0-Yb8GT1JR9Vsp4YGR3MwIAAAEXUgAAABJoAQcKAOvbZBT82Bv5QkSk05eyQq6ncuCTR9J98RrYugzX6_byBYdnoZMIsxQj3rZDvg78v4WlkljhdBC9Vn2P4LgmFqrFvhelj5FBvh_cDHf9Srj44KNxOSSs3JJtx7xja1tqH_yAOszMuN5sV4rhxgAyYCOHH_b-msilYvRW-A7q-JfFkq-dqlRo3Z2Zb9H1ZUpqxTL4tGxoUQFW6eoi-h2_G4RirJxkTh91ksRn_S_LlrRKwUGLfRHWJmjwcOt9lfFbpEbkd3dWgCx7gtoIYyssMMpQntlAkuHE3V1J4ysxGEWxrhZmSp2qGME7uBXzmQKn0MWpoXiYfKXOHbpavXVgKvM8FWiErHBCF3y4wG-NtVPrU-kDdodupFDRUTcbA-d9vqQo_kopR7b3gu10JtVlOBSptkjzz0uK4KKtArlftvCh9roWyN3IURIbICSB7WjfPm-bmkcdKJW-sFTrKdzM8ZeHnLeqyLvRMs2bob06m01t9EF4o1hG-ORMr_Z0ZXBcgOEkkes1kaX4V-8GuIU0ltPIAz6Np6fENYS1Wsh51VoKDTZR5H6BFQZirGBtqKsWtXSZK-8sFfmV-VTNpO2Yphjl7KDSFArwd_nV66zYytpZhMTzCLimzizMWWT_5JU2mqUdwdJPK0DXmqYNnZxWzH1DGf8rHJV_xxzzd-ndYa4jg8RA7l4rrz07wFGX_OsFL3NuhgeXXS5d3JpkrRbxBGDZRRbfnhG2NbsA5qPEzKF38q9EdZ32UfJ2bGnnzOd9aLTuPVDeRuf4FGBNLWgBIKzlE_h_JSRz2mz54jPYgC4jMVuKc3S411VHAbde455U194wUVlVJI_bukwd3i8u-icLoHArji3PSlXPoQwR836yFPdZmTrG5ZIQvC0G64RR4Kqe-6_7GoUqsgiFkcd2GN-e6i5gogm6xWPfzvOyIkVjHSLdImNp94UALx4oe-fqkEjg5c2JertU7CY1XW109wWwbf_2nd7-RW8lnZK97SlgsPnvKX6rbpu_p-xF6Dxok1Xe_B1N7EN2Mi3xMOfCmUYP1zE03AlPGqgEmny1IyqQNzProHjf_c1muYhkG46hDRJEqcbI0i-g-GX-J7D3QOWW1KAnU49eESlkIsTZ8AiUGzar3QK-DaYqyfwwm87QR-Pu5epn3wGMHWrN2yT3ewTtLaoI82a9uQVxZHHVA2GhaR5TeJ0pO-YU7larflR0dfZt8jbj5A
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 73A8 0
0 18ms
17ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwjhHyvUyYav-Cvaxx_APuoKWoAWti5mRZKbxu7qWDvOAmvuSKRABIO_2kCFglQKgAenf2r4CyAEDqQK3zvaIH-6zPqgDAaoE0wFP0A5l8wqdeJM-E-EsVt1PI9gBS6lzL9C6BUGtwk5dal_lJGPZd_bn1x05AnoSoiJveYVdfdWwjkuq_fczLsIO3aF0NgGP-qqp9zm6UFbxR9q7Nfxgm7YI8zkcla52pi1Q1T0W_3ZMYDCBjFC_j0qZP5Im3c6ayrmXbgdOGQOkyAccNZMmtgQi-q_awgxCJkIMP4x9vkbiBicIpw1Z-gKOaqyn7zs2MHIcw_wAZnADyXkplpogRWcs4JVBEIEHczPKA1Pg4LqsR92zdc3EFl9981KpwATg17iE1wOgBgOAB_-fpcEBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIgOGAcBABGB2xCRqThSeDamHVgAoDmAsByAsBuAwB2BMD0BUBgBcB&sigh=5qYjeEb9Ras&vt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=1176616588&adk=318829804&adf=816031646&pi=t.ma~as.1176616588&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630729673881&bpp=15&bdt=109&idt=262&shv=r20210831&mjsv=m202108240201&ptt=5&saldr=sa&correlator=8470767941255&frm=23&ife=4&pv=2&ga_vid=690623086.1630729674&ga_sid=1630729674&ga_hid=202956110&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=518&biw=1600&bih=1200&isw=300&ish=250&ifk=2262215379&scr_x=0&scr_y=0&eid=31062388%2C31062297&oid=3&pvsid=1724332846867215&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6c8wcwrqeye7&fsb=1&dtd=284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 04 Sep 2021 04:27:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 73A8 42 B
64 B 23ms
22ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6ydTdqwjnnY73D1uRyiikSpvwUoHrdQaOGpQCYetUGmNhc4mLDCkhmseeh8ZCdpcdwc_m4F893WKSIStYlzm7aP-6M775TfRo9YfSJZSstXj-6cxrtkuT2eysXxKnvlUPWBN2UoGDDBprZVkLSOUL&sai=AMfl-YTKTnSjHXd3fjDhfH3b0ek-2VLF2YtDOYbW4njEgILTqL-aoagiQbjUjdvnWaqWE84giu1zw8Lpaa_DnCfH-R9KHcAfFOfSAFQ&sig=Cg0ArKJSzAV70W1ZIJcXEAE&cid=CAASPeRozMAuFlnbwZGb3D7E-_TnG6BL_y70F9yHN8zr0NVs35mHGHU9vsYBOML0yPfFfxIkDRL8x8hIdwZNNA8&id=lidar2&mcvt=1010&p=0,0,250,300&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20210901&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=318829804&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630729674166&rpt=441&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 571ms
187ms Ping
text/plain 52.34.57.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ 2 KB
2 KB 148ms
147ms XHR
text/plain 2600:9000:2156:400:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=Email2&browser=chrome&utm=Email2&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&eu=true&country=DE&hour=6

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:400:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

5010abc38d335ee8205f1ebf7d7c29fbc266076903263054feb2a070a16a4633

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 04 Sep 2021 04:27:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 0
access-control-allow-origin: https://www.123greetings.com
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: wk4fbnoZ40KB2zjYARLyNUnwvgAQZb1EtUAQd0I-dvnoRPReSEwohg==

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame 0
0 149ms
149ms Preflight 2600:9000:2156:400:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

2600:9000:2156:400:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 04 Sep 2021 04:27:55 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type
x-cache: Miss from cloudfront
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: x3L2zl2uvtPtMVuJq_hPAcue87bYvowux9LbzTvlUP9CpcidehUGfg==

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B28 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBVtfvNkNh-wRJGkMP9t1mOZi1-zZv0o9lBz-ms3zK_o2tUg31Dq2WBE5F1VR2Eu_70y3OSLPJRyVAP7G51R_B6GtWmOgtUqdGm_LPyjehGeMMlwg3&sig=Cg0ArKJSzL4lWZYNCEMcEAE&id=lidar2&mcvt=1000&p=518,970,768,1270&asp=518,970,768,1270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210901&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=4293624944&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630729673772&rpt=986&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
739 B 27ms
6ms Script
text/javascript 2a02:26f0:6c00:28a::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:27:55 GMT
X-GUploader-UploadID: ABg5-UzuRsLKTUnE2j8TsFca2KTLvRt8NxnctG4I2-AHPJ54zUAh9bpPAQfezSx8RQX9PoHELvXaxJL-R91NukoaSB8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Sat, 04 Sep 2021 04:57:55 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ 25 KB
10 KB 20ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ace30162bc4c525e70b147c8f9a10292d592353f78dcd0530d132156cb194e98

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsE5y69JHHi7Qf35wRVtV5sGTxNryH5cRbV7LY6aITSWNVFIuyvSj6eVsvdVN21xeKrK-a0VkM32Jf62RERASIrb1qAsA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 9184
last-modified: Wed, 25 Aug 2021 05:53:06 GMT
server: UploadServer
etag: "96cd7da6b3d7cb2e82e24f1f71da69ae"
vary: Accept-Encoding
x-goog-hash: crc32c=Ahy0VA==, md5=ls19prPXyy6C4k8fcdpprg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1629870786787602
access-control-expose-headers: Content-Type
cache-control: no-transform, max-age=300
x-goog-stored-content-length: 9184
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 04 Sep 2021 04:32:56 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame CA3A 346 KB
98 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1459debe4ae50fd8d33bf2b2ea987bb180ddb9a66014c4bec96ca790e7d123b1

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvLQxAAENPGHOr5NZjC_tyoO5WKEEW2C7BKhZG3wO4LXlPF_GxotWnFuB_1nS1Vo9jUZPAwEAPBJLtPLgXop98
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99995
last-modified: Wed, 25 Aug 2021 05:52:40 GMT
server: UploadServer
etag: "2272c99eaa1581a4dad17d82a7e6863a"
vary: Accept-Encoding
x-goog-hash: crc32c=0WMWDQ==, md5=InLJnqoVgaTa0X2Cp+aGOg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1629870760547112
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99995
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 04 Sep 2021 04:32:56 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 520F 346 KB
98 KB 13ms
13ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 1459debe4ae50fd8d33bf2b2ea987bb180ddb9a66014c4bec96ca790e7d123b1

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvLQxAAENPGHOr5NZjC_tyoO5WKEEW2C7BKhZG3wO4LXlPF_GxotWnFuB_1nS1Vo9jUZPAwEAPBJLtPLgXop98
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 99995
last-modified: Wed, 25 Aug 2021 05:52:40 GMT
server: UploadServer
etag: "2272c99eaa1581a4dad17d82a7e6863a"
vary: Accept-Encoding
x-goog-hash: crc32c=0WMWDQ==, md5=InLJnqoVgaTa0X2Cp+aGOg==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1629870760547112
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 99995
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 04 Sep 2021 04:32:56 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 319ms
103ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.123greetings.com&sn=Email2&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5e5bd1f528a0610dd725f7d8&stagid=&stplid=&e=inventory&vi=100&cb=1630729676130
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 307ms
104ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.123greetings.com&sn=Email2&ic=0&tgt=0&app=&wi=600&he=338&test=&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5ec3e3871f5e5c792c20f9f7&stagid=&stplid=&e=inventory&vi=100&cb=1630729676142
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 10 KB
3 KB 332ms
114ms XHR
application/json 52.1.46.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&utm_medium=Special_NL&utm_campaign=SNL_sep21_events&AV_SUBID=Email2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&format=json&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=676129&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1630729676152
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.46.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-46-74.compute-1.amazonaws.com
Software: /
Resource Hash: b0b2dbc2b45b27b3bf32502ea2ef7cc3bce1025d91972489a9d4c3641553df31

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Mon, 23 Aug 2021 14:41:16 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 190ms
190ms Ping
text/plain 52.34.57.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 10 KB
3 KB 586ms
373ms XHR
application/json 52.1.46.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&utm_medium=Special_NL&utm_campaign=SNL_sep21_events&AV_SUBID=Email2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5ec3e3871f5e5c792c20f9f7&format=json&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=676142&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1630729676159
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.46.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-46-74.compute-1.amazonaws.com
Software: /
Resource Hash: 7a50e857a45e0b8eb897f1056a8dd0ed3cace773bc197aabf8a68b9c158611b2

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Mon, 23 Aug 2021 14:41:16 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 269ms
269ms Ping
text/plain 52.34.57.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 8062
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1630729676418-932538396603-007976-002-004453%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1630729676418-932538396603-007976-002-004453%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1630729676418-932538396603-007976-002-004453&biddername=55&key=8774370042371763753

0
216 B

321ms
105ms

Document
text/plain

34.196.245.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1630729676418-932538396603-007976-002-004453&biddername=55&key=8774370042371763753
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.245.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-245-189.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1630729676418-932538396603-007976-002-004453&biddername=55&key=8774370042371763753
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-length: 0
set-cookie: 2_C_55=8774370042371763753; Path=/; Domain=aniview.com; Expires=Sun, 05 Sep 2021 04:27:56 GMT; Secure; SameSite=None 2_C_55=8774370042371763753; Path=/; Expires=Sun, 05 Sep 2021 04:27:56 GMT; Secure; SameSite=None

Redirect headers

Server: nginx/1.17.9
Date: Sat, 04 Sep 2021 04:27:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1630729676418-932538396603-007976-002-004453&biddername=55&key=8774370042371763753
AN-X-Request-Uuid: 19e1b528-facf-4517-8bb9-3a23604f2387
Set-Cookie: uuid2=8774370042371763753; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Dec-2021 04:27:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 159.48.55.4; 159.48.55.4; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
763 B 63ms
21ms XHR
application/xml 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&us_privacy=1---&cbb=729676513&imp_id=8cf2c5f0-53fe-4e8e-b0c4-fb0173b34111

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:56 GMT
X-Proxy-Origin: 159.48.55.4; 159.48.55.4; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a4bb60c2-026e-44b6-a231-2772253f3d25
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame CA3A 282 KB
89 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8cd4b8b06d59ef4dd52b1d2b22c9dd0a2c2f0d42f0bccbf918a07dbaf3e531f6

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvyfBlPTagPdb5aEhqfrh7qC0FMszxeDTkgCIiXTfzjq1N5aTNO8qVH94vquRWJjaxeNkqDbErFjfqKM7etMpc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 90379
last-modified: Wed, 25 Aug 2021 05:51:56 GMT
server: UploadServer
etag: "cbc43a94682697a04cd9e52edf034719"
vary: Accept-Encoding
x-goog-hash: crc32c=GDSkGQ==, md5=y8Q6lGgml6BM2eUu3wNHGQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1629870716641505
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 90379
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 04 Sep 2021 04:32:56 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 103ms
103ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45932&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676418-932538396603-007976-002-004453&cha=0.7&stagid=&stplid=&cb=82568373587&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1630729676516&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24%2C5e9030afdc817965520eb855%2C6114f48c04b3691b08691b7c%2C608e90cf34acc10fb7767e4a%2C6114f476dd0eb2621e735342&ofpr=%2C%2C%2C0.29%2C0.26%2C0.2&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 92ms
30ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 04 Sep 2021 04:27:56 GMT
X-SpotX-Timing-Transform: 0.000368
X-SpotX-Timing-SpotMarket: 0.005056
X-SpotX-Timing-Page-Mux: 0.000947
X-SpotX-Timing-Page-Require: 0.000340
X-fe: 058
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000037
X-SpotX-Timing-Page: 0.008922
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000296
Last-Modified: Sat, 04 Sep 2021 04:27:56 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.005056
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.001864
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
221 B 141ms
53ms XHR
application/json 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
372 B 115ms
33ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22584276e5f036ae%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22rid%22%3A%22e68ed591b7a8739cfb679b6c04b77526_17231492%22%2C%22hp%22%3A1%2C%22domain%22%3A%22123greetings.com%22%2C%22asi%22%3A%22avantisvideo.com%22%2C%22name%22%3A%22123Greetings%22%2C%22sid%22%3A%228079%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226452095d805ae8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A225%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b2f6cd96336b6b45e4d5476c21ae0e2557fac2da2c27e0f2c2eb406294ea2433

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[NL], RC:[], CN:[EU], CIP:[159.48.55.4], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Sat, 04 Sep 2021 04:27:56 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
103ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45932&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676418-932538396603-007976-002-004453&cha=0.7&stagid=&stplid=&cb=82568373587&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1630729676736&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame AB18
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1630729676042-919282496603-008207-007-001317%26biddername%3D55%26key%3D%24UID
https://sync.aniview.com/cookiesyncendpoint?auid=1630729676042-919282496603-008207-007-001317&biddername=55&key=8774370042371763753

0
217 B

124ms
105ms

Document
text/plain

34.196.245.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1630729676042-919282496603-008207-007-001317&biddername=55&key=8774370042371763753
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.245.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-245-189.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1630729676042-919282496603-008207-007-001317&biddername=55&key=8774370042371763753
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1630729676042-919282496603-008207-007-001317
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-length: 0
set-cookie: 2_C_55=8774370042371763753; Path=/; Domain=aniview.com; Expires=Sun, 05 Sep 2021 04:27:56 GMT; Secure; SameSite=None 2_C_55=8774370042371763753; Path=/; Expires=Sun, 05 Sep 2021 04:27:56 GMT; Secure; SameSite=None

Redirect headers

Server: nginx/1.17.9
Date: Sat, 04 Sep 2021 04:27:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1630729676042-919282496603-008207-007-001317&biddername=55&key=8774370042371763753
AN-X-Request-Uuid: 6cccf603-5a9b-46cc-af04-af00c3125a9a
Set-Cookie: uuid2=8774370042371763753; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 03-Dec-2021 04:27:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 159.48.55.4; 159.48.55.4; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
918 B 21ms
21ms XHR
application/xml 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&us_privacy=1---&cbb=729676772&imp_id=2388ae2b-33c3-4142-9661-588bcdf66f3c

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:56 GMT
X-Proxy-Origin: 159.48.55.4; 159.48.55.4; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 64d1615a-b653-4a9d-aa97-8272afc1a8d0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 520F 282 KB
89 KB 6ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 8cd4b8b06d59ef4dd52b1d2b22c9dd0a2c2f0d42f0bccbf918a07dbaf3e531f6

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvyfBlPTagPdb5aEhqfrh7qC0FMszxeDTkgCIiXTfzjq1N5aTNO8qVH94vquRWJjaxeNkqDbErFjfqKM7etMpc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 90379
last-modified: Wed, 25 Aug 2021 05:51:56 GMT
server: UploadServer
etag: "cbc43a94682697a04cd9e52edf034719"
vary: Accept-Encoding
x-goog-hash: crc32c=GDSkGQ==, md5=y8Q6lGgml6BM2eUu3wNHGQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1629870716641505
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 90379
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 04 Sep 2021 04:32:56 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
106ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=63500&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676042-919282496603-008207-007-001317&cha=0.7&stagid=&stplid=&cb=69096585160&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1630729676773&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24%2C5e9030afdc817965520eb855%2C6114f48c04b3691b08691b7c%2C608e90cf34acc10fb7767e4a%2C6114f476dd0eb2621e735342&ofpr=%2C%2C%2C0.29%2C0.26%2C0.2&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1275 346 KB
119 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121776
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:56 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame AFFF 346 KB
119 KB 44ms
25ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121776
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:56 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
221 B 60ms
59ms XHR
application/json 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 24 B
372 B 33ms
33ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%223924decf23873e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22name%22%3A%22123Greetings%22%2C%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22rid%22%3A%22e174141d89cd47eb939af1b435c51578_1723158171%22%2C%22domain%22%3A%22123greetings.com%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2249470abcf0f087%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22sid%22%3A%22600x338%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c4bcd2072e257cdd801187f50c649ee8793a12e2191731750a759f26273a46c7

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[NL], RC:[], CN:[EU], CIP:[159.48.55.4], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 44
x-ak-client-geo: 12
expires: Sat, 04 Sep 2021 04:27:56 GMT

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 31ms
31ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 04 Sep 2021 04:27:56 GMT
X-SpotX-Timing-Transform: 0.000372
X-SpotX-Timing-SpotMarket: 0.004423
X-SpotX-Timing-Page-Mux: 0.001028
X-SpotX-Timing-Page-Require: 0.000374
X-fe: 026
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
X-SpotX-Timing-Page: 0.009575
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000426
Last-Modified: Sat, 04 Sep 2021 04:27:56 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004423
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.002914
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 bridge3.478.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame E18E 574 KB
188 KB 19ms
6ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.478.2_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192508
date: Fri, 03 Sep 2021 19:55:47 GMT
expires: Sat, 03 Sep 2022 19:55:47 GMT
last-modified: Fri, 03 Sep 2021 19:50:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1275 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1275 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.478.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame A9CD 574 KB
188 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.478.2_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192508
date: Fri, 03 Sep 2021 19:55:47 GMT
expires: Sat, 03 Sep 2022 19:55:47 GMT
last-modified: Fri, 03 Sep 2021 19:50:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30729
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame AFFF 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:56 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame AFFF 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
105ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=63500&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676042-919282496603-008207-007-001317&cha=0.7&stagid=&stplid=&cb=69096585160&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1630729676951&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E6A0 346 KB
119 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121776
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:57 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 00CD 346 KB
119 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121776
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:57 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8E0C 36 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 04 Sep 2021 05:13:41 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5C26 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 04 Sep 2021 05:13:41 GMT

GET
H3-29 200 bridge3.478.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame EEB6 574 KB
188 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.478.2_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192508
date: Fri, 03 Sep 2021 19:55:47 GMT
expires: Sat, 03 Sep 2022 19:55:47 GMT
last-modified: Fri, 03 Sep 2021 19:50:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E6A0 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:57 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame E6A0 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.478.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame B9DC 574 KB
188 KB 6ms
5ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.478.2_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192508
date: Fri, 03 Sep 2021 19:55:47 GMT
expires: Sat, 03 Sep 2022 19:55:47 GMT
last-modified: Fri, 03 Sep 2021 19:50:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30730
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 00CD 44 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:57 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 00CD 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3757 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 04 Sep 2021 05:13:41 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A353 36 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 856
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 04 Sep 2021 05:13:41 GMT

GET
DATA 200
OK truncated
/ Frame E18E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?blob=nullPromise&lid=155&sdkv=h.3.478.2&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.478.2&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.478.2&e=418572006%2C44731964&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.4261137387791125&time=1630729677240&lid=43&sdkv=h.3.478.2&e=418572006%2C44731964&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 8BB9 2 KB
1 KB 112ms
29ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.123greetings.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sat, 04 Sep 2021 04:27:57 GMT
Connection: keep-alive

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YTL1zQAEPaI3PwAC&_origin=0&gdpr=0&gdpr_consent=&_test=YTL1zQAEPaI3PwAC
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YTL1zQAEPaI3PwAC&_origin=0&gdpr=0&gdpr_consent=&_test=YTL1zQAEPaI3PwAC&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YTL1zQAEPaI3PwAC&_origin=0&gdpr=0&gdpr_consent=&_test=YTL1zQAEPaI3PwAC&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec&verify=true

0
1 KB

33ms
29ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YTL1zQAEPaI3PwAC&_origin=0&gdpr=0&gdpr_consent=&_test=YTL1zQAEPaI3PwAC&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec&verify=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:27:57 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Sat, 04 Sep 2021 04:27:57 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YTL1zQAEPaI3PwAC&_origin=0&gdpr=0&gdpr_consent=&_test=YTL1zQAEPaI3PwAC&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec&verify=true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA3YWVjNTFkYS0wZDM4LTExZWMtOGYxNy0wMjgzNzMwZTI3ZWM%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEJSFkadUAFAuMsEjDKJwdfA&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJSFkadUAFAuMsEjDKJwdfA&google_cver=1&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec

0
1 KB

32ms
30ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJSFkadUAFAuMsEjDKJwdfA&google_cver=1&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJSFkadUAFAuMsEjDKJwdfA&google_cver=1&apid=UP7aec51da-0d38-11ec-8f17-0283730e27ec
date: Sat, 04 Sep 2021 04:27:58 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=c2783d87-968c-411c-8372-9db753403315&_origin=1&gdpr=1&gdpr_consent=

0
234 B

409ms
33ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=c2783d87-968c-411c-8372-9db753403315&_origin=1&gdpr=1&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:27:57 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=c2783d87-968c-411c-8372-9db753403315&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame E18E 63 KB
15 KB 405ms
403ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1630455733690934&sdkv=h.3.478.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=978844781&sdk_apis=2%2C8&sid=EB8D4489-FEAE-4E95-90B6-A96C5ECA97F6&eid=418572006%2C44731964&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&dt=1630729677276&cookie_enabled=1&scor=4245232342017797&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

0eefdd61a5318dbbb9da1eddd3c15f4e65d5843e638d3e1f14f84b95aab68367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14708
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1630729677274&timeout=f&logid=0.4261137387791125&timediff=34&lid=43&sdkv=h.3.478.2&e=418572006%2C44731964&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.478.2&e=418572006%2C44731964&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A9CD 156 B
490 B 375ms
375ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1021590815179816&sdkv=h.3.478.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=2539213421&sdk_apis=2%2C8&sid=AAC40339-188F-49A5-9F36-6AD9F1C17B3B&eid=44715336%2C44725356&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&dt=1630729677280&cookie_enabled=1&scor=791983684714728&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame EEB6 156 B
287 B 385ms
384ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3280306587482602&sdkv=h.3.478.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=40307868&sdk_apis=2%2C8&sid=B9CDDC41-454F-46BB-BA36-C451BB0AE573&eid=44731964%2C44732023&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&dt=1630729677367&cookie_enabled=1&scor=2525882479798189&ged=ve4_td0_tt0_pd0_la0_er1157.320.1309.620_vi0.0.1200.1600_vp28_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B9DC 156 B
287 B 386ms
385ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2309870268730597&sdkv=h.3.478.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3937429871&sdk_apis=2%2C8&sid=7E947E13-D939-4417-A070-7515D6641E85&eid=44745940&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&dt=1630729677372&cookie_enabled=1&scor=2732592337339993&ged=ve4_td0_tt0_pd0_la0_er1157.320.1309.620_vi0.0.1200.1600_vp28_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C514 2 KB
1 KB 27ms
27ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.123greetings.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Sat, 04 Sep 2021 04:27:57 GMT
Connection: keep-alive

POST
H2 204 csi
csi.gstatic.com/ Frame E18E 0
348 B 851ms
285ms Ping
image/gif 2404:6800:4005:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kt5acfwr&c=8470767941255&slotId=4235383970627.5&qqid=CNXgkLm95PICFbbTEQgdSekJFQ&gqid=zfUyYf31EcSo7gOF54nICA&fb=ima_html5-lima&sdkv=h.3.478.2&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=418572006%2C44731964&met.4=ghmsh_s.kt5acgb4~ghmsh_s.kt5acgb4&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=vLbDNoFP9hH7qGfe
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:804::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?has_linear_creative=t&title=video&is_vpaid=f&is_title_video=t&adTag=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%252F7103%252FSMG_AirNow%252Fpreroll%252Fsyndication_2%26description_url%3Dhttps%253A%252F%252Fwww.123greetings.com%252Fevents%252Fteddy_bear_day%252F%253Futm_source%26tfcd%3D0%26npa%3D0%26sz%3D640x480%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26impl%3Ds%26correlator&lid=147&sdkv=h.3.478.2&e=418572006%2C44731964&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?type=video&lid=100&sdkv=h.3.478.2&e=418572006%2C44731964&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?type=multiple_pod&lid=100&sdkv=h.3.478.2&e=418572006%2C44731964&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E18E 42 B
339 B 18ms
17ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjcMlzfUyYZXGE7anx_APydKnqAHpkYbDZP2skYb8DZzgwovBARABILCv4h9gkYSAgPwXyAEFqQK3zvaIH-6zPuACAKgDAZgEAKoEiQJP0Fq2a_oHygGpf2RrlSfUKetGssgXtyUg3f9DJcTjuojJmTfkUfRunC7PBlRqqr5Xnf3u6gbzEmV5oJKf_Cif5JXOzt23s6TySCuJLgZ34pF5ae19Z9SQC8yepCX80pDxJyxBrkE2wDjjhtn7YCgPvgWQ2HC5JEqNVEYV-EQDVJ0PNgfnSgnSBe2cd-j1jLaLUFCBBB4bv0b25Y1yMlSKisMp-kHgVGOP0Rivhb6poKQSr3VK-Lb8WUNMz8MGk7OMBT1r7fl_rS00uievamA-xqfyay5Sgo7-4gOlPM0J6sof-UZE0P9ulTopVX9aDXz1HdilZYS7PiUslcsqz71MpBMJXXQaQAo5wASanObRzQPgBAGgBleAB62XsaYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiaCSdodHRwczovL3d3dy5kZS5ubC9wcm9kdWN0ZW4vaWNlLWNvZmZlZS-xCUwjpJz9K6WBgAoDyAsB0AsP4AsBsBPJ7KoM2BMTiBQB2BQB0BUBqBYBgBcB&sigh=KuWAf_eZ6Yw&label=show_ad&acvw=&sdkv=h.3.478.2&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3OTk3NTQ2MjUyNTIMNTMyMjk4NzUwNjA2QKoDUh0QDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame E18E 0
0 38ms
38ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C-8EjzfUyYZXGE7anx_APydKnqAHpkYbDZP2skYb8DZzgwovBARABILCv4h9gkYSAgPwXyAEFqQK3zvaIH-6zPuACAKgDAZgEAKoEhgJP0Fq2a_oHygGpf2RrlSfUKetGssgXtyUg3f9DJcTjuojJmTfkUfRunC7PBlRqqr5Xnf3u6gbzEmV5oJKf_Cif5JXOzt23s6TySCuJLgZ34pF5ae19Z9SQC8yepCX80pDxJyxBrkE2wDjjhtn7YCgPvgWQ2HC5JEqNVEYV-EQDVJ0PNgfnSgnSBe2cd-j1jLaLUFCBBB4bv0b25Y1yMlSKisMp-kHgVGOP0Rivhb6poKQSr3VK-Lb8WUNMz8MGk7OMBT1r7fl_rS00uievamA-xqfyay5Sgo7-4gOlPM0J6sof-UZE0P9ulTpxVIWPno61j0xm8eB1ql2IcP2NKtyaQXLfkGsDwASanObRzQPgBAGgBleAB62XsaYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBCAsxnSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE8nsqgzYExOIFAHYFAHQFQGoFgGAFwGyFx4KHAgAEhRwdWItNTcxNzA5MjUzMzkxMzUxNRjQihE&sigh=9bK-V7LAB-Q&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&vt=10&sdkv=h.3.478.2&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3OTk3NTQ2MjUyNTIMNTMyMjk4NzUwNjA2QKoDUh0QDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25QABgB
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 1275 0
45 B 812ms
286ms Ping
image/gif 2404:6800:4005:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kt5acfop&c=8470767941255&slotId=4235383970627.5&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:804::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

videoplayback
rr5---sn-4g5ednsl.googlevideo.com/
Redirect Chain

https://rr5---sn-5hnekn7k.googlevideo.com/videoplayback?expire=1630758477&ei=zfUyYbTBJs-k1gLMj7uICA&ip=159.48.55.4&id=04dee240511b65c4&itag=22&source=youtube&requiressl=yes&mh=bg&mm=31&mn=sn-5hnekn...
https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1630758477&ei=zfUyYbTBJs-k1gLMj7uICA&ip=159.48.55.4&id=04dee240511b65c4&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=...

1 MB
1 MB

35ms
7ms

Media
video/mp4

2a00:1450:4001:6a::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1630758477&ei=zfUyYbTBJs-k1gLMj7uICA&ip=159.48.55.4&id=04dee240511b65c4&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.054&lmt=1630686056042680&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgLxH2Tuyrv6tmmekxFMCkTXqwXg0JoQuyWCP6iHSL8YgCIFB0PcAjg-jgEuUTD0BCHiCBjQd9R8xUWiWFy7F4rEmD&cpn=vLbDNoFP9hH7qGfe&redirect_counter=1&rm=sn-5hneld76&req_id=4b2e96a881c636e2&cms_redirect=yes&ipbypass=yes&mh=bg&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5ednsl&ms=au&mt=1630729488&mv=m&mvi=5&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgRKmVzoeQN_7cY50QapMlNHp6Li2mCAtA_TPCnmouAxQCIQDaeNo0QfbrtJhx9vsCssX_EF6LVRCSPW2M1LKEMNK87w%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:6a::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

07bf9659289ea0866567384afce73ad60a9d1a8ed4c7e2f3db5a19afde28d63e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:27:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 03 Sep 2021 16:20:56 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1122927/1122928
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1122928
Expires: Sat, 04 Sep 2021 04:27:57 GMT

Redirect headers

Date: Sat, 04 Sep 2021 04:27:57 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr5---sn-4g5ednsl.googlevideo.com/videoplayback?expire=1630758477&ei=zfUyYbTBJs-k1gLMj7uICA&ip=159.48.55.4&id=04dee240511b65c4&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=10.054&lmt=1630686056042680&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgLxH2Tuyrv6tmmekxFMCkTXqwXg0JoQuyWCP6iHSL8YgCIFB0PcAjg-jgEuUTD0BCHiCBjQd9R8xUWiWFy7F4rEmD&cpn=vLbDNoFP9hH7qGfe&redirect_counter=1&rm=sn-5hneld76&req_id=4b2e96a881c636e2&cms_redirect=yes&ipbypass=yes&mh=bg&mip=2a01:4f8:121:131a::2&mm=31&mn=sn-4g5ednsl&ms=au&mt=1630729488&mv=m&mvi=5&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgRKmVzoeQN_7cY50QapMlNHp6Li2mCAtA_TPCnmouAxQCIQDaeNo0QfbrtJhx9vsCssX_EF6LVRCSPW2M1LKEMNK87w%3D%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Sat, 04 Sep 2021 04:27:57 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 188ms
188ms Ping
text/plain 52.34.57.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 90CF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

38ms
37ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b875b611df0be257b8594f35a81b26a32d46b378872322f8cdf026d67d15ed53

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YTL1zSjYt0I.gB3a8GtbXAAA; CMPS=5188
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|39|230|241|196|206|176|31
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1674
Expires: Sat, 04 Sep 2021 04:27:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Connection: keep-alive
Set-Cookie: CMID=YTL1zSjYt0I.gB3a8GtbXAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 04 Sep 2022 04:27:58 GMT CMPS=5188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Dec 2021 04:27:58 GMT CMPRO=1163;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Dec 2021 04:27:58 GMT CMRUM3=c46132f5ce05a0&1f6132f5ce05a00&ce6132f5ce05a0&f16132f5ce05a0&276132f5ce0b40&2d6132f5ce05a0&b06132f5ce05a00&e66132f5ce2760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 04 Sep 2022 04:27:58 GMT CMST=YTL1zmEy9c4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 05 Sep 2021 04:27:58 GMT

Redirect headers

Server: Apache
Content-Length: 343
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 04 Sep 2021 04:27:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:57 GMT
Connection: keep-alive
Set-Cookie: CMID=YTL1zSjYt0I.gB3a8GtbXAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 04 Sep 2022 04:27:57 GMT CMPS=5188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Dec 2021 04:27:57 GMT

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame 07FC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

36ms
35ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fe537b6221c5b1e17b371005ca8323792d4f0ebdfde79c0245b883ba7581fcd2

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=5188; CMID=YTL1zSjYt0I.gB3a8GtbXQAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|241|39|45|105|191|13|196
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1681
Expires: Sat, 04 Sep 2021 04:27:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Connection: keep-alive
Set-Cookie: CMID=YTL1zSjYt0I.gB3a8GtbXQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 04 Sep 2022 04:27:58 GMT CMPS=5188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Dec 2021 04:27:58 GMT CMPRO=1142;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Dec 2021 04:27:58 GMT CMST=YTL1zmEy9c4A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 05 Sep 2021 04:27:58 GMT CMRUM3=696132f5ce05a0&0d6132f5ce05a0&e66132f5ce2760&2d6132f5ce05a0&276132f5ce0b40&f16132f5ce05a0&bf6132f5ce05a0&c46132f5ce05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 04 Sep 2022 04:27:58 GMT

Redirect headers

Server: Apache
Content-Length: 343
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 04 Sep 2021 04:27:57 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:57 GMT
Connection: keep-alive
Set-Cookie: CMID=YTL1zSjYt0I.gB3a8GtbXQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 04 Sep 2022 04:27:57 GMT CMPS=5188;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 03 Dec 2021 04:27:57 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
918 B 22ms
21ms XHR
application/xml 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&us_privacy=1---&cbb=729677954&imp_id=71be3987-dfa0-40f1-97d1-bda7b4c3357b

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:57 GMT
X-Proxy-Origin: 159.48.55.4; 159.48.55.4; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 44d77d2d-190d-4427-9937-b94a51621da6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
103ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=63500&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676042-919282496603-008207-007-001317&cha=0.7&stagid=&stplid=&cb=69096585160&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1630729677955&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24%2C5e9030afdc817965520eb855%2C6114f48c04b3691b08691b7c%2C608e90cf34acc10fb7767e4a%2C6114f476dd0eb2621e735342&ofpr=%2C%2C%2C0.29%2C0.26%2C0.2&fpo=%2C%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 23 B
371 B 34ms
33ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%228111bf7a55a14%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22name%22%3A%22123Greetings%22%2C%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22rid%22%3A%22e174141d89cd47eb939af1b435c51578_1723158171%22%2C%22domain%22%3A%22123greetings.com%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229516908ad3fee8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22sid%22%3A%22600x338%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A600%2C%22h%22%3A338%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0e7b0f2bc70b8fedc9bddb6b90c86a77becada80e76765eb35b03b975b0810d2

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:57 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[NL], RC:[], CN:[EU], CIP:[159.48.55.4], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 43
x-ak-client-geo: 12
expires: Sat, 04 Sep 2021 04:27:57 GMT

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 30ms
30ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 04 Sep 2021 04:27:57 GMT
X-SpotX-Timing-Transform: 0.000335
X-SpotX-Timing-SpotMarket: 0.004337
X-SpotX-Timing-Page-Mux: 0.000914
X-SpotX-Timing-Page-Require: 0.000332
X-fe: 116
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000018
X-SpotX-Timing-Page: 0.009011
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000284
Last-Modified: Sat, 04 Sep 2021 04:27:57 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004337
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.002778
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
221 B 57ms
57ms XHR
application/json 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-16-69.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
104ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=63500&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676042-919282496603-008207-007-001317&cha=0.7&stagid=&stplid=&cb=69096585160&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1630729678022&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame DFD7 346 KB
119 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121776
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:58 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FC23 346 KB
119 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121776
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:58 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 90CF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YTL1zSjYt0I.gB3a8GtbXQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4l-EjrZNhokKqyKBctFzU&google_cver=1&gdpr=1&google_hm=2

43 B
1000 B

73ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4l-EjrZNhokKqyKBctFzU&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Sep 2021 04:27:58 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4l-EjrZNhokKqyKBctFzU&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 90CF 70 B
264 B 40ms
38ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 90CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YTL1zSjYt0I-gB3a8GtbXAAABIsAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIezuahmOmgt8_TyrEV4h5I&google_cver=1

43 B
315 B

32ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIezuahmOmgt8_TyrEV4h5I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 04 Sep 2021 04:27:58 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIezuahmOmgt8_TyrEV4h5I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 90CF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXAAABIsAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXAAABIsAAAAB&dcc=t

43 B
645 B

108ms
107ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXAAABIsAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WHVXB7P6FFYN3W6KW1Y9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ETX11VZPM8WKSN4QSFAF
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXAAABIsAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 90CF
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

31ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 04 Sep 2021 04:27:58 GMT

Redirect headers

date: Sat, 04 Sep 2021 04:27:58 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame 90CF 0
234 B 31ms
29ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YTL1zSjYt0I-gB3a8GtbXAAABIsAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 113
match.deepintent.com/usersync/ Frame 90CF 0
44 B 313ms
102ms Image
text/plain 38.91.45.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/113
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:57 GMT
content-length: 0
server: a

GET
H/1.1

200
OK

noop
px.owneriq.net/ Frame 90CF
Redirect Chain

https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6840160781666244914&uid=Q6840160781666244914&ref=%2Feucm%2Fp%2Fcc
https://px.owneriq.net/noop?ct=image%2Fgif

0
287 B

34ms
33ms

Image
image/gif

23.79.154.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.owneriq.net/noop?ct=image%2Fgif
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.79.154.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-154-245.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By: PHP/5.3.3
Content-Length: 0
Content-Type: image/gif

Redirect headers

Location: https://px.owneriq.net/noop?ct=image%2Fgif
Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 90CF 43 B
425 B 28ms
26ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YTL1zSjYt0I.gB3a8GtbXAAA%261163
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:27:58 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2387
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Sep 2021 05:07:45 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E18E 42 B
64 B 17ms
16ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CjcMlzfUyYZXGE7anx_APydKnqAHpkYbDZP2skYb8DZzgwovBARABILCv4h9gkYSAgPwXyAEFqQK3zvaIH-6zPuACAKgDAZgEAKoEiQJP0Fq2a_oHygGpf2RrlSfUKetGssgXtyUg3f9DJcTjuojJmTfkUfRunC7PBlRqqr5Xnf3u6gbzEmV5oJKf_Cif5JXOzt23s6TySCuJLgZ34pF5ae19Z9SQC8yepCX80pDxJyxBrkE2wDjjhtn7YCgPvgWQ2HC5JEqNVEYV-EQDVJ0PNgfnSgnSBe2cd-j1jLaLUFCBBB4bv0b25Y1yMlSKisMp-kHgVGOP0Rivhb6poKQSr3VK-Lb8WUNMz8MGk7OMBT1r7fl_rS00uievamA-xqfyay5Sgo7-4gOlPM0J6sof-UZE0P9ulTopVX9aDXz1HdilZYS7PiUslcsqz71MpBMJXXQaQAo5wASanObRzQPgBAGgBleAB62XsaYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiaCSdodHRwczovL3d3dy5kZS5ubC9wcm9kdWN0ZW4vaWNlLWNvZmZlZS-xCUwjpJz9K6WBgAoDyAsB0AsP4AsBsBPJ7KoM2BMTiBQB2BQB0BUBqBYBgBcB&sigh=KuWAf_eZ6Yw&label=video_ad_loaded&acvw=&sdkv=h.3.478.2&vci=CmUIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3OTk3NTQ2MjUyNTIMNTMyMjk4NzUwNjA2QKoDUh0QDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25QABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 07FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YTL1zSjYt0I-gB3a8GtbXQAABHYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIezuahmOmgt8_TyrEV4h5I&google_cver=1

43 B
315 B

31ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIezuahmOmgt8_TyrEV4h5I&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 04 Sep 2021 04:27:58 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEIezuahmOmgt8_TyrEV4h5I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 07FC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXQAABHYAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXQAABHYAAAAB&dcc=t

43 B
645 B

109ms
108ms

Image
image/gif

209.54.176.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXQAABHYAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: B2TXP8GJHA5284PRNS9M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 76HB97W95HA1WSRBCKZZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YTL1zSjYt0I-gB3a8GtbXQAABHYAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 07FC 70 B
264 B 42ms
39ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 07FC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YTL1zSjYt0I.gB3a8GtbXQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4l-EjrZNhokKqyKBctFzU&google_cver=1&gdpr=1&google_hm=2

43 B
1000 B

67ms
41ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4l-EjrZNhokKqyKBctFzU&google_cver=1&gdpr=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Sep 2021 04:27:58 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN4l-EjrZNhokKqyKBctFzU&google_cver=1&gdpr=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 341
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 07FC
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
973 B

36ms
36ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Sep 2021 04:27:58 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Sat, 04 Sep 2021 04:27:58 GMT
server: nginx/1.20.0
content-length: 76

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame 07FC 43 B
253 B 167ms
121ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.40.241.35.bc.googleusercontent.com
Software: nginx/1.21.1 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
via: 1.1 google
last-modified: Sat, 04 Sep 2021 04:27:58 GMT
server: nginx/1.21.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Sat, 04 Sep 2021 04:27:59 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 07FC
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06ab2204079c70ca725196e5&expiration=[EXPIRATION]&gdpr=1

43 B
997 B

40ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06ab2204079c70ca725196e5&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Sep 2021 04:27:58 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06ab2204079c70ca725196e5&expiration=[EXPIRATION]&gdpr=1
Date: Sat, 04 Sep 2021 04:27:58 GMT
Access-Control-Allow-Credentials: true
X-Powered-By: Express
Content-Length: 0
Vary: Origin

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 07FC
Redirect Chain

https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=

43 B
315 B

51ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 04 Sep 2021 04:27:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Sat, 04 Sep 2021 04:27:58 GMT

Redirect headers

date: Sat, 04 Sep 2021 04:27:58 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 07FC 43 B
425 B 43ms
27ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YTL1zSjYt0I.gB3a8GtbXQAA%261142
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 04 Sep 2021 04:27:58 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2387
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 04 Sep 2021 05:07:45 GMT

GET
H2 200 Oy6hyfNY.js Show response
tpc.googlesyndication.com/sodar/ Frame E18E 41 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 10:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15406
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 10:57:16 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame E18E 0
0 40ms
36ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=C-8EjzfUyYZXGE7anx_APydKnqAHpkYbDZP2skYb8DZzgwovBARABILCv4h9gkYSAgPwXyAEFqQK3zvaIH-6zPuACAKgDAZgEAKoEhgJP0Fq2a_oHygGpf2RrlSfUKetGssgXtyUg3f9DJcTjuojJmTfkUfRunC7PBlRqqr5Xnf3u6gbzEmV5oJKf_Cif5JXOzt23s6TySCuJLgZ34pF5ae19Z9SQC8yepCX80pDxJyxBrkE2wDjjhtn7YCgPvgWQ2HC5JEqNVEYV-EQDVJ0PNgfnSgnSBe2cd-j1jLaLUFCBBB4bv0b25Y1yMlSKisMp-kHgVGOP0Rivhb6poKQSr3VK-Lb8WUNMz8MGk7OMBT1r7fl_rS00uievamA-xqfyay5Sgo7-4gOlPM0J6sof-UZE0P9ulTpxVIWPno61j0xm8eB1ql2IcP2NKtyaQXLfkGsDwASanObRzQPgBAGgBleAB62XsaYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBBCAsxnSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE8nsqgzYExOIFAHYFAHQFQGoFgGAFwGyFx4KHAgAEhRwdWItNTcxNzA5MjUzMzkxMzUxNRjQihE&sigh=9bK-V7LAB-Q&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&sdkv=h.3.478.2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29

200

B26055166.307433118;dc_pre=CMKdx7m95PICFd7juwgdFFQPfw;dc_trk_aid=500286583;dc_trk_cid=153506821;ord=535323665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1018932.3545954DV36012/ Frame E18E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1018932.3545954DV36012/B26055166.307433118;dc_trk_aid=500286583;dc_trk_cid=153506821;ord=535323665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;...
https://ad.doubleclick.net/ddm/trackimp/N1018932.3545954DV36012/B26055166.307433118;dc_pre=CMKdx7m95PICFd7juwgdFFQPfw;dc_trk_aid=500286583;dc_trk_cid=153506821;ord=535323665;dc_lat=;dc_rdid=;tag_fo...

42 B
63 B

81ms
48ms

Image
image/gif

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1018932.3545954DV36012/B26055166.307433118;dc_pre=CMKdx7m95PICFd7juwgdFFQPfw;dc_trk_aid=500286583;dc_trk_cid=153506821;ord=535323665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1018932.3545954DV36012/B26055166.307433118;dc_pre=CMKdx7m95PICFd7juwgdFFQPfw;dc_trk_aid=500286583;dc_trk_cid=153506821;ord=535323665;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B25120255.294126195;dc_trk_aid=487302004;dc_trk_cid=144988422;dc_dbm_token=AD1EzRQAAAA7CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_aSHnjOoArPc16YCsAL0pJ8KQDsQ9ILfpAKyzqMwJTCstsVVlZkq-7J0;ord=28290...
ad.doubleclick.net/ddm/trackimp/N1018932.279382BIDMANAGER_DFASIT/ Frame E18E 42 B
118 B 118ms
52ms Image
image/gif 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1018932.279382BIDMANAGER_DFASIT/B25120255.294126195;dc_trk_aid=487302004;dc_trk_cid=144988422;dc_dbm_token=AD1EzRQAAAA7CjMKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhMI_aSHnjOoArPc16YCsAL0pJ8KQDsQ9ILfpAKyzqMwJTCstsVVlZkq-7J0;ord=2829054997;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=8008004584368574997;dc_av=536;dc_sk=0;dc_ctype=87;dc_ref=;dc_pubid=3;dc_btype=23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E18E 42 B
64 B 22ms
17ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cl5ZozfUyYZXGE7anx_APydKnqAHpkYbDZP2skYb8DZzgwovBARABILCv4h9gkYSAgPwXyAEFqQK3zvaIH-6zPuACAKgDAZgEAKoEhgJP0Fq2a_oHygGpf2RrlSfUKetGssgXtyUg3f9DJcTjuojJmTfkUfRunC7PBlRqqr5Xnf3u6gbzEmV5oJKf_Cif5JXOzt23s6TySCuJLgZ34pF5ae19Z9SQC8yepCX80pDxJyxBrkE2wDjjhtn7YCgPvgWQ2HC5JEqNVEYV-EQDVJ0PNgfnSgnSBe2cd-j1jLaLUFCBBB4bv0b25Y1yMlSKisMp-kHgVGOP0Rivhb6poKQSr3VK-Lb8WUNMz8MGk7OMBT1r7fl_rS00uievamA-xqfyay5Sgo7-4gOlPM0J6sof-UZE0P9ulTpxVIWPno61j0xm8eB1ql2IcP2NKtyaQXLfkGsDwASanObRzQPgBAGgBleAB62XsaYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE8nsqgzYExOIFAHYFAHQFQGoFgGAFwE&sigh=3ILj666Q2Mw&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D903%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10007%26vmtime%3D-1%26is%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1630729678125%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1630729677864&sdkv=h.3.478.2&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3OTk3NTQ2MjUyNTIMNTMyMjk4NzUwNjA2QKoDUiAQDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25IqwJQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E18E 42 B
64 B 22ms
17ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYxA338bIw-ppPMjT1MCIXcHT7jJBuWaEa2e6CmR87wTqtN23BUcKVuYNwugfk2sJTcP1xPYUTkNTz4OD90ow072cXpPdiqvsoy2LGH2MY3Z8RInQhyjAFeZbR-yNAE9b_zkZhfOc&sai=AMfl-YT0Uh24eLlCE_4-6fdgG2qUNoiacET0zs8_F_Ol2IcvBarKi9znUKJvJ7Z2BEZd-jycUJSlR-zkXuVbz4v0jUcOjM_j5M-jh3cieLgF4i20e19vZ-qHeylMcHN0YOE&sig=Cg0ArKJSzJmr8FwibxzrEAE&id=lidarv&acvw=sv%3D903%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1630729678127%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1630729677864&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview_ext
pagead2.googlesyndication.com/ Frame E18E 42 B
64 B 20ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=8008004584368574997&acvw=sv%3D903%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1630729678127%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1630729677864?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D903%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos...
ade.googlesyndication.com/ddm/activity_ext/ Frame E18E 42 B
107 B 105ms
38ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D903%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1630729678127%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1630729677864?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E18E 42 B
64 B 21ms
17ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cl5ZozfUyYZXGE7anx_APydKnqAHpkYbDZP2skYb8DZzgwovBARABILCv4h9gkYSAgPwXyAEFqQK3zvaIH-6zPuACAKgDAZgEAKoEhgJP0Fq2a_oHygGpf2RrlSfUKetGssgXtyUg3f9DJcTjuojJmTfkUfRunC7PBlRqqr5Xnf3u6gbzEmV5oJKf_Cif5JXOzt23s6TySCuJLgZ34pF5ae19Z9SQC8yepCX80pDxJyxBrkE2wDjjhtn7YCgPvgWQ2HC5JEqNVEYV-EQDVJ0PNgfnSgnSBe2cd-j1jLaLUFCBBB4bv0b25Y1yMlSKisMp-kHgVGOP0Rivhb6poKQSr3VK-Lb8WUNMz8MGk7OMBT1r7fl_rS00uievamA-xqfyay5Sgo7-4gOlPM0J6sof-UZE0P9ulTpxVIWPno61j0xm8eB1ql2IcP2NKtyaQXLfkGsDwASanObRzQPgBAGgBleAB62XsaYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE8nsqgzYExOIFAHYFAHQFQGoFgGAFwE&sigh=3ILj666Q2Mw&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D903%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1630729678129%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1630729677864&sdkv=h.3.478.2&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3OTk3NTQ2MjUyNTIMNTMyMjk4NzUwNjA2QKoDUiAQDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25IqwJQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D903%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity_ext/ Frame E18E 42 B
515 B 102ms
36ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D903%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D10007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1630729678129%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1630729677864?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
20 B 19ms
16ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?es=abandon&ai=479975462525&qy=902751835&ar=noVerifications&lid=87&sdkv=h.3.478.2&e=418572006%2C44731964&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E18E 42 B
64 B 22ms
17ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cl5ZozfUyYZXGE7anx_APydKnqAHpkYbDZP2skYb8DZzgwovBARABILCv4h9gkYSAgPwXyAEFqQK3zvaIH-6zPuACAKgDAZgEAKoEhgJP0Fq2a_oHygGpf2RrlSfUKetGssgXtyUg3f9DJcTjuojJmTfkUfRunC7PBlRqqr5Xnf3u6gbzEmV5oJKf_Cif5JXOzt23s6TySCuJLgZ34pF5ae19Z9SQC8yepCX80pDxJyxBrkE2wDjjhtn7YCgPvgWQ2HC5JEqNVEYV-EQDVJ0PNgfnSgnSBe2cd-j1jLaLUFCBBB4bv0b25Y1yMlSKisMp-kHgVGOP0Rivhb6poKQSr3VK-Lb8WUNMz8MGk7OMBT1r7fl_rS00uievamA-xqfyay5Sgo7-4gOlPM0J6sof-UZE0P9ulTpxVIWPno61j0xm8eB1ql2IcP2NKtyaQXLfkGsDwASanObRzQPgBAGgBleAB62XsaYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE8nsqgzYExOIFAHYFAHQFQGoFgGAFwE&sigh=3ILj666Q2Mw&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=admute&ad_mt=0&acvw=sv%3D903%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,20%26mtos%3D0,0,0,0,20%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D20%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D20%26pst%3D-1%26dur%3D10007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D20%26is%3D274%26i0%3D274%26ic%3D4096%26cs%3D4370%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1630729678132%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,20&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1630729677864&sdkv=h.3.478.2&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3OTk3NTQ2MjUyNTIMNTMyMjk4NzUwNjA2QKoDUiAQDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25IqwJQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D903%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,20%26mtos%3D0,0,0,0,20%26amtos%3...
ade.googlesyndication.com/ddm/activity_ext/ Frame E18E 42 B
107 B 102ms
38ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D903%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,20%26mtos%3D0,0,0,0,20%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D20%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D20%26pst%3D-1%26dur%3D10007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D20%26is%3D274%26i0%3D274%26ic%3D4096%26cs%3D4370%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D2%26emuc%3D0%26emb%3D0,0,0,0,2%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1630729678132%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,20;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1630729677864?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 193ms
192ms Ping
text/plain 52.34.57.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 189ms
189ms Ping
text/plain 52.34.57.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT

GET
H2 200 av.png
static.avantisvideo.com/images/ 2 KB
2 KB 24ms
6ms Image
image/png 2600:9000:2156:fe00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.avantisvideo.com/images/av.png
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:fe00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 14:59:40 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Mon, 25 Jan 2021 10:20:27 GMT
server: AmazonS3
age: 48498
etag: "b8ce0fbf2e3e2f4f74cffe16c3b65adf"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 1986
x-amz-cf-id: WcIYCPBcJpta75OKJVX-KX8RKa15W8_dx0GrI3fmQWGGj4Kxp1ZuMQ==

GET
H2 200 track
track1.aniview.com/ 0
70 B 106ms
104ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45932&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676418-932538396603-007976-002-004453&cha=0.7&stagid=&stplid=&cb=82568373587&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60e594da4123720f2e250d24&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=e3fa51f3576e09d46570c91127a715ff88bcee5a&d9=1000&ad=11&vi=0&ofpr=2&imid=e68ed591b7a8739cfb679b6c04b77526_17231492_12720409&e=impression&cb=1630729676513&ad=11&vi=0&d1=vpaid&fv=3&cb=1630729676518
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 105ms
105ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45932&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676418-932538396603-007976-002-004453&cha=0.7&stagid=&stplid=&cb=82568373587&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60e594da4123720f2e250d24&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=e3fa51f3576e09d46570c91127a715ff88bcee5a&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=2&imid=e68ed591b7a8739cfb679b6c04b77526_17231492_12720409&e=start&d1=vpaid&fv=3&cb=1630729676518
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 bridge3.478.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 747F 574 KB
188 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.478.2_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192508
date: Fri, 03 Sep 2021 19:55:47 GMT
expires: Sat, 03 Sep 2022 19:55:47 GMT
last-modified: Fri, 03 Sep 2021 19:50:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame DFD7 44 KB
16 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:58 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame DFD7 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 hhrtBw21.html Show response
tpc.googlesyndication.com/sodar/ Frame 6DBC 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/hhrtBw21.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Sat, 28 Aug 2021 16:14:54 GMT
expires: Sun, 28 Aug 2022 16:14:54 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 562384
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bridge3.478.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame F6AF 574 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.478.2_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192508
date: Fri, 03 Sep 2021 19:55:47 GMT
expires: Sat, 03 Sep 2022 19:55:47 GMT
last-modified: Fri, 03 Sep 2021 19:50:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FC23 44 KB
16 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sat, 04 Sep 2021 04:27:58 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame FC23 107 B
122 B 18ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 04 Sep 2021 04:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2DBF 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 04 Sep 2021 05:13:41 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A984 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 04 Sep 2021 05:13:41 GMT

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame E18E 0
45 B 351ms
286ms Ping
image/gif 2404:6800:4005:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kt5acgdn&c=8470767941255&slotId=4235383970627.5&qqid=CNXgkLm95PICFbbTEQgdSekJFQ&gqid=zfUyYf31EcSo7gOF54nICA&fb=ima_html5-lima&sdkv=h.3.478.2&mrd=4&aab=1&itv=1&met.4=ghmsh_s.kt5acgdo
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:804::2003 Central, Hong Kong, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DBC 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WyPn2IgoBqLw06x46K_q_eg8d-IpxicgJR-1ncxoZqI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 15:36:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 46274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13351
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Sep 2022 15:36:44 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 747F 156 B
142 B 418ms
417ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=425783692270610&sdkv=h.3.478.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3107659055&sdk_apis=2%2C8&sid=EB7216BA-5AC7-426B-8048-E53A35F39CE7&eid=44737473&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&dt=1630729678538&cookie_enabled=1&scor=4061637172896415&ged=ve4_td1_tt1_pd1_la1000_er1157.320.1309.620_vi0.0.1200.1600_vp28_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame F6AF 156 B
142 B 401ms
401ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3260763584954109&sdkv=h.3.478.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1805009808&sdk_apis=2%2C8&sid=B2CF4514-2E84-410B-95CC-8E6CF2D39608&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fteddy_bear_day%2F%3Futm_source%3DEmail2%26utm_medium%3DSpecial_NL%26utm_campaign%3DSNL_sep21_events&dt=1630729678545&cookie_enabled=1&scor=4018337544460223&ged=ve4_td1_tt1_pd1_la1000_er1157.320.1309.620_vi0.0.1200.1600_vp28_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.478.2_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DBC 0
20 B 17ms
16ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.478.2&bgai=BYDvszfUyYZXGE7anx_APydKnqAEAAAAAOAG6BRMIvZCPub3k8gIVRJR7Ch2FcwKJ&bg=!4OOl46fNAAYJpm41CaY7ACkAdvg8WvpZAxtd6V2lpUtWyrECJfnNongZuPQSJFyFD0kokdxbVEvdJAIAAADnUgAAADZoAQeZAkY4ZRFuOq9DGAgMO4d307bty8G35iCi7oYvHBeTpc80r7c8vp8wqLQg1UxbqKpWqO2-aUZ5jsFeZj1KOk_wohPG-tvd0eTyfdfN3TzYwDogjf5CYnIInHRaiePAVwU_BCAI-LahLC6WUFdai75mRIXi9yjHK9NjX_d0bHp8pU6rg74ZdRzNe7D-1i7om_egTyTYZjVE38s8QxhZKR8lY55nYQtJVrMp9gjLN9FoVS-0czAdG4UQLhVSbxIcjqAM98hNAfDnR-E92GuYy_WknHWgnlpk0BUH02gutfR0Kk6P4EISXxSjIeDPZh94gjOd1IFy_Xo7dnVF27bxZ2pkLitRdiwArmaYckSgci7vMAt9Qrm7fKdaY5vQQjovAPsJA3xFIdvRxRe9zjsQ9K_ftjuTHMOJsH9TS-6eG7HWUFAWh_5jIeD8vihzRv5bgGnBucAZwK-DeTM6IPhuv-KKa_m-Q9CLu4nGGsqlvz2pWPXqWXf-mCMfs3GwJ6hInQ0eEv1Q3UcaG6lrOaZHGi3eS2J0gIxQU4MsJJqo9ipyqycCnVS1I5aLbeZW8GtZsHpWHxMQoUv1JTU88cvAhISYxhl_vX1cog9S-rnEMdpwix_aGLxSFIUfY8kafVx8OfhHxV8PN-UcNrY580b-iRpQGYD5dLJW22l_f96lWJiNraWDZ7AkOJI7ivDX5qIcYhBVqeM4MWVvhiy_ExNbhO1xhv8C4oQUa_jTdD_5R2vCxoH6z1rXZ6l-sWtDDC7pbIgtan51TofSAU0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:27:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 188ms
188ms Ping
text/plain 52.34.57.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Sep 2021 04:27:59 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 104ms
103ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45932&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676418-932538396603-007976-002-004453&cha=0.7&stagid=&stplid=&cb=82568373587&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60e594da4123720f2e250d24&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=e3fa51f3576e09d46570c91127a715ff88bcee5a&d9=1000&ad=11&vi=100&ofpr=2&imid=e68ed591b7a8739cfb679b6c04b77526_17231492_12720409&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1630729676518
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:28:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E18E 42 B
66 B 23ms
22ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYxA338bIw-ppPMjT1MCIXcHT7jJBuWaEa2e6CmR87wTqtN23BUcKVuYNwugfk2sJTcP1xPYUTkNTz4OD90ow072cXpPdiqvsoy2LGH2MY3Z8RInQhyjAFeZbR-yNAE9b_zkZhfOc&sai=AMfl-YT0Uh24eLlCE_4-6fdgG2qUNoiacET0zs8_F_Ol2IcvBarKi9znUKJvJ7Z2BEZd-jycUJSlR-zkXuVbz4v0jUcOjM_j5M-jh3cieLgF4i20e19vZ-qHeylMcHN0YOE&sig=Cg0ArKJSzJmr8FwibxzrEAE&id=lidarv&acvw=sv%3D903%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1331,464,221,0,474%26mtos%3D1331,1795,2016,2016,2490%26amtos%3D0,0,0,0,0%26mcvt%3D2016%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2490%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D473%26pst%3D474%26dur%3D10007%26vmtime%3D2240%26dtos%3D2016%26dtoss%3D1%26dvs%3D2016%26dfvs%3D1331%26dvpt%3D2470%26is%3D275%26i0%3D274%26ic%3D1%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D7,2,1,0,3%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483641%26psv%3D7%26psfv%3D6%26psa%3D0%26ptlt%3D1630729680602%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2490&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1630729677864

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview_ext
pagead2.googlesyndication.com/ Frame E18E 42 B
66 B 15ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=8008004584368574997&acvw=sv%3D903%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1331,464,221,0,474%26mtos%3D1331,1795,2016,2016,2490%26amtos%3D0,0,0,0,0%26mcvt%3D2016%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2490%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D473%26pst%3D474%26dur%3D10007%26vmtime%3D2240%26dtos%3D2016%26dtoss%3D1%26dvs%3D2016%26dfvs%3D1331%26dvpt%3D2470%26is%3D275%26i0%3D274%26ic%3D1%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D7,2,1,0,3%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483641%26psv%3D7%26psfv%3D6%26psa%3D0%26ptlt%3D1630729680602%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2490&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1630729677864?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D903%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1331,464,221,0,474%26mtos%3D1331,1795,...
ade.googlesyndication.com/ddm/activity_ext/ Frame E18E 42 B
63 B 71ms
37ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D903%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1331,464,221,0,474%26mtos%3D1331,1795,2016,2016,2490%26amtos%3D0,0,0,0,0%26mcvt%3D2016%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2490%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D473%26pst%3D474%26dur%3D10007%26vmtime%3D2240%26dtos%3D2016%26dtoss%3D1%26dvs%3D2016%26dfvs%3D1331%26dvpt%3D2470%26is%3D275%26i0%3D274%26ic%3D1%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D7,2,1,0,3%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483641%26psv%3D7%26psfv%3D6%26psa%3D0%26ptlt%3D1630729680602%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2490;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1630729677864?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E18E 42 B
64 B 20ms
17ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cl5ZozfUyYZXGE7anx_APydKnqAHpkYbDZP2skYb8DZzgwovBARABILCv4h9gkYSAgPwXyAEFqQK3zvaIH-6zPuACAKgDAZgEAKoEhgJP0Fq2a_oHygGpf2RrlSfUKetGssgXtyUg3f9DJcTjuojJmTfkUfRunC7PBlRqqr5Xnf3u6gbzEmV5oJKf_Cif5JXOzt23s6TySCuJLgZ34pF5ae19Z9SQC8yepCX80pDxJyxBrkE2wDjjhtn7YCgPvgWQ2HC5JEqNVEYV-EQDVJ0PNgfnSgnSBe2cd-j1jLaLUFCBBB4bv0b25Y1yMlSKisMp-kHgVGOP0Rivhb6poKQSr3VK-Lb8WUNMz8MGk7OMBT1r7fl_rS00uievamA-xqfyay5Sgo7-4gOlPM0J6sof-UZE0P9ulTpxVIWPno61j0xm8eB1ql2IcP2NKtyaQXLfkGsDwASanObRzQPgBAGgBleAB62XsaYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE8nsqgzYExOIFAHYFAHQFQGoFgGAFwE&sigh=3ILj666Q2Mw&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=videoplaytime25&ad_mt=2740&acvw=sv%3D903%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1632,464,221,0,474%26mtos%3D1632,2096,2317,2317,2791%26amtos%3D0,0,0,0,0%26mcvt%3D2317%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2791%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D473%26pst%3D474%26dur%3D10007%26vmtime%3D2739%26dtos%3D301%26dtoss%3D2%26dvs%3D301%26dfvs%3D301%26dvpt%3D301%26is%3D275%26i0%3D274%26i1%3D275%26ic%3D0%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1632,2096,2317,2317,2791%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D8,2,1,0,3%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483641%26psv%3D7%26psfv%3D6%26psa%3D0%26ptlt%3D1630729680904%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2791&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1630729677864&sdkv=h.3.478.2&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3OTk3NTQ2MjUyNTIMNTMyMjk4NzUwNjA2QKoDUiAQDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25IqwJQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D903%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1632,464,221,0,474%26mtos%3D1632,2096,...
ade.googlesyndication.com/ddm/activity_ext/ Frame E18E 42 B
63 B 39ms
37ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D903%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1632,464,221,0,474%26mtos%3D1632,2096,2317,2317,2791%26amtos%3D0,0,0,0,0%26mcvt%3D2317%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2791%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D473%26pst%3D474%26dur%3D10007%26vmtime%3D2739%26dtos%3D301%26dtoss%3D2%26dvs%3D301%26dfvs%3D301%26dvpt%3D301%26is%3D275%26i0%3D274%26i1%3D275%26ic%3D0%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1632,2096,2317,2317,2791%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D8,2,1,0,3%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483641%26psv%3D7%26psfv%3D6%26psa%3D0%26ptlt%3D1630729680904%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2791;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1630729677864?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 188ms
187ms Ping
text/plain 52.34.57.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Sep 2021 04:28:01 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 757ms
757ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45932&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676418-932538396603-007976-002-004453&cha=0.7&stagid=&stplid=&cb=82568373587&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60e594da4123720f2e250d24&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=e3fa51f3576e09d46570c91127a715ff88bcee5a&d9=1000&ad=11&vi=100&ofpr=2&imid=e68ed591b7a8739cfb679b6c04b77526_17231492_12720409&e=firstQuartile&ad=11&vi=100&d1=vpaid&fv=3&cb=1630729676518
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:28:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 314ms
104ms XHR
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45932&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676418-932538396603-007976-002-004453&cha=0.7&stagid=&stplid=&cb=82568373587&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 04 Sep 2021 04:28:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 493ms
493ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45932&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676418-932538396603-007976-002-004453&cha=0.7&stagid=&stplid=&cb=82568373587&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60e594da4123720f2e250d24&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=e3fa51f3576e09d46570c91127a715ff88bcee5a&d9=1000&ad=11&vi=100&ofpr=2&imid=e68ed591b7a8739cfb679b6c04b77526_17231492_12720409&e=sec3&vi=100&d1=vpaid&fv=3&cb=1630729676518
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:28:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 343ms
135ms XHR
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=63500&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676042-919282496603-008207-007-001317&cha=0.7&stagid=&stplid=&cb=69096585160&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 04 Sep 2021 04:28:01 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
22 B 15ms
14ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=0&streamcorr=0&loc=https%3A%2F%2Fwww.123greetings.com%2F&ref=https%3A%2F%2Fwww.123greetings.com%2F&gcasclass=1&vpaidadapter=f&ifstate=0&lid=70&sdkv=h.3.478.2&e=418572006%2C44731964&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E18E 0
22 B 15ms
15ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.478.2&e=418572006%2C44731964&id=ima_html5&c=4011844111548609&domain=www.123greetings.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E18E 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cl5ZozfUyYZXGE7anx_APydKnqAHpkYbDZP2skYb8DZzgwovBARABILCv4h9gkYSAgPwXyAEFqQK3zvaIH-6zPuACAKgDAZgEAKoEhgJP0Fq2a_oHygGpf2RrlSfUKetGssgXtyUg3f9DJcTjuojJmTfkUfRunC7PBlRqqr5Xnf3u6gbzEmV5oJKf_Cif5JXOzt23s6TySCuJLgZ34pF5ae19Z9SQC8yepCX80pDxJyxBrkE2wDjjhtn7YCgPvgWQ2HC5JEqNVEYV-EQDVJ0PNgfnSgnSBe2cd-j1jLaLUFCBBB4bv0b25Y1yMlSKisMp-kHgVGOP0Rivhb6poKQSr3VK-Lb8WUNMz8MGk7OMBT1r7fl_rS00uievamA-xqfyay5Sgo7-4gOlPM0J6sof-UZE0P9ulTpxVIWPno61j0xm8eB1ql2IcP2NKtyaQXLfkGsDwASanObRzQPgBAGgBleAB62XsaYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE8nsqgzYExOIFAHYFAHQFQGoFgGAFwE&sigh=3ILj666Q2Mw&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=videoplaytime50&ad_mt=5240&acvw=sv%3D903%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D4134,464,221,0,474%26mtos%3D4134,4598,4819,4819,5293%26amtos%3D0,0,0,0,0%26mcvt%3D4819%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5293%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D705%26pst%3D474%26dur%3D10007%26vmtime%3D5240%26dtos%3D2502%26dtoss%3D3%26dvs%3D2502%26dfvs%3D2502%26dvpt%3D2502%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26ic%3D16777728%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2502,2502,2502,2502,2502%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D19,2,1,0,3%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483585%26psv%3D63%26psfv%3D62%26psa%3D0%26ptlt%3D1630729683406%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5293&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1630729677864&sdkv=h.3.478.2&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3OTk3NTQ2MjUyNTIMNTMyMjk4NzUwNjA2QKoDUiAQDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25IqwJQABgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D903%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D4134,464,221,0,474%26mtos%3D4134,4598,4819...
ade.googlesyndication.com/ddm/activity_ext/ Frame E18E 42 B
63 B 38ms
38ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D903%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D4134,464,221,0,474%26mtos%3D4134,4598,4819,4819,5293%26amtos%3D0,0,0,0,0%26mcvt%3D4819%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5293%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D705%26pst%3D474%26dur%3D10007%26vmtime%3D5240%26dtos%3D2502%26dtoss%3D3%26dvs%3D2502%26dfvs%3D2502%26dvpt%3D2502%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26ic%3D16777728%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2502,2502,2502,2502,2502%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D19,2,1,0,3%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483585%26psv%3D63%26psfv%3D62%26psa%3D0%26ptlt%3D1630729683406%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5293;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1630729677864?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 188ms
187ms Ping
text/plain 52.34.57.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Sep 2021 04:28:03 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 111ms
111ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45932&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676418-932538396603-007976-002-004453&cha=0.7&stagid=&stplid=&cb=82568373587&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60e594da4123720f2e250d24&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=e3fa51f3576e09d46570c91127a715ff88bcee5a&d9=1000&ad=11&vi=100&ofpr=2&imid=e68ed591b7a8739cfb679b6c04b77526_17231492_12720409&e=midpoint&ad=11&vi=100&d1=vpaid&fv=3&cb=1630729676518
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:28:03 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E18E 42 B
210 B 19ms
18ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cl5ZozfUyYZXGE7anx_APydKnqAHpkYbDZP2skYb8DZzgwovBARABILCv4h9gkYSAgPwXyAEFqQK3zvaIH-6zPuACAKgDAZgEAKoEhgJP0Fq2a_oHygGpf2RrlSfUKetGssgXtyUg3f9DJcTjuojJmTfkUfRunC7PBlRqqr5Xnf3u6gbzEmV5oJKf_Cif5JXOzt23s6TySCuJLgZ34pF5ae19Z9SQC8yepCX80pDxJyxBrkE2wDjjhtn7YCgPvgWQ2HC5JEqNVEYV-EQDVJ0PNgfnSgnSBe2cd-j1jLaLUFCBBB4bv0b25Y1yMlSKisMp-kHgVGOP0Rivhb6poKQSr3VK-Lb8WUNMz8MGk7OMBT1r7fl_rS00uievamA-xqfyay5Sgo7-4gOlPM0J6sof-UZE0P9ulTpxVIWPno61j0xm8eB1ql2IcP2NKtyaQXLfkGsDwASanObRzQPgBAGgBleAB62XsaYCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwHSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgPICwGwE8nsqgzYExOIFAHYFAHQFQGoFgGAFwE&sigh=3ILj666Q2Mw&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&label=videoplaytime75&ad_mt=7709&acvw=sv%3D903%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D6583,464,221,0,474%26mtos%3D6583,7047,7268,7268,7742%26amtos%3D0,0,0,0,0%26mcvt%3D7268%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7742%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D934%26pst%3D474%26dur%3D10007%26vmtime%3D7708%26dtos%3D2449%26dtoss%3D4%26dvs%3D2449%26dfvs%3D2449%26dvpt%3D2449%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2449,2449,2449,2449,2449%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D36%26emuc%3D0%26emb%3D30,2,1,0,3%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483393%26psv%3D255%26psfv%3D254%26psa%3D0%26ptlt%3D1630729685854%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7742&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1630729677864&sdkv=h.3.478.2&vci=CmgIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDQ3OTk3NTQ2MjUyNTIMNTMyMjk4NzUwNjA2QKoDUiAQDyUAADBBKAE6B3Vua25vd25CB3Vua25vd25IqwJQABgB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D903%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D6583,464,221,0,474%26mtos%3D6583,7047,...
ade.googlesyndication.com/ddm/activity_ext/ Frame E18E 42 B
107 B 40ms
38ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=8008004584368574997;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D903%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D6583,464,221,0,474%26mtos%3D6583,7047,7268,7268,7742%26amtos%3D0,0,0,0,0%26mcvt%3D7268%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7742%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D934%26pst%3D474%26dur%3D10007%26vmtime%3D7708%26dtos%3D2449%26dtoss%3D4%26dvs%3D2449%26dfvs%3D2449%26dvpt%3D2449%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2449,2449,2449,2449,2449%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D672%26femvt%3D0%26emc%3D36%26emuc%3D0%26emb%3D30,2,1,0,3%26avms%3Dexc%26qi%3D902751835%26psm%3D-2147483393%26psv%3D255%26psfv%3D254%26psa%3D0%26ptlt%3D1630729685854%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7742;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1630729677864?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Sep 2021 04:28:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 189ms
188ms Ping
text/plain 52.34.57.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 04 Sep 2021 04:28:05 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 105ms
103ms Image
text/plain 3.235.208.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=NL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=45932&t=1630729676&cip=159.48.55.4&sn=Email2&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1630729676418-932538396603-007976-002-004453&cha=0.7&stagid=&stplid=&cb=82568373587&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60e594da4123720f2e250d24&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=e3fa51f3576e09d46570c91127a715ff88bcee5a&d9=1000&ad=11&vi=100&ofpr=2&imid=e68ed591b7a8739cfb679b6c04b77526_17231492_12720409&e=thirdQuartile&ad=11&vi=100&d1=vpaid&fv=3&cb=1630729676518
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.235.208.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-235-208-250.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 04:28:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

Verdicts & Comments Add Verdict or Comment

466 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.123greetings.com/	1970-01-20 06:20:25	Name: __gads Value: ID=458872c4098ffce1-22229dcdeec80099:T=1630729672:RT=1630729672:S=ALNI_Mbi3kpD-ZhowW-RoUYZqOYNCGBQmQ
.doubleclick.net/	1970-01-19 20:58:50	Name: test_cookie Value: CheckForPermission
.123greetings.com/	1969-12-31 23:59:59	Name: utm_source Value: Email2
.123greetings.com/	1970-01-19 20:58:49	Name: _gat_gtag_UA_5085183_1 Value: 1
www.123greetings.com/	1970-01-19 20:58:49	Name: config_data Value: CADB=1\|CLG=1\|CBR=1\|CUB=1\|CCC=1\|CFLC=1\|CPFR=1\|CBRR=1\|TCP=1\|TAP=1\|TCAP=1\|TRE=1\|QkDshLgd=0\|FBCon=1
.123greetings.com/	1970-01-19 21:00:16	Name: _gid Value: GA1.2.1995542822.1630729673
.123greetings.com/	1970-01-20 14:30:01	Name: _ga Value: GA1.2.829018337.1630729673

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events
console-api	info	URL: https://cdn.ampproject.org/rtv/012108170213000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2108170213000 https://www.123greetings.com/events/teddy_bear_day/?utm_source=Email2&utm_medium=Special_NL&utm_campaign=SNL_sep21_events

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
ads.adaptv.advertising.com
adservice.google.com
adservice.google.de
avm.avantisvideo.com
c.123g.us
cdn.ampproject.org
cdn.avantisvideo.com
cdn1.avantisvideo.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d.adroll.com
dmp.brand-display.com
dsum-sec.casalemedia.com
e5f6d31bd1a5fdf70aa6b834c8fbbfd9.safeframe.googlesyndication.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
htlb.casalemedia.com
i.123g.us
i.ytimg.com
ib.adnxs.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
play.aniview.com
player.aniview.com
pubads.g.doubleclick.net
px.owneriq.net
rr5---sn-4g5ednsl.googlevideo.com
rr5---sn-5hnekn7k.googlevideo.com
s.amazon-adsystem.com
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.avantisvideo.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adotmob.com
sync.aniview.com
tpc.googlesyndication.com
track1.aniview.com
trkn.us
ups.analytics.yahoo.com
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.maqors.com
13.248.242.197
135.125.160.160
142.250.185.130
142.250.186.130
142.250.186.162
142.250.186.38
142.250.186.66
151.101.14.49
18.156.0.31
18.159.16.69
184.72.245.68
185.183.112.148
185.33.221.88
185.94.180.124
2.18.234.21
209.54.176.128
23.37.38.181
23.79.154.245
2404:6800:4005:804::2003
2600:9000:2156:400:3:748e:7940:93a1
2600:9000:2156:ac00:1c:38a0:8a40:93a1
2600:9000:2156:fe00:8:9ed9:9c40:93a1
2a00:1450:4001:6a::a
2a00:1450:4001:803::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:827::2016
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2001
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9d
2a00:1450:400e:2::a
2a02:26f0:6c00:28a::2c79
2a02:26f0:6c00:2ab::2c79
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.235.208.250
34.196.245.189
35.241.40.233
38.91.45.7
52.1.46.74
52.209.104.25
52.34.57.2
54.227.131.5
54.235.95.241
54.93.162.63
67.27.233.252
67.27.234.124
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
021f9089e7fe358f8be4fd80f24b65df45c53720a7da122683d305993672993f
0299ce766df424b69a25530d8afe7c2352cb6240c7510fe7be67d8cd53bd3467
041444b556ebfa412f45a168e7899df614e38bed233fa630ab6055db734df39c
0544909d1e823777823b631b929676619577a1b6f37f39042303d5e2c2eb08fa
0596974ea0a4aa88cce0d0683b3af837fb80d633788395a98723d319f39c8de4
0677a3e17670aa44ed3ec4f010d6dfdc869b02f79aec76a79f7de6fcc7679833
06ce32716993929806136944db26089c565154a85602e1bb65f752d228dc0ec1
06e7c2ba8669e318ee2d42aa9a4392ebd04204e515f8808d8410e274d37c4a26
07a30bec2509a7e82bdfa701d2968dcb0d8daaee6db5a8ee7ddc2816a4b7af25
07bf9659289ea0866567384afce73ad60a9d1a8ed4c7e2f3db5a19afde28d63e
08d00ff2cce487220599803e146a8e6ec56c64c9e44111d6e4cd259fedb779f3
096cc8119b1a9ce89f961459276ef8711dacdb3b3a2d45e20f45d5658731749d
0a0d991f07cc8cc18f1a3acbe06e168af9ccb26e33c760b6cf433f9f3485cd3c
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0cf3c727c01b15b57816eb62caae78199b484c0e3bf532a72940fbf4549aa107
0df444b2019f1ce03bd76009856b8973928a00e590a4de7da6b5465b224b9600
0e7b0f2bc70b8fedc9bddb6b90c86a77becada80e76765eb35b03b975b0810d2
0eefdd61a5318dbbb9da1eddd3c15f4e65d5843e638d3e1f14f84b95aab68367
0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
11a05afbf5502a5ee1f76168de53e9f2b18e5dccfce9f8488b040cbe6ff016c4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
12f492b4abdff146139e0cb4d053f4d9b1b7a379d60c36e6ebd10d734c4830c4
1459debe4ae50fd8d33bf2b2ea987bb180ddb9a66014c4bec96ca790e7d123b1
14c9fbe3c72b37dee6b92294dd299a1a5ef9e6473921d1077bb6cb81019a353e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1be8f472a7c51fa0cbe4690d33377bd48164e57663813c0def7ef58399144cc8
1d739e4202da4367d6efe7444d3a3a17182f27fcdd8c7338d7282cafdad58520
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
1e74b2379ce5629df54e839c1ac996960aa6ad6c31b44bc19e723f08c3e898e8
21026407398ed753d48cd817a1f47881738ab30f449b90aa3f83d179ff3ed267
2468d8defc10a0ab4f1c4cdfdb085d486de1d1190998cc1b0ef86f0540da2d34
25e03362f174b3808a73c0cc86e56fb7a13d88b4490709fe7370587651f50b92
2a439cc77df8ecb0a4fbca7b642ddd84ebd453de4442a057a5c7959dddbe6edd
2c7e337c3a62c61956a296e38e61cb5d629639ef85e4155b01139fb16110fd7b
2d3b2e22d70008bb3169f94e559402dea13c50bbafe6326abf99b87855476d63
2ea52239d097b4c56c63e249ca063b930f4f56c06c3face99a59238b77b5a664
30e55894e265bde81cd5430a3d9c3ac7c65fc3b2e9d6a1fdb57912ea73755e29
31f2f7a06f6255bde723d3b0e1732860c1194ffe3933143fb408d62577f2ad93
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
33c145990b55dfe153d5e99b1057c5d06f5a3fdfa2a7b1a17b2aa8ff3cbb1726
33f741884d49aa4540005845acbcfc179b071230ead16ff1f950b0c88e7e184c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3644c7d20e5506c54c5b0a56ee92f2346f93263115b1ca259c6138cffeabc6bb
37af42f21ea09e957001348e06d2c85e1caec157ad715c9209a9998044ac48bd
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c4813d0e2e955fa901604a50ffd7ba030fe03307a97e2f842f337b4a4423b8d
3d1069fbf31ff9fc80f2b1fdcc55f1cbb574e3f24ef46dcda23ab3dc96383b7c
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038
3fbe9ac8b0affe8e4bdec2fec63a1577596cb3377ad23af8b57ff5ed879f36e1
422d343bcf18609001546a5a7f0c205b657365afcc177744c47c5486e32f917a
4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4859383f77274f674ef678cde3203242dc5fd669c701466e7efc77832cd12ee4
48bb89434a42b4fb519f27e9272e018e8151383b4b7f46f26260f5fd29e5f05e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5010abc38d335ee8205f1ebf7d7c29fbc266076903263054feb2a070a16a4633
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0
5738c733f2f7b04e67edebebb67f01a2022d611ce73cbbf9ac15aa8186c6613e
5b23e7d8882806a2f0d3ac78e8afeafde83c77e229c62720251fb59dcc6866a2
5d64b7235acc0c2316fc199c7d90707105d389eeac3dbc3d49470faa5b2d2dc7
5ffdd97134640d7ca89f48eaa7e8eddf9aeacba9dd979c83e52b5034e49d6f82
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba74b0b7223564fe5de95a05498160da36162274673a6c4583a757d233c41b1
6e4e05014fbab6aa2ddc30c348f497bdc08efac4ffc924012735d9dbf998a28a
72ab9d3d6e9dfa553ef2f8d32ed0e0d1d0d5ae732f96d23949edd896c3749c6b
734916dd2274c2a453b0153da2cfa97a176ca0cabdf6bb0c9bff7a4a27d71b63
73a7582944ea3d2436e48c69e3c095eb97fc14311b107a078ed0ba41c4a34c7f
7a50e857a45e0b8eb897f1056a8dd0ed3cace773bc197aabf8a68b9c158611b2
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82bd02cee2c77b75a28a94f51c1163035315c09ef8eafe6fa5f79f35b97424e5
8530cade1947d725cb27c08a6a840cfd711bab775b77977b8e08ea77449daada
860080a1b20c4ed1904cdfb18c5d1b80c81099809b3fb633d74f9432d903b1ab
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8898fa24d18d72b4cdc1ae5dde786012074f906223e6d7fe0b4a48c8eef1fce4
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8cd4b8b06d59ef4dd52b1d2b22c9dd0a2c2f0d42f0bccbf918a07dbaf3e531f6
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9f1e7a5653eade39c663ba7e740f5f8b51fde9a7fcc7e2d59b0338598e5075
8ff93a61ffca62bd50b92cd3d9988832e62634f89a7cbb6fb56625b6a556cd12
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9158e53d7052a6df65c12e3a59a8c77a8be353425523e4eff057fa5578e654ad
921d1de33f247f7219294a6460b8edafb596544e90a175b65f537a24f20612a1
930fa33a0b9938b3cf5dc4b3c3e35d0d66e9a4f6f6dc05fdbc67b3260637cc06
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944
9775d6c214a05f699701974c19e12cb9d1ac1b6ef9eb815335b22f7276133c1c
987a85ec33287307910313fc7b22a8ab6cd0dc24e9fe5945f8a42af4223c1550
9a876f6cbd09c5f245491f6877db2a6bb7faa356893ae8a5f8881b2ad6c64212
9db91125bfb4ba988f94064f61492ec86f7c4b2c8bd5e280a588abd3b4872e39
a037373f80e4a76c30cdb23c1a3246c797bd7c75ff21fbd7fc4105326bc237ca
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a2a89ce9e38e4fe4b9caf2ca725576fd755097fbda47179b2369271cd691846b
a36d6c6c03c7ba4db1d35c8e00d933fc1ce336cc52bfdf50652134be67d4d759
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8ee3878706308d6510ccd26c48cc3d67beb8fb85fdfbfc170b1f7a81e53994f
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ace30162bc4c525e70b147c8f9a10292d592353f78dcd0530d132156cb194e98
aea7b1303319ccfd89bc9a9770e30917bbe180a40b7db8587e633ac0a065147b
b0528499b441e38c1df530e872b6674aba3c4c55abcd811d1292bccb4c0bae5a
b0b2dbc2b45b27b3bf32502ea2ef7cc3bce1025d91972489a9d4c3641553df31
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b2f6cd96336b6b45e4d5476c21ae0e2557fac2da2c27e0f2c2eb406294ea2433
b3d4c59262464ac626eec4a5d33c3cd116b43bd515fab22723d2af726e5b90a8
b3d782c3f7de838e429284d3b51d54265a54b3a5b97d94ee659719df9051370b
b4f8f96d9f1763edb767893e20c4c74a9069fee7143d98eb1899cafbad88fd66
b5dc7ad3b3d9dffc2b9c95809de7a9ef6b5d9da3fd729c7cc5b116516ea7e6d4
b658a8b132845145dbc692bf1d77e8597ef503daae1d1bd918ef590819c9d674
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b875b611df0be257b8594f35a81b26a32d46b378872322f8cdf026d67d15ed53
bd3a2482b7b952b621e16a05c3bb1847829d057fb1384f4c32d1362b8153e967
bd842cf720db8dd91f5445eb93ca810e2d6fbce902fe76aa648097daebcbf070
bdaf76e731501c265355ceb0a5d876fc2f3026860658752bb23dab7183f95c2c
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c4bcd2072e257cdd801187f50c649ee8793a12e2191731750a759f26273a46c7
c76cc68adbbc958993e23bf9ad18979f7aeaab6274b1f2322afb581d22eb855f
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
cad23c540070d978828c6e5749c9895295c81d218f474db83629a0a8a9c818c6
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cb658d8af264091d320d32e952cb1756ea0145c2f6497b182a39e7ce4e466653
cd109685aad091ac9e233f99deedc4ff3aa2302a7d7d8a7064d6a14d1f87db77
cd64252b3cfbe5d390ad0c7313b1fdeffe8eeb394d932ce7b55f950f892b1539
ce04f68d2b035b6adfab2de7758c64c455c8c2a1db70d0df2f2725ae7c41426d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d19f2f7ecec4aa29e97fdb6bf94bd887c10d884a0a0a32cdde99aae34b5a1d1e
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d42551b36f344c14cbab00492d682f78ff716f25436e56f2ec19605017f49071
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d9d77c77cf756b06f15f8d820a3c900973c8f8a869976673dfb9459424c05533
de1b1554b2894de2110c2808f519e4f19d8fef62838ccf33143d9fc02edea885
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4fefe726dd6185b6d388713116405e96e568a3d3324548d1e3d744c1b90c33
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
e2f63c98f61325998b3ae75aa14a6ab0af5c46ecc0c6a68b4f899ca398b12f50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40076b0d923d20a23a8170e020cf67a600fbfc09f5ebdf1dcf12d32449f113c
e91e7d4b434bf577e8f9f0fef4a45ab94c41fd0493ff9e760bcd398732f6fdc4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796
f38b8c2336c96e72481aae984bb3af88e05e786b06e056c51f610ba93293d702
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f4a74fe2cef1d4e3ca293944e20763b350954439d0966a662691d304d9e1aac3
f9d3489d449d8a660f12f3040b6678e5ae0206fbaeb35df49c47b7c3fe0df3ab
fae2773cd95cb857866b4b3a54777c88f6c03e0167bf323c2a1f431985887b61
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe537b6221c5b1e17b371005ca8323792d4f0ebdfde79c0245b883ba7581fcd2

www.123greetings.com Open in urlscan Pro 184.72.245.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

395 Requests

100 %HTTPS

49 %IPv6

37 Domains

63 Subdomains

52 IPs

7 Countries

8873 kBTransfer

18830 kBSize

7 Cookies

12 Outgoing links

Page URL History

Redirected requests

395 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Screenshot
Live screenshot

Full Image

395
Requests

100 %
HTTPS

49 %
IPv6

37
Domains

63
Subdomains

52
IPs

7
Countries

8873 kB
Transfer

18830 kB
Size

7
Cookies

395 HTTP transactions
14 data transactions