www.123greetings.com Open in urlscan Pro
184.72.244.154 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Submission: On July 02 via api (July 2nd 2021, 12:36:06 pm UTC) from BE

Summary HTTP 448 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 47 IPs in 6 countries across 21 domains to perform 448 HTTP transactions. The main IP is 184.72.244.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.

This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	184.72.244.154 184.72.244.154	14618 (AMAZON-AES) (AMAZON-AES)
25	67.27.157.252 67.27.157.252	3356 (LEVEL3) (LEVEL3)
33	67.27.157.124 67.27.157.124	3356 (LEVEL3) (LEVEL3)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
61	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 3	52.206.179.19 52.206.179.19	14618 (AMAZON-AES) (AMAZON-AES)
11	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
17	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
43	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
9	2600:9000:20e... 2600:9000:20eb:400:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba12	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
8	54.187.161.230 54.187.161.230	16509 (AMAZON-02) (AMAZON-02)
13	52.42.142.109 52.42.142.109	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:6c0... 2a02:26f0:6c00:2ab::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	52.22.200.65 52.22.200.65	14618 (AMAZON-AES) (AMAZON-AES)
2	52.206.107.130 52.206.107.130	14618 (AMAZON-AES) (AMAZON-AES)
4 7	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
2	52.45.125.207 52.45.125.207	14618 (AMAZON-AES) (AMAZON-AES)
3	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
20	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	108.177.15.155 108.177.15.155	15169 (GOOGLE) (GOOGLE)
2	52.210.216.43 52.210.216.43	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4006:812::2003	15169 (GOOGLE) (GOOGLE)
6	52.17.241.173 52.17.241.173	16509 (AMAZON-02) (AMAZON-02)
2 8	99.81.129.224 99.81.129.224	16509 (AMAZON-02) (AMAZON-02)
4 4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:3d::8	15169 (GOOGLE) (GOOGLE)
13	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
7	34.247.125.120 34.247.125.120	16509 (AMAZON-02) (AMAZON-02)
10	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
448	47

1 184.72.244.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com

www.123greetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 67.27.157.252 (United States)

ASN3356 (LEVEL3, US)

c.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 67.27.157.124 (United States)

ASN3356 (LEVEL3, US)

i.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.206.179.19 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-179-19.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:20eb:400:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.187.161.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-161-230.us-west-2.compute.amazonaws.com

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.42.142.109 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-142-109.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 52.22.200.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-200-65.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.206.107.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-107-130.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.91 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.125.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-125-207.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.216.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-216-43.eu-west-1.compute.amazonaws.com

vast.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:812::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.17.241.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-241-173.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 99.81.129.224 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-129-224.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:3d::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5ednz7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.247.125.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-125-120.eu-west-1.compute.amazonaws.com

unified.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
105	googlesyndication.com pagead2.googlesyndication.com a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	937 KB
59	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net googleads4.g.doubleclick.net pubads.g.doubleclick.net bid.g.doubleclick.net	253 KB
58	123g.us c.123g.us i.123g.us x.123g.us	926 KB
36	adsafeprotected.com 2 redirects vast.adsafeprotected.com static.adsafeprotected.com pixel.adsafeprotected.com dt.adsafeprotected.com unified.adsafeprotected.com	291 KB
35	avantisvideo.com cdn.avantisvideo.com static.avantisvideo.com cdn1.avantisvideo.com avm.avantisvideo.com events1.avantisvideo.com	252 KB
32	aniview.com play.aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	389 KB
25	2mdn.net 4 redirects s0.2mdn.net gcdn.2mdn.net r3---sn-4g5ednz7.c.2mdn.net	1 MB
24	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	3 MB
22	google.com 1 redirects adservice.google.com www.google.com	4 KB
11	googletagservices.com www.googletagservices.com	371 KB
10	ampproject.org cdn.ampproject.org	201 KB
9	ytimg.com i1.ytimg.com i.ytimg.com	37 KB
8	gstatic.com fonts.gstatic.com csi.gstatic.com	100 KB
7	adnxs.com 4 redirects secure.adnxs.com ib.adnxs.com	6 KB
4	google.de adservice.google.de	1 KB
3	spotxchange.com search.spotxchange.com	3 KB
3	googleadservices.com partner.googleadservices.com	844 B
3	trkn.us 1 redirects trkn.us	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
1	123greetings.com www.123greetings.com	15 KB
448	21

	Domain	Requested by
48	pagead2.googlesyndication.com	www.123greetings.com pagead2.googlesyndication.com tpc.googlesyndication.com a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net www.googletagservices.com srcdoc
43	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com www.123greetings.com googleads.g.doubleclick.net cdn.ampproject.org imasdk.googleapis.com
32	i.123g.us	www.123greetings.com c.123g.us
25	googleads.g.doubleclick.net	pagead2.googlesyndication.com a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com www.123greetings.com
25	c.123g.us	www.123greetings.com c.123g.us
22	track1.aniview.com	player.aniview.com
20	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
17	s0.2mdn.net	googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.123greetings.com
13	dt.adsafeprotected.com
13	events1.avantisvideo.com	cdn.avantisvideo.com
13	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
11	pubads.g.doubleclick.net	imasdk.googleapis.com
11	www.googletagservices.com	c.123g.us pagead2.googlesyndication.com a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com securepubads.g.doubleclick.net
10	ade.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	www.google.com	1 redirects tpc.googlesyndication.com a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com www.123greetings.com
8	pixel.adsafeprotected.com	2 redirects static.adsafeprotected.com pixel.adsafeprotected.com
8	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
7	unified.adsafeprotected.com
6	static.adsafeprotected.com	imasdk.googleapis.com www.123greetings.com
6	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
6	cdn.avantisvideo.com	securepubads.g.doubleclick.net cdn.avantisvideo.com
6	i.ytimg.com	www.123greetings.com
5	player.aniview.com	cdn.avantisvideo.com player.aniview.com
5	static.avantisvideo.com	cdn.avantisvideo.com www.123greetings.com
4	r3---sn-4g5ednz7.c.2mdn.net
4	gcdn.2mdn.net	4 redirects
4	secure.adnxs.com	4 redirects
4	a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	search.spotxchange.com	player.aniview.com
3	ib.adnxs.com	player.aniview.com
3	cdn1.avantisvideo.com	cdn.avantisvideo.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	trkn.us	1 redirects www.123greetings.com
3	i1.ytimg.com	www.123greetings.com
2	csi.gstatic.com	imasdk.googleapis.com
2	vast.adsafeprotected.com	imasdk.googleapis.com
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	sync.aniview.com	player.aniview.com
2	go1.aniview.com	player.aniview.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	play.aniview.com	cdn.avantisvideo.com
1	ajax.googleapis.com	tpc.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	x.123g.us	c.123g.us
1	www.googletagmanager.com	www.123greetings.com
1	www.123greetings.com
448	51

This site contains links to these domains. Also see Links.

Domain
studio.123greetings.com
itunes.apple.com
play.google.com
nl.123greetings.com
www.addthis.com
info.123greetings.com
blog.123greetings.com
widgets.123greetings.com
help.123greetings.com

Subject Issuer	Validity	Valid
*.123greetings.com Go Daddy Secure Certificate Authority - G2	`2020-04-29` - `2022-04-29`	2 years	crt.sh
*.123g.us Go Daddy Secure Certificate Authority - G2	`2019-06-21` - `2021-09-16`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2021-01-19` - `2022-02-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.avantisvideo.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
content.avantisvideo.com R3	`2021-05-03` - `2021-08-01`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
wrapper-vast.adsafeprotected.com Amazon	`2020-12-18` - `2022-01-16`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-06-22` - `2021-08-31`	2 months	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh

This page contains 67 frames:

Primary Page: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Frame ID: 575709BC7C8AAA27DDE4FFDAFC4FF61B
Requests: 166 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/zrt_lookup.html
Frame ID: 4372539ED1DB5E41328CB2D070C9E72E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1625226738&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625229344987&bpp=3&bdt=839&idt=73&shv=r20210630&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8330245361517&frm=20&pv=2&ga_vid=2059230183.1625229345&ga_sid=1625229345&ga_hid=1122298445&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066110%2C31061662&oid=3&pvsid=1405036249209206&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
Frame ID: A10A4E8A9C291AAEF38CC233BE54963A
Requests: 1 HTTP requests in this frame

Frame: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6E05A0055634DE9AD9ED11A6E2746814
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4F15ECC7C8A785866DFD1B95043B58A5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A1CADA233BB810787344B7624FAE189
Requests: 1 HTTP requests in this frame

Frame: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D52B3900E1D3E3357C6A3EC1589D83BD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNuAgAEQgqDM9AEY3dbzngEwAQ&v=APEucNW4pgxaCx0QReMFtzs9G6ZvqdwGXPqb0hxf5XCBITXUXMli1QPKQHLs_S5SFswGX1m4YX1aXmsYioOOLiKONoO_lsWMNg
Frame ID: 1F23B058A4F73D16B10A20EFDB607CB5
Requests: 1 HTTP requests in this frame

Frame: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7DBB88FDCF8EE65725F8F42AA1C26D17
Requests: 9 HTTP requests in this frame

Frame: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 10510E7583BFF55333D18C8F642B7F24
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOL1atWA-imjMyM98lXjsoqevfWvZPj4BzmaRYEZzyW1VB-xQnwJQ094Ru9DvgNx-bl0Qh7p8DXVdwKZout_iYfim-0bSh6ZGhFUDbUZryH0jyqMLyjdFiuRaP3JuZfbRg-ileZ1jNIH2dMhy9nBkNAq6xp8fPSjNRXarjC2_VKZf14yjIgVNlKZP4akivJsXh6nVtjdapidb-G2YPc-ISqvzCzGQCcS8Nis3DMv-LmxBVJa0eSwKovp6k-uHE9DDTczfmfKjFzTaEAA0b5fXclAAxkxCqKAUvsy6Dg7g3Kj29YFnxPO6HwNs8Qd1cN0WuA2Wcl0KuHJup&sig=Cg0ArKJSzKkfDdVbjckhEAE&urlfix=1&adurl=
Frame ID: 259FC1F3D41239200F6A98AF07390496
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Frame ID: 82747147BA06F1A80B393B51995DB4F2
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs
Frame ID: FA272CAAB737838DF8F00AA939189049
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4E1ANaiYYgAiGp5bq-5iXtQ0HTsKbRBtMwy6gC0awQvdx503LMn0PL-uJgilUpov6wc4a6vvJYtbt4_5T39sA1typibu_dbD76cbGQtfhz7psby-6ues-vOnZ4uaakL5wukkqTS_juKRvgSLSqqvczE3yibfUcaQLQSVBWFQ1I0bB4JEYL1E4IMyxWJyi2NRc0gZvzMNSilc9VLVBOObbiuHG4H6YdVSsmH-SxNBjUiQrYSDXvSWmhQy2LFrdg_HX3Nf0Pr0nEzD-YpLTJ7rm55aTfnA_RvX5PGEGSh_Is9Zhc4rLE9cAAwZwg7h336JcZ0MwzFPdQA&sig=Cg0ArKJSzBYLlr9jIiS8EAE&urlfix=1&adurl=
Frame ID: 602C8B8F0AB511E6DD1EF97E5327AC48
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuG2hHzfyveJPi4uOuLCwH8HPdIdSI47lF1TGx6lBMyOmgMFmjQxW6a4CNiQ6ycfQ1y0ly-vinRV4lolq3W1SaeXMyB6k7M6zqJe51LEYZyAg2x9CS3a4brXIqZA7itTFFe65YM6DAciqVk0Al5b9xmaoduStiyhmfqLA-rdDEVGFMGuftNizctbNFP3PTY8ppuaNpnnysa2-P_9K3dnf0Fnn6sUKNxg0VdKRQRM6l3zPBzVsznW0zsVwZ3nY-prNlICgLVTOmIBFnYsP3Pjpo4xKFwdng0XgxlPCRubKMkNCLqCRWmpvGl0ONuhyc6GpN3chBlJyqb3A&sig=Cg0ArKJSzBQp3Ojlrf_LEAE&urlfix=1&adurl=
Frame ID: B227BDDAA3C6316AE02857DF7CFC99F6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurP2nuHeqjNuKyJFLbDBoS_h21Dtoni898wuU41yDApKpn-Eg2RHTXsW2HQ2xzsX48k6HES-EvuJCm0CrLBmI-Q7ez_lV8fjr3f5BwDnL9q_up-MEqai9RsQLHk0_vK0wObp2a47BGqoPAXhQsSsct_cZBBwFDyKXV60TeaPuOOvnuKP0KxnEuwggNtLig71M68Mdt04N6gFIMGZ_il8IXUfBzKnlh5kvuDspw1wL0vp61saXr_TPXxpgBkXIES7uIViFszOwMyCdfDJ5YP8iH0IylW4SKCBhfLtWJ7Kw5SgvpcLkg-DOwaAjFTjJEOUzrx85wEopg6yznixPtU343sQ&sig=Cg0ArKJSzMldfsVkkPfxEAE&urlfix=1&adurl=
Frame ID: AD787997CF2BEE72E32B27007E23728A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html
Frame ID: 2EF7769B6DC6564E98755030FEC1874A
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNuAgAEQgqDM9AEYi5OKoAEwAQ&v=APEucNWGeUq5HT_wyMm3wBnU2H91OND8wJnL846XRDuMAVYOFNzSYlkRc8NNeQWrOvTPX2A603xuGsxKQkcyPYnYBPDF39FRgQ
Frame ID: E15989CAD6A12EB480CDD074D57B88CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8F6B86A05D1CD1570C49ED31363001DB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=816031645&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625229346446&bpp=14&bdt=179&idt=396&shv=r20210630&ptt=5&saldr=sa&cookie=ID%3D7cd341f1406e54fc%3AT%3D1625229345%3AS%3DALNI_MZW1DNEepY4UwnhBCyW8jkbI4cOyQ&correlator=8330245361517&frm=23&ife=4&pv=2&ga_vid=2059230183.1625229345&ga_sid=1625229347&ga_hid=1032051427&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1847&biw=1600&bih=1200&isw=300&ish=250&ifk=3288313951&scr_x=0&scr_y=0&eid=42530672%2C31060974%2C31061746%2C31060048&oid=3&pvsid=2053276905149562&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vh60z9v74umz&btvi=1&fsb=1&dtd=423
Frame ID: 5D65A20B984AC1C58CBE1AD88C379834
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530240&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625229346519&bpp=14&bdt=224&idt=391&shv=r20210630&ptt=5&saldr=sa&cookie=ID%3D7cd341f1406e54fc%3AT%3D1625229345%3AS%3DALNI_MZW1DNEepY4UwnhBCyW8jkbI4cOyQ&correlator=8330245361517&frm=23&ife=4&pv=1&ga_vid=2059230183.1625229345&ga_sid=1625229347&ga_hid=428927601&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3019&biw=1600&bih=1200&isw=728&ish=90&ifk=2200124571&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C31061383&oid=3&pvsid=2152110369479025&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nse9xkshzoaw&btvi=1&fsb=1&dtd=419
Frame ID: C9BE125D7954E00A921D20F9C972E236
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 3BAD277B46778E9BD89EE3B61E7D706C
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 1B855F3C52B431DEDBD48D33C54BB602
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: CC21CAF62993BCDFF4C2F11235699B11
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B92853EE7AC17EA03DE715B85A50C6D7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9C19D292DA56B816CF6FB1F330F52DFB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 60F30F8432EC8C44A42B60DBE6236385
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 895AEA75B8E0FF5CB58D9F80AD932ED6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35B3A5D555264D4AF9420A22DC2B6B7E
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 86FE510555DE53C6FEA79A14B1786BEF
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: DB0D1C0D6319F444BF5B667AA957CADC
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: A2501D810454A570FF7C0522661381A8
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1625229349531-961878530252-026334-009-001799&biddername=55&key=6095723843533412490
Frame ID: A5BE49E1FD9617FEFB9D21F894886B9C
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1625229349532-952312090252-027726-011-002602&biddername=55&key=5620853209467275555
Frame ID: 41339A8E0AFB489307B2D76C6F2455C9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: EF158BA783F60B4BE7D050B6371CCA68
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FF0D07C35A6F48ED7ED2D115893151DD
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 732B17551A29FB1E43EC9AA9D7F053DD
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: CBF1C3E2CF0FE7F99C141515A29B68F8
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5F9E3330F1B5CEEF5A591A54BB0948D3
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8FB6C5D4391D10E7DBA6150D9FCA7740
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: 8AADD01F40AC2C5D189225B0DD7BE6EF
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: 22DB06AB1D5E5ECC5883112039B939A5
Requests: 30 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: 9C0F1F604DB87BD5B2C39EE304CB533E
Requests: 21 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: 207E860C6A5910B979430238864FF158
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: 228E782820071844FA53AC0BDD2A93B5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: B276E175811980EC4B812E6AD1D24D65
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B8C9B4C6B5F0588AEC1F20C35F142A73
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5ACDF537B7B52330C7EC6E489FA793BC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6A83C87D7BB61A0176D791CE2F2EF38E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0F200710CF998A165B309640390C672B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9378E0260D9DBF764C4930E642AB1559
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A681064F1C81EC9F856289B7E069320E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 592074287E35A9EFC0DFDA4823DF01CB
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: D32030738F68EE5E97A0D8EE4313AE6A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 18A4C60E48C33615B7285B60BD037B4A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: D12062F89AF49F80056353FAB3C66FF6
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: 3D85CC56F68CE9051AECCD672AE35AE2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Frame ID: B8574A7E8A4DA9D3FF8EA87E15D072D3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 80B6FE7842865174F7D3D5FC35B0FD0C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A831E553932D96E4155082E45181141D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 395DE1A8BD9AE8886B56A95FF36629D1
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 04472462C6E02646032C5C05D668A45D
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 691BDAF921312C15978AE64E49E6DBE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 5FA6826C421D62403D6C406035EFF27C
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: D1802AD70996AEFE67F7622EF07A07A6
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D39218FFCF9B13C5A6730B1945F3E67D
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: CC059042BAEBD0F661CDDAA3C87A95A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

448
Requests

100 %
HTTPS

55 %
IPv6

21
Domains

51
Subdomains

47
IPs

6
Countries

7797 kB
Transfer

20049 kB
Size

7
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://studio.123greetings.com/
Title: Studio

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/in/app/123greetings/id718873921?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.g123

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/company/pressroom/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://blog.123greetings.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://widgets.123greetings.com/
Title: Widgets

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/tell-a-friend
Title: Recommend Us

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/contact_us.html
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1671106447.5891457&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dvis=visible HTTP 302
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1671106447.5891457&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dvis=visible&ip=82.102.20.235&cuidchk=1

Request Chain 234

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 271

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625229349531-961878530252-026334-009-001799%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1625229349531-961878530252-026334-009-001799%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1625229349531-961878530252-026334-009-001799&biddername=55&key=6095723843533412490

Request Chain 275

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625229349532-952312090252-027726-011-002602%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1625229349532-952312090252-027726-011-002602%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1625229349532-952312090252-027726-011-002602&biddername=55&key=5620853209467275555

Request Chain 356

https://gcdn.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/9D3F58D5C2DAB3C10FCA8B7AFC188E5AFC98CF8D.9E942EAF6E55C499A8CCE7F582BAD83C0E994EBD/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A49E430D03204A6A8A138C87ABE7BAB7C0255B2.0FB0A47E033519BC0A0B81AEB048EE94DC92544E/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625229155/mv/m/mvi/3/pl/49/file/file.mp4

Request Chain 359

https://gcdn.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/9D3F58D5C2DAB3C10FCA8B7AFC188E5AFC98CF8D.9E942EAF6E55C499A8CCE7F582BAD83C0E994EBD/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/526F29923BBD75748032931E3A40C8B8A519E084.2FFCD425FDB45E013BDC686E17C6B112A8ABF65E/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625228915/mv/m/mvi/3/pl/49/file/file.mp4

Request Chain 368

https://pixel.adsafeprotected.com/rfw/st/472664/51195172/skeleton.js?videoId=c2105c89c8bbcf2c57e5901a1b15dbba&xmapp=0&xmtp=v&xsId=0d0c71ee-abc8-4d35-b0c5-7aafbb960c8c&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=f&adsafe_jsinfo=,id:b37e5528-5b60-f4f0-10d5-63bfd7feef9c,c:hdv3r9,sl:outOfView,em:false,fr:true,mn:app07ie,pt:2-5-15,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,br:u,abv:na,an:n,oam:0,vc:jv3,scm:publ2,nbld:0,mtim:3,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:fwjsvid,thd:1,et:46,oid:09647b81-db32-11eb-a66a-06aaa1ae1a14,v:19.8.212,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,abc:0,abct:189,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso HTTP 302
https://static.adsafeprotected.com/skeleton.js?videoId=c2105c89c8bbcf2c57e5901a1b15dbba&xmapp=0&xmtp=v&xsId=0d0c71ee-abc8-4d35-b0c5-7aafbb960c8c

Request Chain 424

https://gcdn.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/9D3F58D5C2DAB3C10FCA8B7AFC188E5AFC98CF8D.9E942EAF6E55C499A8CCE7F582BAD83C0E994EBD/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20852359DDBB7D702DD7C8DEFD2A33E78F24F1D7.1F5CA2CFF5C12EB9FA1B1B502C56D2088A1E3B38/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625228915/mv/m/mvi/3/pl/49/file/file.mp4

Request Chain 425

https://gcdn.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/9D3F58D5C2DAB3C10FCA8B7AFC188E5AFC98CF8D.9E942EAF6E55C499A8CCE7F582BAD83C0E994EBD/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/66286BD766FE7917CD3BA414FDB9FACF0A61CEBF.4522EE950FE7641CBA5EF7D22BD1D692A4419624/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625228915/mv/m/mvi/3/pl/49/file/file.mp4

Request Chain 435

https://pixel.adsafeprotected.com/rfw/st/472664/51195172/skeleton.js?videoId=0f765c2c43cee5574128c4e292f50062&xmapp=0&xmtp=v&xsId=2db71a58-7b4b-47ea-b23e-9176b1914e0b&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=f&adsafe_jsinfo=,id:62864aa7-2ee6-218b-c77c-91d57c1fdf0f,c:hdv57r,sl:outOfView,em:false,fr:true,mn:app23ie,pt:2-5-15,wc:0.0.1600.1200,ac:1200.1033.400.225,am:v,cc:1200.1033.400.225,piv:74,obst:0,th:0,reas:v,br:u,abv:na,an:n,oam:0,vc:jv3,scm:publ2,nbld:0,mtim:2,fm:sC0EL9q+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l1%7C1m1%7C1n1%7C1o%7C1p,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:fwjsvid,thd:1,et:21,oid:0d4b2bd4-db32-11eb-be6f-0ad2739237b2,v:19.8.212,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0,abc:0,abct:55,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso HTTP 302
https://static.adsafeprotected.com/skeleton.js?videoId=0f765c2c43cee5574128c4e292f50062&xmapp=0&xmtp=v&xsId=2db71a58-7b4b-47ea-b23e-9176b1914e0b

448 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.123greetings.com/events/fourth_of_july/ 90 KB
15 KB 645ms
118ms Document
text/html 184.72.244.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

0987431484cf368a2c05bda4219aac7b7c0e875cf74fc45d615a57c0967e3dfc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.123greetings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:21:15 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 14648
Cache-Control: max-age=900
Content-Encoding: gzip
ETag: "169c3-5c6229665e080"
Last-Modified: Fri, 02 Jul 2021 11:52:18 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Expires: Fri, 02 Jul 2021 12:36:16 GMT
Age: 869
Accept-Ranges: bytes
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

GET
H/1.1 200
OK categories_R1.css
c.123g.us/css/ 13 KB
4 KB 515ms
36ms Stylesheet
text/css 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/categories_R1.css
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e66724b7284c1cb011a5594f5af03602189da837569e74cd5511249572f9b83c

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 16 Jun 2021 09:20:45 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 11:22:16 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1394099
ETag: "2485b-325e-571586437ea00"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3302
jake_test: Test_Pass

GET
H/1.1 200
OK 115626_th.gif
i.123g.us/c/ejul_fourthjuly_wishes/th/ 8 KB
8 KB 431ms
42ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/th/115626_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 38134680bb976c78119e7410bf61f8999be65777ed76db497173b264318c1796

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:43:13 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1626751
ETag: "1f9c-4f323d81c9780"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8092
jake_test: Test_Pass
Expires: Tue, 15 Jun 2021 15:07:25 GMT

GET
H2 200 2.jpg
i1.ytimg.com/vi/d4sPAAN39rU/ 5 KB
5 KB 403ms
16ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/d4sPAAN39rU/2.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

057bd2e1111c20317b83b065febb8e92d9a2059a5e1bab28b6e0aa3658d34f4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
vary: Origin
server: sffe
age: 0
etag: "1434474839"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type: image/jpeg
cache-control: public, max-age=7200
x-content-type-options: nosniff
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4656
x-xss-protection: 0
expires: Fri, 02 Jul 2021 14:35:44 GMT

GET
H/1.1 200
OK 343779_th.gif
i.123g.us/c/ejul_fourthjuly_wishes/th/ 8 KB
8 KB 430ms
43ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/th/343779_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 627ce7bbabf0f890a634284af04091df987e5cc13bd7536c16403356eaf29ba6

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Jun 2021 14:04:42 GMT
Last-Modified: Mon, 29 Jun 2020 13:39:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1463462
ETag: "1fcb-5a939313f1100"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8139
jake_test: Test_Pass
Expires: Thu, 17 Jun 2021 06:50:28 GMT

GET
H2 200 2.jpg
i.ytimg.com/vi/aozfLeSk1Q8/ 4 KB
4 KB 19ms
14ms Image
image/jpeg 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/aozfLeSk1Q8/2.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fd054e395cfc15cf30b1ef79b06a45c6a44818199b5f45d07370b8e520b21ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3648
x-xss-protection: 0
expires: Fri, 02 Jul 2021 14:35:44 GMT

GET
H/1.1 200
OK 119801_th.gif
i.123g.us/c/ejul_fourthjuly_celebrations/th/ 8 KB
8 KB 427ms
41ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_celebrations/th/119801_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1541de4983dc48d213148b0c926fc3d45154b7bdb24106ddb5cba39773c77c0a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 09:50:06 GMT
Last-Modified: Mon, 24 Feb 2014 09:47:54 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1219538
ETag: "1f69-4f323dd986680"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8041
jake_test: Test_Pass
Expires: Tue, 22 Jun 2021 07:39:15 GMT

GET
H/1.1 200
OK 110960_th.gif
i.123g.us/c/ejul_fourthjuly_celebrations/th/ 7 KB
7 KB 429ms
43ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_celebrations/th/110960_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 05b8bf94c8bdbb13f1bdbb4a32e63caa9a8a87debf1843e7f7945d10c7bff8e5

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 06:56:51 GMT
Last-Modified: Mon, 24 Feb 2014 09:47:54 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1229933
ETag: "1be0-4f323dd986680"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7136
jake_test: Test_Pass
Expires: Mon, 21 Jun 2021 10:08:23 GMT

GET
H/1.1 200
OK 339574_th.jpg
i.123g.us/c/ejul_fourthjuly_specials/th/ 4 KB
4 KB 424ms
38ms Image
image/jpeg 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_specials/th/339574_th.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8f05f9b4c67b7fe9377c08d777aee84ed730fbdb3dc600ef5dd322f1ccb5778f

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 09:31:14 GMT
Last-Modified: Mon, 24 Jun 2019 09:52:04 GMT
Server: Apache/2.2.15 (CentOS)
Age: 702270
ETag: "105d-58c0ec3aed900"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4189
jake_test: Test_Pass
Expires: Thu, 24 Jun 2021 09:46:14 GMT

GET
H/1.1 200
OK 119818_th.gif
i.123g.us/c/ejul_fourthjuly_specials/th/ 8 KB
8 KB 427ms
41ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_specials/th/119818_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eaa5e7b0aa7790c90ba06be6a9cad21c3427ebd9f010a00bfbd145df878a523e

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 23 Jun 2021 15:13:29 GMT
Last-Modified: Mon, 24 Feb 2014 08:22:26 GMT
Server: Apache/2.2.15 (CentOS)
Age: 768135
ETag: "1e75-4f322abf15480"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7797
jake_test: Test_Pass
Expires: Wed, 23 Jun 2021 16:03:20 GMT

GET
H/1.1 200
OK 124322_th.gif
i.123g.us/c/ejul_fourthjuly_specials/th/ 8 KB
8 KB 42ms
42ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_specials/th/124322_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8bb7ea6db04e6e74e6092dc5813ce28c38147139cbe4753f4bdceaff8929b385

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 17 Jun 2021 09:21:05 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:37 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1307679
ETag: "1ee5-4f323ce46e440"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7909
jake_test: Test_Pass
Expires: Thu, 24 Jun 2021 20:43:30 GMT

GET
H/1.1 200
OK 108339_th.gif
i.123g.us/c/ejul_fourthjuly_lovedones/th/ 8 KB
8 KB 68ms
66ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_lovedones/th/108339_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 818ff789d6fdb14f1573e66d90200eb3b1a0e83871b32e6cdfc6d478cd6816c1

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Jun 2021 09:55:06 GMT
Last-Modified: Mon, 24 Feb 2014 09:40:30 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1478438
ETag: "1fea-4f323c3217f80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8170
jake_test: Test_Pass
Expires: Wed, 16 Jun 2021 17:16:16 GMT

GET
H/1.1 200
OK 124457_th.gif
i.123g.us/c/ejul_fourthjuly_lovedones/th/ 8 KB
8 KB 45ms
44ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_lovedones/th/124457_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 26a17027ef50e8f302cc81a974a2cb10a952b59cb1c88e32ccc7750c5b4b22dc

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 23:38:03 GMT
Last-Modified: Mon, 24 Feb 2014 09:40:30 GMT
Server: Apache/2.2.15 (CentOS)
Age: 997061
ETag: "1fd6-4f323c3217f80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8150
jake_test: Test_Pass
Expires: Thu, 24 Jun 2021 01:31:05 GMT

GET
H/1.1 200
OK 108342_th.gif
i.123g.us/c/ejul_fourthjuly_lovedones/th/ 7 KB
7 KB 42ms
41ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_lovedones/th/108342_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d7eee94259910aaa93cbc1e9719941b9b0a167a0acb0a08ccf9da061bffb58fc

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 26 Jun 2021 17:13:59 GMT
Last-Modified: Mon, 24 Feb 2014 09:40:30 GMT
Server: Apache/2.2.15 (CentOS)
Age: 501705
ETag: "1b3a-4f323c3217f80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6970
jake_test: Test_Pass
Expires: Sat, 26 Jun 2021 17:28:59 GMT

GET
H/1.1 200
OK 124465_th.gif
i.123g.us/c/ejul_fourthjuly_thanku/th/ 8 KB
8 KB 46ms
45ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_thanku/th/124465_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: 942c768f21b9bee96dadcf753ba7314fc52c5b8227be0ca632af8531c9ca425a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 03:56:14 GMT
Last-Modified: Mon, 24 Feb 2014 09:49:37 GMT
Server: Footprint Distributor V6.1.1162
Age: 31170
ETag: "1f82-4f323e3bc0e40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8066
jake_test: Test_Pass
Expires: Fri, 02 Jul 2021 08:07:19 GMT

GET
H/1.1 200
OK 124348_th.gif
i.123g.us/c/ejul_fourthjuly_thanku/th/ 8 KB
8 KB 44ms
44ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_thanku/th/124348_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a99f2c8a831f374f2c28114fdd6415fed0be98de572c23f647eea5575381e128

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 12:32:51 GMT
Last-Modified: Wed, 05 Aug 2015 15:32:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1641773
ETag: "1f91-51c921beeefc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8081
jake_test: Test_Pass
Expires: Tue, 22 Jun 2021 07:39:15 GMT

GET
H/1.1 200
OK 111029_th.gif
i.123g.us/c/ejul_fourthjuly_thanku/th/ 7 KB
8 KB 54ms
54ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_thanku/th/111029_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d09b7c9239485b3b88573874e5ea2636a6fa0e9e16ba5316aa41d48e186dacd0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 10:48:12 GMT
Last-Modified: Mon, 24 Feb 2014 09:49:37 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2425652
ETag: "1d55-4f323e3bc0e40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7509
jake_test: Test_Pass
Expires: Sun, 06 Jun 2021 10:10:31 GMT

GET
H/1.1 200
OK 110993_th.gif
i.123g.us/c/ejul_fourthjuly_friends/th/ 6 KB
7 KB 49ms
48ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_friends/th/110993_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ffb687425d9ead1673765545f99b4dc22a39ae408ee8498e2c84dc92002d6713

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 10:55:05 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:41 GMT
Server: Apache/2.2.15 (CentOS)
Age: 870039
ETag: "19c4-4f323d2177440"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6596
jake_test: Test_Pass
Expires: Fri, 25 Jun 2021 04:07:28 GMT

GET
H2 200 2.jpg
i1.ytimg.com/vi/TLYAyuf1I1Q/ 3 KB
3 KB 412ms
28ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/TLYAyuf1I1Q/2.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7120d844c5aeff5bf30238cf096ea959220578980e2480d4f2d634108a1ab734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2858
x-xss-protection: 0
expires: Fri, 02 Jul 2021 14:35:44 GMT

GET
H/1.1 200
OK 108407_th.gif
i.123g.us/c/ejul_fourthjuly_friends/th/ 8 KB
8 KB 46ms
46ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_friends/th/108407_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2865f46b4389eef0830ded97cb9d14999f2ec1409f60f97ff7bd0eec6348102c

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 20:16:56 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:41 GMT
Server: Apache/2.2.15 (CentOS)
Age: 663528
ETag: "1f84-4f323d2177440"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8068
jake_test: Test_Pass
Expires: Mon, 28 Jun 2021 10:32:52 GMT

GET
H2 200 3.jpg
i.ytimg.com/vi/v6fl4QgItA4/ 4 KB
4 KB 20ms
17ms Image
image/jpeg 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/v6fl4QgItA4/3.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff22e1aac4db3d04a92185282612d0bf9958c205db160e3beef256eecaf14ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
vary: Origin
server: sffe
age: 0
etag: "1526632428"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type: image/jpeg
cache-control: public, max-age=7200
x-content-type-options: nosniff
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3934
x-xss-protection: 0
expires: Fri, 02 Jul 2021 14:35:44 GMT

GET
H/1.1 200
OK 111024_th.gif
i.123g.us/c/ejul_fourthjuly_inspirational/th/ 8 KB
8 KB 59ms
59ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_inspirational/th/111024_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1764b6de9a79fbd9a6c7550b114bd1c2fc1dced294976aca92df4d8e4660afc4

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 10:48:12 GMT
Last-Modified: Mon, 24 Feb 2014 09:40:55 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2425652
ETag: "1ee3-4f323c49ef7c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7907
jake_test: Test_Pass
Expires: Mon, 14 Jun 2021 04:44:05 GMT

GET
H3-29 200 1.jpg
i.ytimg.com/vi/jAmCxzuJNM8/ 4 KB
4 KB 39ms
37ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jAmCxzuJNM8/1.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a13bda9a50a6db619cccde803d490cf9da132954d20445528b186640555f66bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3670
x-xss-protection: 0
expires: Fri, 02 Jul 2021 14:35:44 GMT

GET
H3-29 200 2.jpg
i.ytimg.com/vi/7MsUU9g63ac/ 5 KB
5 KB 29ms
27ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7MsUU9g63ac/2.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e8b8b2eae37f4666f5a09819fc88ac4557ab69de01dfab7e297505bc775dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5220
x-xss-protection: 0
expires: Fri, 02 Jul 2021 14:35:44 GMT

GET
H/1.1 200
OK 108600_th.gif
i.123g.us/c/ejul_fourthjuly_patriotic/th/ 7 KB
7 KB 44ms
43ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_patriotic/th/108600_th.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8e92d1082d548068676093bd2fd6e2defbfc109cb67c0ac45724b1b79235ff0e

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 25 Jun 2021 20:45:50 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:41 GMT
Server: Apache/2.2.15 (CentOS)
Age: 575394
ETag: "1b43-4f323ce83ed40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6979
jake_test: Test_Pass
Expires: Wed, 30 Jun 2021 17:05:24 GMT

GET
H3-29 200 2.jpg
i.ytimg.com/vi/XD9NFMWsfuM/ 5 KB
5 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/XD9NFMWsfuM/2.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28573d89b4dec06a73ea08012f02bead6e2e52445bd205c361609765049c6c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
vary: Origin
server: sffe
age: 0
etag: "0"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
content-type: image/jpeg
cache-control: public, max-age=7200
x-content-type-options: nosniff
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4731
x-xss-protection: 0
expires: Fri, 02 Jul 2021 14:35:44 GMT

GET
H/1.1 200
OK cal_block1.gif
i.123g.us/images/special_block/ 22 KB
22 KB 47ms
46ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/images/special_block/cal_block1.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9ef7c4fe51b63f4f4749fe8efff004cc8e9e673dcbb44cc15f6ea55411b5cd5f

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 05:37:58 GMT
Last-Modified: Thu, 01 Jul 2021 05:36:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 111466
ETag: "57a9-5c60938881140"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22441
jake_test: Test_Pass
Expires: Thu, 01 Jul 2021 05:55:18 GMT

GET
H/1.1 200
OK 115626_ic.gif
i.123g.us/c/ejul_fourthjuly_wishes/ic/ 4 KB
4 KB 50ms
48ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/ic/115626_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f53cc4c51698d41c1d3fde42c5b0d9c80a3343fcb25daeb5c3c5c684cb08df31

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 09:11:28 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:20 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1653856
ETag: "ebe-4f323d7fe1300"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3774
jake_test: Test_Pass
Expires: Mon, 14 Jun 2021 04:44:05 GMT

GET
H/1.1 200
OK 343779_ic.gif
i.123g.us/c/ejul_fourthjuly_wishes/ic/ 4 KB
4 KB 64ms
62ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/ic/343779_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 40d4c68f71f23b353895a8df6705c2e3783b00abdc5ed3a57f88c8304763d042

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 20 Jun 2021 12:35:05 GMT
Last-Modified: Mon, 29 Jun 2020 13:40:06 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1036839
ETag: "f02-5a9393251b980"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3842
Expires: Sun, 20 Jun 2021 14:49:22 GMT

GET
H/1.1 200
OK 343739_ic.gif
i.123g.us/c/ejul_fourthjuly_wishes/ic/ 3 KB
3 KB 49ms
47ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/ic/343739_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8cab2a16365827e9747dcb6b86c454f232cab1ac5d30d1bbafc13e00f322bb6a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 21:46:12 GMT
Last-Modified: Thu, 25 Jun 2020 13:14:38 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1090172
ETag: "a44-5a8e85fe0cb80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2628
jake_test: Test_Pass
Expires: Tue, 22 Jun 2021 16:23:08 GMT

GET
H/1.1 200
OK 119801_ic.gif
i.123g.us/c/ejul_fourthjuly_celebrations/ic/ 3 KB
4 KB 41ms
40ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_celebrations/ic/119801_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fb9fd164c1b39bbfdb9228608956817ed56f5030982dec23b839f664282724df

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 22:56:55 GMT
Last-Modified: Mon, 24 Feb 2014 09:47:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 913129
ETag: "cfc-4f323dd79e200"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3324
jake_test: Test_Pass
Expires: Tue, 22 Jun 2021 07:53:44 GMT

GET
H3-29 200 2.jpg
i.ytimg.com/vi/kDA9NbPAK8o/ 4 KB
4 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/kDA9NbPAK8o/2.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

701e42f5fcb972d523bf73fe9b45f61678f46910d44924d3c07d0d10ebe844db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3626
x-xss-protection: 0
expires: Fri, 02 Jul 2021 14:35:44 GMT

GET
H/1.1 200
OK 115645_ic.gif
i.123g.us/c/ejul_fourthjuly_wishes/ic/ 3 KB
4 KB 205ms
204ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/ic/115645_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a079b84b2836c196b8e730329f58334abfcd773b40123b46f06ea0292921bd22

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 07 Jun 2021 19:09:09 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:20 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2136395
ETag: "cd1-4f323d7fe1300"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3281
jake_test: Test_Pass
Expires: Thu, 17 Jun 2021 21:36:24 GMT

GET
H/1.1 200
OK 108339_ic.gif
i.123g.us/c/ejul_fourthjuly_lovedones/ic/ 3 KB
4 KB 42ms
41ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_lovedones/ic/108339_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1e059c892e1206952c135bd2c624040bef95491d28bb64220694c21abcc671cd

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 28 Jun 2021 20:06:45 GMT
Last-Modified: Mon, 24 Feb 2014 09:40:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 318539
ETag: "d5c-4f323c3123d40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3420
jake_test: Test_Pass
Expires: Mon, 28 Jun 2021 20:21:45 GMT

GET
H/1.1 200
OK 124552_ic.gif
i.123g.us/c/ejul_fourthjuly_wishes/ic/ 3 KB
3 KB 40ms
40ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/ic/124552_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: faa9f937cdb6a2a45f0d5b9b89838679b09fce760e9e3786640fd0f93ae9f2d4

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 11:52:17 GMT
Last-Modified: Fri, 23 Jun 2017 13:50:32 GMT
Server: Apache/2.2.15 (CentOS)
Age: 434607
ETag: "be8-552a0e2827a00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3048
jake_test: Test_Pass
Expires: Mon, 28 Jun 2021 10:25:03 GMT

GET
H/1.1 200
OK 110960_ic.gif
i.123g.us/c/ejul_fourthjuly_celebrations/ic/ 3 KB
3 KB 47ms
47ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_celebrations/ic/110960_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d18e0815388dd132e48176697e39e2b580564223855de1e8a99c39191a339d79

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 17:37:04 GMT
Last-Modified: Mon, 24 Feb 2014 09:47:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 68320
ETag: "a31-4f323dd79e200"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2609
jake_test: Test_Pass
Expires: Thu, 01 Jul 2021 17:52:04 GMT

GET
H/1.1 200
OK 108566_ic.gif
i.123g.us/c/ejul_fourthjuly_wishes/ic/ 2 KB
3 KB 90ms
90ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/ic/108566_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4a644e13536068bbc974297393c1b963045e89cac72ef27c4c370b765631d7b1

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 24 Jun 2021 16:23:06 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:20 GMT
Server: Apache/2.2.15 (CentOS)
Age: 677558
ETag: "9c1-4f323d7fe1300"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2497
jake_test: Test_Pass
Expires: Thu, 24 Jun 2021 16:38:06 GMT

GET
H3-29 200 1.jpg
i1.ytimg.com/vi/CKPlnolpCZ4/ 5 KB
5 KB 25ms
6ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/CKPlnolpCZ4/1.jpg

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdc50fc2fb7760f181e1b94ca3e8197a18083677167ce9abe86549f030e70f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:05:40 GMT
x-content-type-options: nosniff
server: sffe
age: 1804
etag: "0"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4747
x-xss-protection: 0
expires: Fri, 02 Jul 2021 14:05:40 GMT

GET
H/1.1 200
OK 111011_ic.gif
i.123g.us/c/ejul_fourthjuly_wishes/ic/ 4 KB
4 KB 44ms
44ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/ic/111011_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a574123b407db639bb3e30ebfc640b75121b707a0ed9721f6203af3559b3de67

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 06:02:41 GMT
Last-Modified: Mon, 24 Feb 2014 08:26:01 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2010783
ETag: "e27-4f322b8c1f840"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3623
jake_test: Test_Pass
Expires: Thu, 17 Jun 2021 06:50:39 GMT

GET
H/1.1 200
OK 108844_ic.gif
i.123g.us/c/ejul_fourthjuly_celebrations/ic/ 2 KB
3 KB 39ms
38ms Image
image/gif 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_celebrations/ic/108844_ic.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ad4551e10686884204e10bbafdbc001804a37e45ee0e20f2f0289e2819ed6f1

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 14:37:24 GMT
Last-Modified: Mon, 24 Feb 2014 08:27:56 GMT
Server: Apache/2.2.15 (CentOS)
Age: 856700
ETag: "92d-4f322bf9cbb00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2349
jake_test: Test_Pass
Expires: Mon, 28 Jun 2021 10:59:31 GMT

GET
H/1.1 200
OK jquery-1.11.1.js Show response
c.123g.us/js2/ 94 KB
33 KB 417ms
43ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery-1.11.1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:52:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1741418
ETag: "1762e-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33234
jake_test: Test_Pass
Expires: Sat, 12 Jun 2021 09:07:15 GMT

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
c.123g.us/js2/ 7 KB
3 KB 402ms
37ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery-migrate-1.2.1.min.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Jun 2021 08:56:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1481948
ETag: "2c442-1cb3-54a227db65c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3152
jake_test: Test_Pass

GET
H/1.1 200
OK swfobject.js Show response
c.123g.us/js2/ 10 KB
4 KB 398ms
36ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/swfobject.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 26 Jun 2021 07:17:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 537470
ETag: "261f-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3868
jake_test: Test_Pass
Expires: Wed, 30 Jun 2021 22:33:50 GMT

GET
H/1.1 200
OK swfupload.js Show response
c.123g.us/js2/ 20 KB
5 KB 56ms
37ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/swfupload.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 22428f9093ad269f49827ae21c713dfbad293be5816f50b68fcf2e2527b05d9b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 01:15:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 40796
ETag: "2c44d-4f77-54a227db65c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4833
jake_test: Test_Pass

GET
H/1.1 200
OK 123g_utils_v1.js Show response
c.123g.us/js2/ 123 KB
30 KB 49ms
42ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_utils_v1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 04 Jun 2021 12:52:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Jun 2021 12:51:14 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2418202
ETag: "1ed3a-5c3f0259a7480"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30667
jake_test: Test_Pass
Expires: Fri, 04 Jun 2021 13:07:34 GMT

GET
H/1.1 200
OK utilsopt.js Show response
c.123g.us/js2/ 22 KB
7 KB 123ms
122ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/utilsopt.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 10 Jun 2021 17:25:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 10:41:25 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1883440
ETag: "57b2-5b3459efc3f40"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6801
jake_test: Test_Pass
Expires: Sat, 12 Jun 2021 04:41:38 GMT

GET
H/1.1 200
OK 123g_category.js Show response
c.123g.us/js2/ 4 KB
2 KB 90ms
35ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_category.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 70d0aa1a7429573e8d63a5d732a2bc27150ac345ca82e3550d5d3a4a148508df

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 21 Jun 2021 08:17:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 12:15:33 GMT
Server: Apache/2.2.15 (CentOS)
Age: 965885
ETag: "2c413-1165-5afe5ec74c340"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1801
jake_test: Test_Pass

GET
H/1.1 200
OK rakpanel.js Show response
c.123g.us/js2/ 3 KB
2 KB 61ms
35ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/rakpanel.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash: f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 12 Jun 2021 08:20:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Aug 2018 13:50:01 GMT
Server: Footprint Distributor V6.1.1162
Age: 1743317
ETag: "d4c-57300e747f440"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1626
jake_test: Test_Pass
Expires: Sat, 12 Jun 2021 08:35:27 GMT

GET
H/1.1 200
OK jquery.bxslider_new.js Show response
c.123g.us/js2/ 20 KB
5 KB 60ms
36ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.bxslider_new.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 14:49:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1201592
ETag: "50ba-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5210
jake_test: Test_Pass
Expires: Fri, 18 Jun 2021 15:04:12 GMT

GET
H/1.1 200
OK jquery.ajax_autocomplete.js Show response
c.123g.us/js2/ 32 KB
10 KB 46ms
37ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 03:25:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 08:18:53 GMT
Server: Apache/2.2.15 (CentOS)
Age: 33037
ETag: "7f11-5b19d2e943540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9770
jake_test: Test_Pass
Expires: Fri, 02 Jul 2021 07:36:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 176ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789d25597a48ee75857b4f804d9bc81fe5c0484b6f05cf76c3c6335948c41cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48740
x-xss-protection: 0
server: cafe
etag: 4822591463873944812
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:35:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2c304a55e23c298e34b2922b7a9fc3971d8b18e43973c0f333a0554f124d131

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37003
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Jul 2021 12:35:44 GMT

GET
H/1.1 200
OK styleopt_R1.css
c.123g.us/css/ 80 KB
16 KB 62ms
40ms Stylesheet
text/css 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/styleopt_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/categories_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796

Request headers

Referer: https://c.123g.us/css/categories_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 11:48:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 May 2021 11:38:41 GMT
Server: Apache/2.2.15 (CentOS)
Age: 434858
ETag: "246a9-13f87-5c36251415240"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16152
jake_test: Test_Pass

GET
H/1.1 200
OK modal_window_R1.css
c.123g.us/css/ 33 KB
7 KB 76ms
39ms Stylesheet
text/css 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/modal_window_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/categories_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Referer: https://c.123g.us/css/categories_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 23 Jun 2021 07:18:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 09:39:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 796651
ETag: "8220-5a7b79d367980"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6727
jake_test: Test_Pass
Expires: Wed, 23 Jun 2021 07:33:13 GMT

GET
H/1.1 200
OK 123g_master_bg.png
c.123g.us/images/ 145 B
439 B 37ms
36ms Image
image/png 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_bg.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 18 Jun 2021 21:14:47 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:45 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1178457
ETag: "9d001-91-54a227b81c940"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
jake_test: Test_Pass

GET
H/1.1 200
OK master_img_menu.png
c.123g.us/images/ 6 KB
6 KB 37ms
37ms Image
image/png 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_img_menu.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 09:11:32 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 444252
ETag: "1861-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6241
jake_test: Test_Pass
Expires: Sun, 27 Jun 2021 09:26:32 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
141 KB 45ms
44ms Image
image/png 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 14:03:55 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1117909
ETag: "230cb-5979e1c4d2cc0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass
Expires: Sat, 19 Jun 2021 14:18:56 GMT

GET
H/1.1 200
OK big_img_sprite.png
c.123g.us/images/ 134 KB
134 KB 41ms
40ms Image
image/png 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/big_img_sprite.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 00:33:30 GMT
Last-Modified: Wed, 11 Sep 2019 08:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 43334
ETag: "21653-59242fbe2e0c0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136787
jake_test: Test_Pass
Expires: Fri, 02 Jul 2021 00:48:41 GMT

GET
H/1.1 200
OK master_icon_set_2.png
c.123g.us/images/ 88 KB
88 KB 42ms
42ms Image
image/png 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 13:22:54 GMT
Last-Modified: Tue, 16 Feb 2021 07:04:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1638770
ETag: "9cb9c-15fce-5bb6eb68c54c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90062
jake_test: Test_Pass

GET
H/1.1 200
OK 123g_master_strip.png
c.123g.us/images/ 17 KB
17 KB 40ms
40ms Image
image/png 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_strip.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/categories_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ed72690522a553c2800b9b742ddcc58fe9c221ec9047d9b27596a774908f859a

Request headers

Referer: https://c.123g.us/css/categories_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 10:07:27 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 95297
ETag: "9cf10-4302-54a227b6344c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17154
jake_test: Test_Pass

GET
H/1.1 200
OK 123g_master_icon_set_2.png
c.123g.us/images/ 60 KB
61 KB 43ms
43ms Image
image/png 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 11:31:24 GMT
Last-Modified: Tue, 16 Feb 2021 07:04:35 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1645460
ETag: "f1d2-5bb6eb70666c0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61906
jake_test: Test_Pass
Expires: Wed, 16 Jun 2021 07:33:15 GMT

GET
H/1.1 200
OK request.js Show response
trkn.us/info/ 2 KB
1 KB 485ms
121ms Script
application/javascript 52.206.179.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1671106447.5891457

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.179.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-179-19.compute-1.amazonaws.com

Software

Apache /

Resource Hash

0814e5148bcc2438216e6198a067a4b944c5d07b7155908dc1a342d739579287

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 733
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H/1.1 200
OK addressbook.js Show response
c.123g.us/js2/ 400 KB
76 KB 43ms
41ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/addressbook.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9ec7a2c23d14eb76c0f5bac272f9a01b2a70c489a9908efdd3e3355b2d9da0d6

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 05:13:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Jun 2021 04:58:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 890508
ETag: "63e59-5c553a4e546c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Transfer-Encoding: chunked
Connection: keep-alive
jake_test: Test_Pass
Expires: Tue, 22 Jun 2021 05:28:56 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 69 KB
24 KB 43ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71c845d7bb5cc7417e59bb473d8015dc093581f4f1f95a6b97b11beec16177fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "918 / 832 of 1000 / last-modified: 1625224211"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24289
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:44 GMT

GET
H/1.1 200
OK ejul_fourthjuly_mantle.json Show response
x.123g.us/json/ 2 KB
3 KB 360ms
225ms XHR
application/json 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/ejul_fourthjuly_mantle.json
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: caa2fbd9b1dd9711b03a5437a022f35326aec84ce87b6a90b6b91153b65a5ec7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:22:36 GMT
Last-Modified: Fri, 02 Jul 2021 12:01:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 789
ETag: "87c-5c622b81317c0"
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2172
jake_test: Test_Pass
Expires: Fri, 02 Jul 2021 12:50:45 GMT

GET
H/1.1 200
OK closeBtn_h.png
c.123g.us/images/ 1 KB
1 KB 36ms
34ms Image
image/png 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/closeBtn_h.png
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 13:29:26 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 428778
ETag: "9cf1d-42a-54a227b6344c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1066
jake_test: Test_Pass

GET
H/1.1 200
OK mantle_loader.gif
c.123g.us/images/ 2 KB
2 KB 35ms
35ms Image
image/gif 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/mantle_loader.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b91d59c4bdd90f11c17f875ae27b15c1efe83d42182702f51570fcc2063fd24

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Jun 2021 19:00:43 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1445701
ETag: "855-54da7c7b5a240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2133
jake_test: Test_Pass
Expires: Tue, 15 Jun 2021 19:15:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5085183-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 3259
date: Fri, 02 Jul 2021 11:41:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Fri, 02 Jul 2021 13:41:25 GMT

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 201 B
467 B 35ms
35ms Script
text/javascript 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 09 Jun 2021 12:36:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:22 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1987180
ETag: "2c454-c9-54a227db65c80"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
jake_test: Test_Pass

GET
H2 200 pubads_impl_2021063001.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 155ms
56ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

99e3d0a0f7b92b109c9c21035daef51486ff1ed73b5a3bdbe5b487e5619d8240

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Jun 2021 08:36:57 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117131
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:45 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 144 B
763 B 154ms
57ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

587b5213faa804c698a3c66445d38fa8daca067fdfcf3488978d7476e8c0ce87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:45 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1122298445&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&ul=en-us&de=UTF-8&dt=4th%20of%20July%20Cards%2C%20Free%204th%20of%20July%20Wishes%2C%20Greeting%20Cards%20%7C%20123%20Greetings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=233706175&gjid=1733928016&cid=2059230183.1625229345&tid=UA-5085183-1&_gid=517423890.1625229345&_r=1&gtm=2ou6u0&z=1321077913

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/ 240 KB
89 KB 45ms
31ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c107239496609ede285e80b91336c653f68e65956a25b489ef9b4d9591d07ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91175
x-xss-protection: 0
server: cafe
etag: 16806287549005047208
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:35:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/ Frame 4372 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210630/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Jul 2021 04:01:27 GMT
expires: Fri, 16 Jul 2021 04:01:27 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 30858
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
88 B 19ms
16ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-5085183-1&cid=2059230183.1625229345&jid=233706175&gjid=1733928016&_gid=517423890.1625229345&_u=YEBAAUAAAAAAAC~&z=560792471

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 02 Jul 2021 12:35:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
410 B 97ms
96ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

de63788525c08e10dc8e0a28d8c9213a8b4cfe8dae1ce1c06477bf6e2c1e6eb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 40ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A10A 0
19 B 80ms
79ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1625226738&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625229344987&bpp=3&bdt=839&idt=73&shv=r20210630&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8330245361517&frm=20&pv=2&ga_vid=2059230183.1625229345&ga_sid=1625229345&ga_hid=1122298445&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066110%2C31061662&oid=3&pvsid=1405036249209206&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1625226738&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625229344987&bpp=3&bdt=839&idt=73&shv=r20210630&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8330245361517&frm=20&pv=2&ga_vid=2059230183.1625229345&ga_sid=1625229345&ga_hid=1122298445&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066110%2C31061662&oid=3&pvsid=1405036249209206&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Jul 2021 12:35:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Jul-2021 12:50:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Jul 2021 12:35:45 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a9a19e56cdf55a52ccdc15ae0f7bc04cf281e9039c1f33383266fe60df71b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625082173397852"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27722
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:45 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 34ms
21ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 236 KB
53 KB 923ms
870ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1405036249209206&correlator=3756908448425155&output=ldjh&impl=fifs&eid=31061750%2C31061414%2C31061662&vrg=2021063001&ptt=17&sc=1&sfv=1-0-38&ecs=20210702&iu_parts=46400095%2CDesktopWeb_Category_LB%2CDesktopWeb_Category_Mrec%2CDesktopWeb_Category_SecondMrec%2CDesktopWeb_Category_LowerMrec%2CDesktopWeb_Category_BottomLrec%2CDesktopWeb_Category_BottomSecondLrec%2CDesktopWeb_Category_LowerLB%2CDesktopWeb_Category_Video%2CDesktopWeb_Category_VideoInContent&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C970x90%7C728x90%7C970x250%2C1x1%2C1x1&cust_params=site%3D123greetings.com%26section%3Dejul_fourthjuly%26page%3Dcategory&cookie=ID%3D7cd341f1406e54fc-2286e35253c9002e%3AT%3D1625229345%3ART%3D1625229345%3AS%3DALNI_MYuJrd5HdV8t-OVTpEMRW_wlTtLHA&bc=31&abxe=1&lmt=1625226738&dt=1625229345237&dlt=1625229344148&idt=1048&frm=20&biw=1600&bih=1200&oid=3&adxs=560%2C970%2C970%2C970%2C970%2C970%2C310%2C0%2C320&adys=47%2C236%2C518%2C1847%2C2129%2C2411%2C3003%2C3197%2C1126&adks=2102598028%2C3104929529%2C2048228011%2C264746416%2C3926258554%2C889247620%2C770952433%2C1661069843%2C1067160403&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90%7C320x262%7C320x262%7C320x262%7C320x262%7C320x262%7C980x37%7C1600x3177%7C630x0&msz=728x90%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C980x0%7C1600x0%7C630x0&ga_vid=2059230183.1625229345&ga_sid=1625229345&ga_hid=1122298445&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C0%2C0%2C0&ohw=728%2C300%2C300%2C300%2C300%2C300%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

076856980b362cc75496b058e2528a33de3cb4d083ad6e1506347190f8618817

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLvEvY6zxPECFZzddwodEmgOqw&gqi=&layout=/sadbundle/%24csp%253Der3%24/7227308453062012376/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLvEvY6zxPECFZzddwodEmgOqw&gqi=&layout=/sadbundle/%24csp%253Der3%24/7227308453062012376/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
google-creative-id: -1,-1,-1,99278132415,-1,-1,99278302815,138326033967,138321279906
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54019
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,237051735,-1,-1,237051975,5501288042,5461263814
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Fri, 02 Jul 2021 12:35:46 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6E05 6 KB
3 KB 50ms
14ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 02 Jul 2021 12:35:45 GMT
expires: Sat, 02 Jul 2022 12:35:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ejul_fourthjuly_wishes_mtl_03.jpg
i.123g.us/c/ejul_fourthjuly_wishes/mtl/ 24 KB
25 KB 47ms
47ms Image
image/jpeg 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/mtl/ejul_fourthjuly_wishes_mtl_03.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 09fb57be251adc0962ccdbb00d96a49d63ba8a7ef23801027183c842ba4ae1f7

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 09:55:33 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:20 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2256012
ETag: "611b-4f323d7fe1300"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24859
jake_test: Test_Pass
Expires: Thu, 10 Jun 2021 22:15:42 GMT

GET
H/1.1

200
OK

/
trkn.us/info/
Redirect Chain

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1671106447.5891457&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dvis=visible
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1671106447.5891457&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dvis=visible&ip=8...

42 B
780 B

126ms
125ms

Image
image/gif

52.206.179.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1671106447.5891457&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dvis=visible&ip=82.102.20.235&cuidchk=1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.179.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-179-19.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Fri, 02 Jul 2021 12:35:45 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=1671106447.5891457&ref=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dvis=visible&ip=82.102.20.235&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 34ms
19ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210630&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

926dc9b720d35d125beeb72d5db3f7d48cd9810abbf1f58efab96d663c6910ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7823
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:45 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4F15 12 KB
5 KB 21ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 02 Jul 2021 12:23:33 GMT
expires: Sat, 02 Jul 2022 12:23:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A1C 783 B
763 B 16ms
15ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a41501da77de17931e13e67620c032986c1769070843a2663c30a5257af78a33

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pLglCW6lzBWVjiWEqTxSSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

expires: Fri, 02 Jul 2021 12:35:45 GMT
date: Fri, 02 Jul 2021 12:35:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-pLglCW6lzBWVjiWEqTxSSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK ejul_fourthjuly_wishes_mtl_03.jpg
i.123g.us/c/ejul_fourthjuly_wishes/mtl/ 24 KB
25 KB 41ms
40ms Image
image/jpeg 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_wishes/mtl/ejul_fourthjuly_wishes_mtl_03.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery-1.11.1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 09fb57be251adc0962ccdbb00d96a49d63ba8a7ef23801027183c842ba4ae1f7

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 09:55:33 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:20 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2256012
ETag: "611b-4f323d7fe1300"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24859
jake_test: Test_Pass
Expires: Thu, 10 Jun 2021 22:15:42 GMT

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4F15 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 10:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Jul 2022 10:49:49 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210630&jk=1405036249209206&bg=!jY6ljsrNAAbV4AdB1eA7ACkAdvg8Ws2QqM3OyTar7_zMYJ471SM5z2ZFLzQzFmBlI3eU3btWXiurIgIAAAB6UgAAAA5oAQcKALLRaCJQDhCslsEH2vglP76tioZtG6HmcE3jiHfHT5bCJM6BW-C3yEd35FTJduwnZ_lych5lAycyiuYPhm5x4U-vYYnEpmbL1C0MjNXsvZACv41AjITE-RMCEXbTTpSF81cr5CWBdqN-zl5NPJM3fjojdeYO_HfGudyPhm1YMEEYEjz-BaDBAyClTL8p99_dk7civrSd0BJjEE497YyMfE2voxeF6TVw_QWMhI4JeH9aTQUdmQJrF6gchljTzF63QbJInfUl-jK8Q4gWohU0WbaLJ6_6SdL2GdHuGkMy8spKF-AnIgq_ICTtlLzJH7gGVs13vRlwXtucCWwYZE9c9wNklEqWLyQE-I6NJH6VdwWWXbWKu_8l0j1fXiw79CvnLqmbqPO3YFwgaxF6gl0TOfyjZX735LcbFsCVFfo3zwO1Phe_tiwZT_2lIUym2ADYQcvV6FTVkR-C4E1T_-6LHT4ZTFGduMkvNib4PsTpitHLlgfaebO1yoh44aDo_7qyaOF5XgmUYWIYOsNSK8VcOstCirqBKK6RczLnANOunCY5sUJv_nR94jK2cH12jb_Mw-7wcV7zufXTwKb8_j-D4Z0JRLPbEUwt-3pGvLGIf_wum0Fr34jEgzj613_6MCnZceHm8kPQS7IgN4SZ4J5oNiF8DkvvcaquqDT6EdgVHOExyR4O5fq5BTLlQJbctIiCbudXk8tva6lxg-zPUOan-jFkXCKH6ia5ie3y-388VscLQwNnnEVYHPQSYe1fmUjgUgB9bw_BSdTyt8ZmmW6B_y2Qyv-xvrviN6BvVIrW1axvke_KUKnF4GiOduXxQT3yr2CuSVTRtuKOrNxWyETE4f76sZLgbWvEE-nfYoEObp-HkSlK4Nl2LA4X7_JPCrYXOdvZ_zdnfsQEYEYJOlYeWp_1US1BCwNHLOTOdok6bHpIxdfoqMAd78_BJXYs0GOIa3a9nXvWVHjJhgrhDSoBKgSu0C5S_AQGXO-4hTw-aoGLvt8AFsP2UHFnrCvDrsnNDuYKPD9ZOZaJ03fUChnL8Xlx5FYw9VZq0SRtor6tuPMf4g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D52B 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 02 Jul 2021 12:35:45 GMT
expires: Sat, 02 Jul 2022 12:35:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1F23 0
16 B 18ms
17ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNuAgAEQgqDM9AEY3dbzngEwAQ&v=APEucNW4pgxaCx0QReMFtzs9G6ZvqdwGXPqb0hxf5XCBITXUXMli1QPKQHLs_S5SFswGX1m4YX1aXmsYioOOLiKONoO_lsWMNg

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNuAgAEQgqDM9AEY3dbzngEwAQ&v=APEucNW4pgxaCx0QReMFtzs9G6ZvqdwGXPqb0hxf5XCBITXUXMli1QPKQHLs_S5SFswGX1m4YX1aXmsYioOOLiKONoO_lsWMNg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0y2nrEvmTHO5LiSB8R4rdhELnNAhf6v4sn4_-CEs6tsr6DiWy-C1Qcb32fB4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Jul 2021 12:35:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D52B 39 KB
19 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWAYZhcyvdsmaLStDL7aQhGoK1b7cE-Yksb_rTu-ItLygJZuwkmqAtT39573HopDgEfV-kjWu-FOTAJI-yR7O8TsOamkD1CFtHJBHibciH0Qnd2bdu-rWAWdhTuppHaxptbXSLFwhow-EUwK-3vNsJKBnDTg&dbm_d=AKAmf-CfsRjUIRtjQnJAYSk4tMbR6dIriNyDCcTdQpfx0ksOw-Uq47ik4oT9hOKSSgFBfEDeeLSnkiyvLCLLTpcFIGBwYC5yoh6kWk2Y66mVm1PK7UK4n2xfvDM7o0JN4l1eSu-duiZv8sB2E4ufScwdeakWALM3cxSAKqwFsGSQt-hloF_Xmc6iMrZuZGjFFDP5qklXVrcFMFD566W65FoMD450RBNeXQ5_19hYAXhg3H2ToU25VNMkKzrsNISQ-JO5NZOztsJeKYlJ65uwjUMeGbU_Y-xM70oiEWB5pWtYtjn3ix-Lo28RKZCuClJRu5GOSzbt11QXzAmeS96LZfisjCExU_xLiURdghfKXCITJYY82oofM4NSPMqERT9ONCIaz1mu2MdnMkktmpA9NnrqZxbwAPmBjsFRVJwaquk5IiGl53WOUESFRY_Bdjj4tSOmO_s8ArUXLvMYhV6vw09kzhwKlvX-MtGIwkeKk6nEZWbQtw7SzQdhPYBLhadK4FanOtUkPSQjf2tGjgdDrr2hwA2zrps1-kBZSHhiM4Ivj4N9sBQXokPbDs7d_tFfAZeExGsjBtlbsGpV33HPGtrk4fFOrSzUf97z8JwtK_b1TaU4DUG6klzoMozFRBpOApIiVYC8uCBH_UbaaewNqIUri1-83wsZNFuRyzDvc6pJqfrvn7q8sgdwpzWhjNLWdzDCNWneEITf42-lTQ2qP01OBaNfGq6NhXUcZWoUYFQwC1fkc2q-s3NYw11RzI5vcN9Yk5iKAWJd9oEQuTGlSpvcTGlP42MunfRuqhbY-ujfPUef66WcsJnRrUuHS9lIee3VKummAZmP4y6KZhBJmpiqDzWkGCrhfKUi6cJRmkP5swzaGA3lgMfD_Jm5wRIqzeYYNkIGEeSZj9zmf3pNqAL-p7crNhw1cMyFYPpWBrM_w0kyyC1yg0NmW3qey2dzU--AhVhyOeuWyeE6eJ_fY5HTH1ccHqyPO-MQGlIs9a54fk7uX2kfrgxIQ9hYqY6YE8RgiKMNW0ifWsJmEjmLmRsouPPbX1NPC2FvpznbcNEQf1V1qrSKsUGr1147dsWHl2DZCZKpo3ImM6sJV9vTV1TmqMzh40SGwpDvZA0gbpA2gwvenQr9Gls7fXPujJGjDuQYdZRl6YYECjKaGzcjwaofZdl-8a98J0Yn6TDFDzd4gVPgJB4Wld8aBE5WHa0OeCLayBu8davQdp333xh_EJg42NZ3ENtitGhgAcssy73cxHPNYHAKv4uMyh0PBRFZshuJhywOO-S6Ye1yVeqjS8XDQU9pWAG-KvOAZC1rTfvJUjSfJqSQydGWEHk38uj3SHFbFwhMTaSeKyv9e3Wg6tcc4Gen72R8bMxkGY3PEsJ-C_Z2gUXkxEBxxxQ1tUAQcDMb3AvkIgLohkEK0k08ETmDOCoMqewHYIICSpen88mTlklECMT3dYh1HfjyHMD4uzaGRTEbhIlAzgYKZNZjde4Y1Pg-72a8sclCy9Qb3OGQYF3T94nYI_9FsOWfV7E151AXbzly7vG9CkVAp3mAfjlXCJv147XC0jubt3al_GI9ADM7Gf80UBxEl6cfpnuWunAbfHmJBshgaXm4y5BtFO2mNlNgRQanCKrWAXwJwJARoDms3Atsx1aR4g49zEpGj4gD4Z57JdjKQ0IvNF8xAxoq9SVhuh_O5tV95GB8fNu3CNCPoCRrf1pejK5_FItSaLnnxzYx4gtbU6UEFvnJtomew76UZePLACCwI-RF2USW4MoHNYXFOOXKc7vY8fKon6SV1ZQRU_0vJ2LxGtJKTzkDsJP9Xny7mN1yWyhgidaeI22Tq0jjSY7HRUNNXNTOuNyO2-0IjD_mFw7pH3wNpDwSkUKQF2AMdeG9N7bACImQBegRGsSdIeH7Sy9OG1hgLsZbB1K_aiDcrJZRHk5lmlKKAsY2pErEg5wakGJ4l-S1M3hhoSS5hu0s3A54v87twxtSdD4JOtCKU8dr8eDRfw4AapQqlj7mALMmhqC0eMm_r6tLPBDRvCe_-JWe2yEdL0PQPHwhBAkoNHhaRcMC2d15R6svHa5JYnMxSaqiKgq1ecns3NgWHQUtnSzXwT_oIwjiYqzo-KhU3LhgWEy2q0rPxivmRNgM0F6jJGief1-t0rvJZTLaH3bX-xcsVU8KxeZuRm8-FHb_hO5jNDg9e8r4frTfdpLvSrMjqDv4dYnG4qyEs6SmiRqWK5OZtXZ22TitsNJqQDVHg4m84fjQ5PGqrIgWzcPt5GFtYpxc6Nz6eDRtW_IZA6SwU3_67IFPQOlTJ-AZSkiZkVizwOLgE316phbZOcUHBHX4cVX6b6AtH49yWbHYco9kTodidk6whDugkhH-ZM5X_NEBn8cX0NIOSnSbz8X49ZvZxtjIWegmvteVI9R4YKBwsQ1lfXdbQ16XneM-CTmXJ4mu27EGQZQOEfWKSL1OFx6w1YSoSUR-v-8sWGSirdzJIN4_6Fa91iYJZaWC5BNNoUq4q-mDsAyX8UMRwnVbjVQoIGS8Z9Q1s1Qd1tMaYrvNOqVDDp3BJ3boYzI3bI3bwcPhwGSHlzm1Q3yqOy-daidF58hOmRzTPrW1tUGEcgkoQoQziDPJrnO5r-t11O52xt2F4tCK__nqqjix3Wsl4ulI2YQeDdU5RNVFfIBuoqP23cak-fH1ou8pBcdQSUsgrcH0iA1Ryo5_lvmV0YJaEekVXnwUWVkkFCIYNSEP_Z6KYDp8gou370nAg5afSBzffw6gipA9C4B7Ep1spLMfYGzEd9YBrVk_Cip1vcoxi9C1O_XjiPs2BmayN7R-0xLk06zM58copnGwTLJrGCO2SRJhpD26LdBQC5hgJPUobTwLR_BW5UNDBMAyrE9z7Nd1uwuAjQ50PQx1RJjQAzhGdRoXQPcRX8G1lJe9w7KtJ3x1lfLYHgu4hCXkF_ycw0nl4Gl2qyKAmYmfFJo4WjdYALDBcRUW7HkjkpAejGl9_Dd8E3_v1hPShRVOfk5dp90vowkvSBShTchx0HFEU-4Z97l3treS3xuU8qXmkN0kpAad6xqZ-RfjprnyY3dJJ0uH76rKpW2rNDA8v23CrXZgiLC9cWQLcdDLq9JLN7b-mRV_g9Bl252IXVYncajdXGw3&cid=CAASPeRom320IBG-6PqwjZnQL_qosRuDnm0iOMu_eDQ-GR973IcSHmo75sQaOdMylXHsahcA-neYehb8_BBuhso&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1565cde329ae601fa496ae34fe2f9fc866e24381af10a781799067947867a545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19721
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D52B 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8dwdXfICDW_NzWTi3NDU9e-gtSHziq3PVpBvACPXo7Co2Wf-qIL7GlqNWpC7lo9pXub3mGH7q1Kf6mrZeIGfIVLHwhZECQ59pZFJLmmqA8uHTnhw

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame D52B 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:30:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D52B 125 KB
38 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625082185441780"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame D52B 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:33:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D52B 0
0 16ms
16ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaThy81Pv2NQEnMv1BzfbHFuda-DUvqISmNhVOfYhVyRQYjWzRKTQ3zO69ONoIpGev9jAsw2
Requested by: Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7DBB 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 02 Jul 2021 12:35:45 GMT
expires: Sat, 02 Jul 2022 12:35:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1051 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 02 Jul 2021 12:35:45 GMT
expires: Sat, 02 Jul 2022 12:35:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 259F 0
0 82ms
80ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOL1atWA-imjMyM98lXjsoqevfWvZPj4BzmaRYEZzyW1VB-xQnwJQ094Ru9DvgNx-bl0Qh7p8DXVdwKZout_iYfim-0bSh6ZGhFUDbUZryH0jyqMLyjdFiuRaP3JuZfbRg-ileZ1jNIH2dMhy9nBkNAq6xp8fPSjNRXarjC2_VKZf14yjIgVNlKZP4akivJsXh6nVtjdapidb-G2YPc-ISqvzCzGQCcS8Nis3DMv-LmxBVJa0eSwKovp6k-uHE9DDTczfmfKjFzTaEAA0b5fXclAAxkxCqKAUvsy6Dg7g3Kj29YFnxPO6HwNs8Qd1cN0WuA2Wcl0KuHJup&sig=Cg0ArKJSzKkfDdVbjckhEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 259F 92 KB
33 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f1464ba40a2ac111c0e403d0cd44080b4cd23e72c3a8cccd5cec0b58e30df58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33523
x-xss-protection: 0
server: cafe
etag: 11231430757192293198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 259F 125 KB
38 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625082185441780"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012106212012000/ Frame 8274 188 KB
54 KB 39ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e872cbf02c8b399de0bc02a3120c525d1397d73e6fe9b396ddb9fb8ca645421f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55206
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08e7b47afdadb9c9"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 8274 13 KB
5 KB 48ms
18ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4815
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9c6d4b511682de4a"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 8274 86 KB
27 KB 57ms
27ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27658
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "89763648e638c628"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 8274 4 KB
2 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1490
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9b373dc53e7b532"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame 8274 40 KB
13 KB 49ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12852
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "432397294f345717"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8274 4 KB
713 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 10:53:23 GMT
server: ESF
date: Fri, 02 Jul 2021 12:35:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5710341540059228694/ Frame 8274 15 KB
15 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5710341540059228694/downsize_200k_v1?w=400&h=209

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0fe9eb22790e879a185745f9b8674a5c985d224ac6393e90ee24845d66a4263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 07:09:40 GMT
x-content-type-options: nosniff
age: 19566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15158
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 10:58:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Jul 2022 07:09:40 GMT

GET
DATA 200
OK truncated
/ Frame 8274 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8274 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 879c7c35ea7abd239cdbe7dda6271e1ed4da5a21f42561366a24ca975db2aa7d

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012106212012000/ Frame FA27 188 KB
54 KB 38ms
20ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e872cbf02c8b399de0bc02a3120c525d1397d73e6fe9b396ddb9fb8ca645421f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55206
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08e7b47afdadb9c9"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame FA27 13 KB
5 KB 27ms
23ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4815
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9c6d4b511682de4a"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame FA27 86 KB
27 KB 35ms
32ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27658
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "89763648e638c628"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame FA27 4 KB
2 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1490
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9b373dc53e7b532"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012106212012000/v0/ Frame FA27 40 KB
13 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012106212012000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 332732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12852
x-xss-protection: 0
server: sffe
date: Mon, 28 Jun 2021 16:10:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "432397294f345717"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jun 2022 16:10:14 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FA27 6 KB
742 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 10:45:52 GMT
server: ESF
date: Fri, 02 Jul 2021 12:35:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 2076313506083323656
tpc.googlesyndication.com/simgad/13167066663744657685/ Frame FA27 35 KB
35 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13167066663744657685/2076313506083323656

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ce32dd0505b7e1ae279bede121c8c7c05bdd0086bce3d99d5dcd1db830db1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 04:51:07 GMT
x-content-type-options: nosniff
age: 200679
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 13:41:34 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 04:51:07 GMT

GET
DATA 200
OK truncated
/ Frame FA27 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 510d99f13b8762e009e6988bde74f788474f70d079e8aece447018f7264c9116

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FA27 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62fdb63ff4b7e2e4ad6dba8f2d45b5f4cccc15b4697a6ea53f7b0108da516b6c

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 602C 0
0 94ms
86ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4E1ANaiYYgAiGp5bq-5iXtQ0HTsKbRBtMwy6gC0awQvdx503LMn0PL-uJgilUpov6wc4a6vvJYtbt4_5T39sA1typibu_dbD76cbGQtfhz7psby-6ues-vOnZ4uaakL5wukkqTS_juKRvgSLSqqvczE3yibfUcaQLQSVBWFQ1I0bB4JEYL1E4IMyxWJyi2NRc0gZvzMNSilc9VLVBOObbiuHG4H6YdVSsmH-SxNBjUiQrYSDXvSWmhQy2LFrdg_HX3Nf0Pr0nEzD-YpLTJ7rm55aTfnA_RvX5PGEGSh_Is9Zhc4rLE9cAAwZwg7h336JcZ0MwzFPdQA&sig=Cg0ArKJSzBYLlr9jIiS8EAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 602C 92 KB
33 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9569f62cd99c920f6035dfeae36da60338cbd29414d1213da88df32e49d638df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33512
x-xss-protection: 0
server: cafe
etag: 12690890919717319338
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 602C 125 KB
38 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625082185441780"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B227 0
0 90ms
86ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuG2hHzfyveJPi4uOuLCwH8HPdIdSI47lF1TGx6lBMyOmgMFmjQxW6a4CNiQ6ycfQ1y0ly-vinRV4lolq3W1SaeXMyB6k7M6zqJe51LEYZyAg2x9CS3a4brXIqZA7itTFFe65YM6DAciqVk0Al5b9xmaoduStiyhmfqLA-rdDEVGFMGuftNizctbNFP3PTY8ppuaNpnnysa2-P_9K3dnf0Fnn6sUKNxg0VdKRQRM6l3zPBzVsznW0zsVwZ3nY-prNlICgLVTOmIBFnYsP3Pjpo4xKFwdng0XgxlPCRubKMkNCLqCRWmpvGl0ONuhyc6GpN3chBlJyqb3A&sig=Cg0ArKJSzBQp3Ojlrf_LEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ Frame B227 31 KB
11 KB 63ms
7ms Script
application/javascript 2600:9000:20eb:400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 143558
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
date: Thu, 01 Jul 2021 20:43:07 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: kMpdDoDusvRRcaoOazMEHpVcIQ_2Q80EuiDewQ5q53SUR82HemZ5lA==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B227 125 KB
38 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625082185441780"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD78 0
0 83ms
82ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurP2nuHeqjNuKyJFLbDBoS_h21Dtoni898wuU41yDApKpn-Eg2RHTXsW2HQ2xzsX48k6HES-EvuJCm0CrLBmI-Q7ez_lV8fjr3f5BwDnL9q_up-MEqai9RsQLHk0_vK0wObp2a47BGqoPAXhQsSsct_cZBBwFDyKXV60TeaPuOOvnuKP0KxnEuwggNtLig71M68Mdt04N6gFIMGZ_il8IXUfBzKnlh5kvuDspw1wL0vp61saXr_TPXxpgBkXIES7uIViFszOwMyCdfDJ5YP8iH0IylW4SKCBhfLtWJ7Kw5SgvpcLkg-DOwaAjFTjJEOUzrx85wEopg6yznixPtU343sQ&sig=Cg0ArKJSzMldfsVkkPfxEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ Frame AD78 31 KB
11 KB 59ms
7ms Script
application/javascript 2600:9000:20eb:400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 09:58:31 GMT
server: AmazonS3
age: 143558
etag: W/"cb2b3e45ae50a1cfc9646f528ea92b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
date: Thu, 01 Jul 2021 20:43:07 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: yw0UD1fGBiD3z2H-NEILhSXWgH20u6rRh03-wUZjENjwaTRam2Yjqg==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD78 125 KB
38 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021063001.js?31061750

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625082185441780"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8274 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 07:15:41 GMT
x-content-type-options: nosniff
server: cafe
age: 19205
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 03 Jul 2021 07:15:41 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8274 295 B
319 B 10ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 10:45:56 GMT
x-content-type-options: nosniff
server: cafe
age: 6590
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 03 Jul 2021 10:45:56 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8274 0
0 24ms
22ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2cowC_tcFnByql52XG_WYB0w8pD6Uv8MAHtgxmgIkLxvt4LdaGkJ_njFE9k5yMAiCG4xm
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8274 0
0 85ms
81ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQJLnIQjfYPOzF5y73wOS0LnYCp6E26Ri3qa01bkNhKX6md4jEAEg7_aQIWDRgbmC0AegAdS_mrgCyAEJqQJBuVC_YFqFPuACAKgDAcgDCqoE7wFP0Kwto3unGVrPul85gS8WfFXLj7Y6fwF60WA4P8uvsIyHgTVWYTaYrh2qH1kMyNQyVbUPJlwsAj0RrpGTgYt5SmUp2ulpKApqNk32JtAlehLyb6D3EZBZ-wpkcEbLyCRBdlJMBYuD8wA8g_0dHIPSePBIXnEldazHxKgBYdcGo9rzM_31NOZeWFWC27z_O-r2aZ9-yBT1P6GYAzR_3RUhhKu_CdpSN7V4xfAk1gjqPfZvrpDnVfNnSnLIiawG2Pt7tqM0IHzfn0rv4h-EwDZ-NtRtxX1JjzzV2GvdhxPA2BBmlHsaoU7x5zty5d-31MAE6p6Wpc0D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5TA5ccBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIz6BdIICQiA4YBwEAEYHYAKA8gLAbgTiCfYEw2IFATQFQGAFwGyFxoKGAgAEhRwdWItNDYyNzUxNzY4MDI0OTY3MA&sigh=6pQID1jkvno&template_id=5000
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA27 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 07:15:41 GMT
x-content-type-options: nosniff
server: cafe
age: 19205
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 03 Jul 2021 07:15:41 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA27 295 B
319 B 10ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 10:45:56 GMT
x-content-type-options: nosniff
server: cafe
age: 6590
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 03 Jul 2021 10:45:56 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame FA27 0
0 22ms
21ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9jBBJUxI1pT572_IFkWIfyPC_yF4DavE_nevquAU0iNx3BJEsfAZLR_FP9dpG7s15Ydn5
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FA27 0
0 83ms
81ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAvJBIQjfYIy1F5y73wOS0LnYCt_Ej8Jg2peLpOQN8KqA7JACEAEgheySAmDRgbmC0AegAeHK7-ECyAEJqQKBMjNKmdmzPuACAKgDAcgDCqoE6AFP0OtpqhTywNZVq38maCiAdAlQ_Kqp09VB3i_khTyFG8t6ir8cID6c2m2sS27Mpv3mhWH2-KNSHEspgknfhuzRdi5UyfOEkiOuoZTqOK_NMk6tIiJzNCyA2rdXdHuGPvfj_MsA4lN52A6nl4fD4CGDNrQOyRsC-cNDMUSeTpKTqweNGb-eAQc24t_BHezlpQVr4G3IXMUPyoD0zhVppuLs5hrWY7gqYNh6nporm3p1mq1uCYnqutbwUN1B7cna8wM-hYWou7TAHC4EiCHYiqDB3F3u_jxgLXbZmHW0ygMkJU75C_psVmjGwAS-pIb8pgPgBAGSBQQIBBgBkgUECAUYBKAGLoAHh7WQngGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQv7AN0ggJCIDhgHAQARgdgAoByAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTgyNzUzMDIxMDc2OTM2NjQ&sigh=LzQb18z5oAQ&template_id=484
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8274 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.123greetings.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 17:22:06 GMT
x-content-type-options: nosniff
age: 242020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 17:22:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8274 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.123greetings.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 10:48:51 GMT
x-content-type-options: nosniff
age: 179215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:48:51 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FA27 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.123greetings.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 22:51:50 GMT
x-content-type-options: nosniff
age: 222236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 22:51:50 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame FA27 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.123greetings.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 07:58:29 GMT
x-content-type-options: nosniff
age: 189437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 07:58:29 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame D52B 22 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWAYZhcyvdsmaLStDL7aQhGoK1b7cE-Yksb_rTu-ItLygJZuwkmqAtT39573HopDgEfV-kjWu-FOTAJI-yR7O8TsOamkD1CFtHJBHibciH0Qnd2bdu-rWAWdhTuppHaxptbXSLFwhow-EUwK-3vNsJKBnDTg&dbm_d=AKAmf-CfsRjUIRtjQnJAYSk4tMbR6dIriNyDCcTdQpfx0ksOw-Uq47ik4oT9hOKSSgFBfEDeeLSnkiyvLCLLTpcFIGBwYC5yoh6kWk2Y66mVm1PK7UK4n2xfvDM7o0JN4l1eSu-duiZv8sB2E4ufScwdeakWALM3cxSAKqwFsGSQt-hloF_Xmc6iMrZuZGjFFDP5qklXVrcFMFD566W65FoMD450RBNeXQ5_19hYAXhg3H2ToU25VNMkKzrsNISQ-JO5NZOztsJeKYlJ65uwjUMeGbU_Y-xM70oiEWB5pWtYtjn3ix-Lo28RKZCuClJRu5GOSzbt11QXzAmeS96LZfisjCExU_xLiURdghfKXCITJYY82oofM4NSPMqERT9ONCIaz1mu2MdnMkktmpA9NnrqZxbwAPmBjsFRVJwaquk5IiGl53WOUESFRY_Bdjj4tSOmO_s8ArUXLvMYhV6vw09kzhwKlvX-MtGIwkeKk6nEZWbQtw7SzQdhPYBLhadK4FanOtUkPSQjf2tGjgdDrr2hwA2zrps1-kBZSHhiM4Ivj4N9sBQXokPbDs7d_tFfAZeExGsjBtlbsGpV33HPGtrk4fFOrSzUf97z8JwtK_b1TaU4DUG6klzoMozFRBpOApIiVYC8uCBH_UbaaewNqIUri1-83wsZNFuRyzDvc6pJqfrvn7q8sgdwpzWhjNLWdzDCNWneEITf42-lTQ2qP01OBaNfGq6NhXUcZWoUYFQwC1fkc2q-s3NYw11RzI5vcN9Yk5iKAWJd9oEQuTGlSpvcTGlP42MunfRuqhbY-ujfPUef66WcsJnRrUuHS9lIee3VKummAZmP4y6KZhBJmpiqDzWkGCrhfKUi6cJRmkP5swzaGA3lgMfD_Jm5wRIqzeYYNkIGEeSZj9zmf3pNqAL-p7crNhw1cMyFYPpWBrM_w0kyyC1yg0NmW3qey2dzU--AhVhyOeuWyeE6eJ_fY5HTH1ccHqyPO-MQGlIs9a54fk7uX2kfrgxIQ9hYqY6YE8RgiKMNW0ifWsJmEjmLmRsouPPbX1NPC2FvpznbcNEQf1V1qrSKsUGr1147dsWHl2DZCZKpo3ImM6sJV9vTV1TmqMzh40SGwpDvZA0gbpA2gwvenQr9Gls7fXPujJGjDuQYdZRl6YYECjKaGzcjwaofZdl-8a98J0Yn6TDFDzd4gVPgJB4Wld8aBE5WHa0OeCLayBu8davQdp333xh_EJg42NZ3ENtitGhgAcssy73cxHPNYHAKv4uMyh0PBRFZshuJhywOO-S6Ye1yVeqjS8XDQU9pWAG-KvOAZC1rTfvJUjSfJqSQydGWEHk38uj3SHFbFwhMTaSeKyv9e3Wg6tcc4Gen72R8bMxkGY3PEsJ-C_Z2gUXkxEBxxxQ1tUAQcDMb3AvkIgLohkEK0k08ETmDOCoMqewHYIICSpen88mTlklECMT3dYh1HfjyHMD4uzaGRTEbhIlAzgYKZNZjde4Y1Pg-72a8sclCy9Qb3OGQYF3T94nYI_9FsOWfV7E151AXbzly7vG9CkVAp3mAfjlXCJv147XC0jubt3al_GI9ADM7Gf80UBxEl6cfpnuWunAbfHmJBshgaXm4y5BtFO2mNlNgRQanCKrWAXwJwJARoDms3Atsx1aR4g49zEpGj4gD4Z57JdjKQ0IvNF8xAxoq9SVhuh_O5tV95GB8fNu3CNCPoCRrf1pejK5_FItSaLnnxzYx4gtbU6UEFvnJtomew76UZePLACCwI-RF2USW4MoHNYXFOOXKc7vY8fKon6SV1ZQRU_0vJ2LxGtJKTzkDsJP9Xny7mN1yWyhgidaeI22Tq0jjSY7HRUNNXNTOuNyO2-0IjD_mFw7pH3wNpDwSkUKQF2AMdeG9N7bACImQBegRGsSdIeH7Sy9OG1hgLsZbB1K_aiDcrJZRHk5lmlKKAsY2pErEg5wakGJ4l-S1M3hhoSS5hu0s3A54v87twxtSdD4JOtCKU8dr8eDRfw4AapQqlj7mALMmhqC0eMm_r6tLPBDRvCe_-JWe2yEdL0PQPHwhBAkoNHhaRcMC2d15R6svHa5JYnMxSaqiKgq1ecns3NgWHQUtnSzXwT_oIwjiYqzo-KhU3LhgWEy2q0rPxivmRNgM0F6jJGief1-t0rvJZTLaH3bX-xcsVU8KxeZuRm8-FHb_hO5jNDg9e8r4frTfdpLvSrMjqDv4dYnG4qyEs6SmiRqWK5OZtXZ22TitsNJqQDVHg4m84fjQ5PGqrIgWzcPt5GFtYpxc6Nz6eDRtW_IZA6SwU3_67IFPQOlTJ-AZSkiZkVizwOLgE316phbZOcUHBHX4cVX6b6AtH49yWbHYco9kTodidk6whDugkhH-ZM5X_NEBn8cX0NIOSnSbz8X49ZvZxtjIWegmvteVI9R4YKBwsQ1lfXdbQ16XneM-CTmXJ4mu27EGQZQOEfWKSL1OFx6w1YSoSUR-v-8sWGSirdzJIN4_6Fa91iYJZaWC5BNNoUq4q-mDsAyX8UMRwnVbjVQoIGS8Z9Q1s1Qd1tMaYrvNOqVDDp3BJ3boYzI3bI3bwcPhwGSHlzm1Q3yqOy-daidF58hOmRzTPrW1tUGEcgkoQoQziDPJrnO5r-t11O52xt2F4tCK__nqqjix3Wsl4ulI2YQeDdU5RNVFfIBuoqP23cak-fH1ou8pBcdQSUsgrcH0iA1Ryo5_lvmV0YJaEekVXnwUWVkkFCIYNSEP_Z6KYDp8gou370nAg5afSBzffw6gipA9C4B7Ep1spLMfYGzEd9YBrVk_Cip1vcoxi9C1O_XjiPs2BmayN7R-0xLk06zM58copnGwTLJrGCO2SRJhpD26LdBQC5hgJPUobTwLR_BW5UNDBMAyrE9z7Nd1uwuAjQ50PQx1RJjQAzhGdRoXQPcRX8G1lJe9w7KtJ3x1lfLYHgu4hCXkF_ycw0nl4Gl2qyKAmYmfFJo4WjdYALDBcRUW7HkjkpAejGl9_Dd8E3_v1hPShRVOfk5dp90vowkvSBShTchx0HFEU-4Z97l3treS3xuU8qXmkN0kpAad6xqZ-RfjprnyY3dJJ0uH76rKpW2rNDA8v23CrXZgiLC9cWQLcdDLq9JLN7b-mRV_g9Bl252IXVYncajdXGw3&cid=CAASPeRom320IBG-6PqwjZnQL_qosRuDnm0iOMu_eDQ-GR973IcSHmo75sQaOdMylXHsahcA-neYehb8_BBuhso&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0
server: cafe
etag: 11618055936852703379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:30:54 GMT

GET
H2 200 digital_masters_VIKINGS_NRD_streamnow728x90___CE__ES__NR__PT__post_Free_trial_March_2021.jpg
s0.2mdn.net/8278829/ Frame D52B 27 KB
27 KB 28ms
7ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8278829/digital_masters_VIKINGS_NRD_streamnow728x90___CE__ES__NR__PT__post_Free_trial_March_2021.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b67ead8272d7778ba52209e66b8de20a6c88cf3318ced3a7dba65ea18086288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 06:13:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 11:56:24 GMT
server: sffe
age: 22919
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27323
x-xss-protection: 0
expires: Sat, 03 Jul 2021 06:13:47 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame D52B 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:33:13 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D52B 0
592 B 130ms
53ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiXTROz-Y8TyISzN7w__Vv8B3AJ9fybpyRVTgHJ1vfVeAASbbCZmcKarFXbNBhGfGx5h1Alcag7jcIPYsK97fyE1jPMhSr2WVc8h7klIHcHVfNnJ4l_JidEnYx0D35RFFxWf752UdX-L8yKP7kznAnhX_Fkl5vSFOkRFRw7LOuRRxOekxCk6-978rCHyOfFmYg_jui_NbKtDCixFcuRCCppUj61RUGiESU9V1y682yCdMNBuB_deyyCT9YK1tbaIa9DHTudjMZjjyYN-LJd0QylDkZHf2wTJlr3L-ayYWlI0N7Wpq-yVveA-dQ5WQUNU9GlvNUW6S9HF0HEGwK5J2JBS_cidg8hiI2CM_Bv6DJB4sVF0Nx3YPZZFOskfV4C96_SAREWd9-iZNGQNo6W_2smWlMoY69JUfZWrq1w5Q0TAK7VdIOswInAtrWG8F1tT24KG2Eo7zS2GNyo0XU5FDIKnKdb-c60DYEO5uCVYSpng6bo-MUn2V2cfhwgAGznXOZOLl1E8rPzCAre0AVx9HmpR9hT8gkRe3QgX0M3iP5CvQIFHajgg302ZTeCCx0drHpVuAzL4MpyBVvUwcGIM-7ERbW9K9C1Y9pShhQzixQSWmrHl458ftBERY-aV5OcppVrq6VjNNtbwcv4i1efpul6MqjhmYwj4hkL3Mww-VCWFAm21J_MAQviRwBMKe8dLT2kPddDXE4GEZtYgad_Zu17kAGfM4NygSDSUUFKXfKn3lU_yygR_NhFqLIXwsl_dC24M7wzONWQm42UM3Bm-wOPTUrGNWSV_nPG7E7hopIjej5hPCkvaoiEULUYzctuh0lCjHsL2_PC2QzAJfy67RJ1Zxfl0Grl73hLSIMFy4pJVtQ8A6QAacxyJNs1vnU7aFS79vxsyQ6K324iuWAiEtu4CaoMKdd6GiK1DMs7nlQaOKCqyjXxcueCVw0wbvvs0kuxTZBhSu1GT353K1XnQhnc2KRx2eNzWpH7pecj9y0JRA_GMLmblB6kT2o_KJMbzbfejogUkDXqgHq2L8fK2UTWo014w0iAN7tjTUGq8TCHhMEhSvVBPOyRjanmOZCD9VjrZt7oKp23XyEkJkh3K2ZBe5dUIoYMsHs6B6A_07SrvyPZDAyrtc0XSGSoKKVvsfq8LYffm5LbB1Vanlj1OQTZgujrzEceqtu4-3vFUrLb99MB9c&sai=AMfl-YSAICaQVlFfztB42_vV1RPU4OHndv-IglrPNWvt_DYr4qL41U3SdpySs_bWxB2pbFLZ_PBlb9NBhr6Ab6tuAxE1VhCXaJB9GfHonbVhtDq2dmu3PICAOXFbcTZju0i7648U7_87CXuohAvALRb-bSd_Z2vkdX52c7ZnSJuF3KFR9VTslxRGYGUlHXjz1vBF-pEUNronScA-Zlj99Hy-pH4sMFFgfQogHvy_VuYQBg&sig=Cg0ArKJSzDu8WYMO_m5xEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210624.95362&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 02 Jul 2021 12:35:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D52B 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Jul 2022 12:22:46 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/ Frame 259F 240 KB
89 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1&bust=exp%3D31061746

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c107239496609ede285e80b91336c653f68e65956a25b489ef9b4d9591d07ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91175
x-xss-protection: 0
server: cafe
etag: 16806287549005047208
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
DATA 200
OK truncated
/ Frame 259F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7bf7433e6f51ced016386100acbcf95d5775010d93f6f8ac5174e6f1c07e242

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/ Frame 602C 240 KB
89 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c107239496609ede285e80b91336c653f68e65956a25b489ef9b4d9591d07ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91175
x-xss-protection: 0
server: cafe
etag: 16806287549005047208
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
DATA 200
OK truncated
/ Frame 602C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e87ceefaaeef2a8e9f88b08287f849c82d8a6f7c933db3db33aca99eb076723b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B227 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3d0226d7439921cb6f949eef99ec124bcef04050296815663b3e5299f953b63

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AD78 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6be7bd6b94057e9b2696725350ebfe9096fcfd37997fa72ddbde8a18693ba3c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/ Frame 2EF7 3 KB
1 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a38059bcc8e0aa4348b158002c9a5ed76de0d16bfc31ed9270ce8638e64ca35a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/7227308453062012376/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1148
date: Thu, 01 Jul 2021 03:54:51 GMT
expires: Fri, 01 Jul 2022 03:54:51 GMT
last-modified: Wed, 30 Jun 2021 14:27:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 117655
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7DBB 0
0 83ms
82ms Fetch
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1xgsIQjfYPuvF5y73wOS0LnYCvnvkbVjl-CqvtIO3tkeEAEg7_aQIWDRgbmC0AegAcb7j9IDyAEJqQJBuVC_YFqFPuACAKgDAcgDCKoE6wFP0O03B-oLPqOrj_n5rzp7WsBHcmIi6B9KJv6yRVJn4kjDrwL5m5dJ-e3NBwPom-T9funVxiiLsMy-iIiCKhX4idfFYEAnP-Dw4lvalBvGf7bDMjae4hBh4UyXpGzEiQv-pv7o09MICSXDakfX3k_cd7gDM1K8Jv3f1xnL89H3iCQljACxlqoVkDy3N0BkCBs0OjeOeyn8fmWznfmU2q5JtWIvs66d3ywi4lMMrnpoR1353pveJbqCzcIRalGQDtNLft4_aPWn8yP0PmiK8x4T2Z49oIHHHiuy5x-aJn8A8_EnhSDYI1VD1J5UwATL7uOBwgPgBAGSBQQIBBgBkgUECAUYBKAGLoAHooTwLagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBD6ni7SCAkIgOGAcBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNDYyNzUxNzY4MDI0OTY3MA&sigh=IZsrIrbqvwU&template_id=419
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 7DBB 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:34:25 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 7DBB 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:30:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7DBB 125 KB
38 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625082185441780"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 7DBB 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:33:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7DBB 0
0 20ms
19ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRZ1suy7u4HFP7pRCFAVy0OhPnhqfccYMpo5OfJItVlx00bPAbtvC0L1GBckCo3FdOnArOZ
Requested by: Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E159 0
16 B 24ms
22ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNuAgAEQgqDM9AEYi5OKoAEwAQ&v=APEucNWGeUq5HT_wyMm3wBnU2H91OND8wJnL846XRDuMAVYOFNzSYlkRc8NNeQWrOvTPX2A603xuGsxKQkcyPYnYBPDF39FRgQ

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNuAgAEQgqDM9AEYi5OKoAEwAQ&v=APEucNWGeUq5HT_wyMm3wBnU2H91OND8wJnL846XRDuMAVYOFNzSYlkRc8NNeQWrOvTPX2A603xuGsxKQkcyPYnYBPDF39FRgQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0y2nrEvmTHO5LiSB8R4rdhELnNAhf6v4sn4_-CEs6tsr6DiWy-C1Qcb32fB4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Jul 2021 12:35:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1051 39 KB
19 KB 65ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DweUPlG4bLs5Ub0hgIW9XoZKeazLewTiixBEWSwZq3GKalgYtDEni911MbgQ0gYfvUQGa5oRS5SpL1GvM_hkT5wENaomuzZKm9xpe_FzExnDCnn7JrvEuYbhq8E3czc8YwhothjdKmk1YI0RZzTnJ4RJXNmw&dbm_d=AKAmf-A-abiZj_FTJCQJ-7ehT8gHvM5B7H6uVASN0JQ7xnco87QTT8VJaMDE8GZ3VWca53rA6kO1B6HfRJl-3-TUNrGoim0TfIUTJttoIj3XyeN66oqw26iMk8yZGBxFBmHFKXbG_y0hWpN3mKebiQLs1cwZ22cPsPBM1jH5kdyMSzWaN9VCllxzfdvk9RAbrt2N9rXD0bJ9fshpELRzygGMzTihDC_jTGj-1zPurPvJwoDzJ7QoZ4LSAvlxK_Hm_m5j4BxqsO-rvyztSoiFBY6PU28mf0Wn0REXtvuYXfOhWhYcatc6wqXWjg3LO68smPPf-Lzaoo1i6HTqxwSpy5wLvlJQtFk9GwuSQLAd7JXpIaavGUhsHpWcj_LelQm3Zcl2YFwej1qCBENIECdBIMpfYO59K6UbmIr4KZT6dl4kkJJQ8Thyi4QlAJYWzublnxEPkKx3dxaSJc2CwYb1sOj_Rt705WGEOqLRYXBWsGzCeeyrg0pzPy7VGp4w2lTtT8cQbHMKxLaXUhugmNy3KK_wKToH3qqB3tcES2jZKDVr4hiqC_yxuGX4tBolY4B3e7EMXVcF4OXoSrgalHPGm5bhIbjbw6Qs4y3dDqHnRMqkrkNvkjv2vVSsfbDNqxvRZA1jYjcXVYec6jUuNDE36KSx4vx4RHLyKv0bRXClt_cDI3I7aU9F2OqeoujzBFRcz1Wq3hiM_Thn2xOuqyROQd0-zn1PH5dlB7mYnfnMxhAwUp5fcAMIi_MIMiQZ2xXs5rYAlBixaEP_iAGrLmXEQV5RiqOG2mvO4s4OVRMylx6y7AqFWVh3iXxFZcWcdUmqIHUSkFXLR9wPGAc_kq-r4_JZ6ZwyMbv9fYUf-Cbo1l7snHMF5rf2jP0U0qtEgN_Iziu9m-RLhOfrrfwmgou6UrX7kVgp2Kq5Qik7JaehNuta1CJTzn8w5c5cUBWQi2G_MmGjDl1fFt4Y6N6hx4lZYX7UlpLVv0WZJUjaj9NHzT8sY13xqEEBNFL3SFNl8uM9FdS9GRf4vJXfADG2LsOkzuBTfXPRmpGc2mPSgIgGMtZGZeHHmFOztS3U8ykpJylLyvk0oh-ja4P3fk6a3JhkGaIlbSzEWnrd8uad5iZ8sKvO5zb41gUA_FqSRt6nGVS-dl4qbL1REMjWwJppw5eq2pUlTZ9dE-Y9E9Nt3o-yQYBjx_cNCZlskz_pDYSCyEuHaayLgvxpuLu1y-IwSTvR6EUqsADyXrJxhkj1rXz7nRKrgc896djLBJzs86HV9X2CAqu2L_i2-r5ueW0lfcZGQB-8_z_nqRl5KJVzcjA-0HvClDvdIs2gFzE5Svt6Vd3NJO2tPC9nwRv1ThlKg2Gu3G07TgFKJFiL6p4vTmt2k1VSGubkboUi6o4AFqlSboUr48NgK0Yu8Jo-U9f1AvCQSXMWCgOpFNF5rvtNkL4M7nzovLqFzYe-uLMxmXj-pXQ817Uh4WpZzGPZqSxBSzBk_VNtQ4dO5cyrVsL81KPOwopw4OZHi_3xpnIpeNXN9v-I01u_Jb3vw-vCWcsJUI3oxSuJRmEEyqLlTsUHtwX7e3pKyHsOqUbO1CV3C19qbKJUKx0m7m2eZJi5DMeHCR3SDDpGuuoYXrIp6fKzeriXJrK-65MzJleTz7X3ovgOiG-mC7nk2iuc3qIYpUCGCaPugdmVlPCJvrQJQrkr7XCB4o3Xc9zHdmGDvUNMvFge2G46aAnVeefzGw6wawAG_9s44FdfmjlRLqn0_ijcIVfVYsjPXvDO_83_o1Df7BUq8r1CSporVTWSePEzfcu6j5ze-5a7zIRzHkNt8xu6oP16tyeYVU5W_oA95k9xiXkHyAT8ooUS1P4f1fKY1oCCPoOJA-qjy6MvkLjGyuINseCS88d2F3HdlS5rnszEzE-0US-Ix1kcg63vuRHFQZz-nAaZULRVi3R911h2Is_La7zmDoMvucT3utTmcPBdPDvuibDI01U5i4xmaqqfOHBrU1-tnSx8Ek6opgKpEI4z_Zh2CXrctjbpQGYIed74rUapsGfkmsFJ5jZJdhxjgp5J2vCxOUT6bng5TWh_w3LslfUmn3W_YNQWW-78k6k1KIB_Zjvicc-RLV38VYcvqYehZuAfS4ZNoLkBrImtwsN5NPV8_hKCH3ONAtqnw1QJzVh15IP0vx-eRldyQCDhujoi7n5S6d9gdgUIei5-q8uLg3Kz4Wo44hUANHNiiPXcoNSLx4RzEBy_loFpCCG9L0omjt4pjlGjBPwfbtT9e5YJ26rxUc0KpUacDd9iUQ2eSh3CZJAW9Vj8bKDF2gwAl7CkAE8QwEQeInu2HDvtqFnqY0zxJnyKOWp1e4IgQr3hTo-4x1WmLcJhQ120c5Q4102abAphyaAFo0wyEP6qvjc_JB3qNQM2kjMq7zwe9I2BBLHgDJraTDeaFm0zHmsBhY0R3Y1_MT5W2LNgoLTIu7L6hZGObfLjQ-f8qaws7JWnNFhtW-54JQQPabrk0dZJyv7nUefj8tD6HeCJQF1cjgH6NKtYO4z1nno7KpfRmtX6a5-pLCNtnHILso1s4QM_CPRh6UWHfYXOlLlfiiA8rE_QjDQ9BFotjc4VYlY4urFGkfL_FuB3IIwOjguF7SzZHORjnx1ooNseWVzQHUqMzzhkd2UK3iQbP9u-U7WxPcY__2fGd7U3f9-AR2MTEORcPd2E7blOeZU5o6Gmou1SBQPI0wNiKAvbjM1n56KW3D0PyV7nB26x3j6c806zzt1ZsjqRGJ5XqtcHWQSJIgY5FSMXZpbEC27rF9EqTs7VBPqq85zqJNFn6sHNvuxosyO5rzCO7sDFErSOtfP-eiaAPpCbERdVTpNAcFnNwfLSXYlDIkxZwGOxp3Y2baJcVCjuyRW90UEzGPZ2UQPoClx9Rl8qdJRV8Z8JbLiyqSFd7mxedftivndigZpHZqlTt-IDnJmW1wk9wPOQRJTagl86nTwbYHlh_CZtj2hZlH9nmsFaTwxYWdUHUWNGYPbJEzajXrYMfHNlN6iOEaDX7QVlkfRC9_SmkFQH_xeV1C58oNmALwFru2pyB1S1CQxq8mKuExd_wdD_J32RroP37K4t8c6PM-e4Wp1TpnYpybJE5aKQgUaPJBoNyX64ebmTUSneJk3OuaxzSfUJAtq76EoOmQ&cid=CAASPeRoXbVSB3p7oZSHSiACc6P0Zz42gq7ACnz5It5Y51v4JyGUrHwLYhSCTe2mttQMPkbe5yKmEYzPYIbeBzY&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42bfbde3c7a0481f12b82e3334e401d9bb7db1988e90b6bf006a3e735c8c6631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19778
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1051 42 B
63 B 66ms
49ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BniJKnZt7F6HELBDSe25ntObk0DvAzlp-XNfBSFnjpSdT8aWF5BXS_8tgjz-ptHTz_Eucla8D6A1ktPMF_VP6r3Dl6btcTYIZamPWvY7dPe9ZHevQ

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 1051 3 KB
1 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:30:28 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1051 125 KB
38 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625082185441780"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame 1051 14 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:33:19 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 1051 0
0 21ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQy3fkRWUjD8wCvO4cdfN6BSqCmwpKWITlwheHFtuC_xhOJgUq6JXlQ9YVYhAbqFEbfYKwV
Requested by: Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK abc.txt Show response
static.avantisvideo.com/data/ Frame B227 21 KB
5 KB 52ms
18ms XHR
text/plain 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb41e96940058c1071a940f204531734a74d4c76bf3a2be1174949d3318f9f74

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Jul 2021 12:35:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 06:59:51 GMT
Server: AmazonS3
x-amz-request-id: ZK4XBQGDGWDN09PC
ETag: "99940f52b3afb1693010c76acaed6577"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
CDN-Origin-Protocol: HTTP
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 5066
x-amz-id-2: 2wKjPynhwcagfvYc5gtlHD4M0zv8cjhxPZeGvlWP1kj5WTOpUAT2mQjqQ/l9EFycgCmYGOWSYH8=

GET
H/1.1 200
OK abc.txt Show response
static.avantisvideo.com/data/ Frame B227 21 KB
5 KB 49ms
16ms XHR
text/plain 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb41e96940058c1071a940f204531734a74d4c76bf3a2be1174949d3318f9f74

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Jul 2021 12:35:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 06:59:51 GMT
Server: AmazonS3
x-amz-request-id: ZK4XBQGDGWDN09PC
ETag: "99940f52b3afb1693010c76acaed6577"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
CDN-Origin-Protocol: HTTP
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 5066
x-amz-id-2: 2wKjPynhwcagfvYc5gtlHD4M0zv8cjhxPZeGvlWP1kj5WTOpUAT2mQjqQ/l9EFycgCmYGOWSYH8=

GET
H/1.1 200
OK abc.txt Show response
static.avantisvideo.com/data/ Frame AD78 21 KB
5 KB 51ms
17ms XHR
text/plain 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb41e96940058c1071a940f204531734a74d4c76bf3a2be1174949d3318f9f74

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Jul 2021 12:35:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 06:59:51 GMT
Server: AmazonS3
x-amz-request-id: ZK4XBQGDGWDN09PC
ETag: "99940f52b3afb1693010c76acaed6577"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
CDN-Origin-Protocol: HTTP
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 5066
x-amz-id-2: 2wKjPynhwcagfvYc5gtlHD4M0zv8cjhxPZeGvlWP1kj5WTOpUAT2mQjqQ/l9EFycgCmYGOWSYH8=

GET
H/1.1 200
OK abc.txt Show response
static.avantisvideo.com/data/ Frame AD78 21 KB
5 KB 51ms
19ms XHR
text/plain 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb41e96940058c1071a940f204531734a74d4c76bf3a2be1174949d3318f9f74

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Jul 2021 12:35:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 06:59:51 GMT
Server: AmazonS3
x-amz-request-id: ZK4XBQGDGWDN09PC
ETag: "99940f52b3afb1693010c76acaed6577"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
CDN-Origin-Protocol: HTTP
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 5066
x-amz-id-2: 2wKjPynhwcagfvYc5gtlHD4M0zv8cjhxPZeGvlWP1kj5WTOpUAT2mQjqQ/l9EFycgCmYGOWSYH8=

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame D52B 0
23 B 99ms
46ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8274 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 07:15:41 GMT
x-content-type-options: nosniff
server: cafe
age: 19205
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 03 Jul 2021 07:15:41 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8274 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 10:45:56 GMT
x-content-type-options: nosniff
server: cafe
age: 6590
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 03 Jul 2021 10:45:56 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B227 0
0 134ms
80ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcQk0ZSJMS_SiuNk3vVc7fRoRq_uNBOe8-7tltKuKWcX3FcrcI-C-uV3i7BBZjY8Ool9xxasLuh6UZpTO9zQK_haGhlEIUegnhyP_MWErQNSKUeDRMBlasfpgm5KWuxrZbMmz83l16duumI1cDrKLUWXSKxoFFkFSDyUBtBWs_26jnhOxIwbyd7pU3_Wl4U_qzfS-5ypyHWRaQbjEbBHuUwvrvEZY1F8o8M8KpRmi9vr9afH0UnBxE_CAJ2bPlKvHDi7c-v3Rm3XyaLhmsX2PNI425AHlOmVlKey3CaH2i2CvdiVCE3_q5Orc7lhh-WEd5c0nMUoKP-W4d&sig=Cg0ArKJSzCjisGBjWY3jEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD78 0
0 130ms
80ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttZStLeVIt5vVTZfn1PgclstO9gO4KAGC-UBDo6S8my6nvXjCUvmXT8NqxBLGxvMAT0meydK3ekMjtFq-OaHO3fzA6D6azWaCdXTY4hW5KLtWmn_gnBm9lOnwD_ZZ2B1TPq_8K-FTANhWZ1TSztqoGkajXQIHLFPuDx5i2ObR7xzc4yP6NEW0NMcK0qswKVVi_TruvlY46CMtW0VfFb7c7jsEjqiZqLQuMd5JSnDB8Jg4QgHTt83ubs6-PEEqYQHHXaPAPJiUhkgoD-ugujSQmI_-lEEpLQ3spSKVRcAG3k45z--JbhX9n6mI45nUDZwdAhGZto-THOPwJJZ9Q5lTNx05G&sig=Cg0ArKJSzErfaxVK_rqzEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8F6B 22 KB
8 KB 9ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 02 Jul 2021 12:22:47 GMT
expires: Sat, 02 Jul 2022 12:22:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 259F 206 B
216 B 54ms
53ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D7cd341f1406e54fc%3AT%3D1625229345%3AS%3DALNI_MZW1DNEepY4UwnhBCyW8jkbI4cOyQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1&bust=exp%3D31061746

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7bfd2a9639f7bba13a750df9f04f31fc8a19ddef240d3b23b1a5b276508c72cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 259F 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1&bust=exp%3D31061746

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 259F 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1&bust=exp%3D31061746

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D65 603 B
65 B 88ms
87ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=816031645&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625229346446&bpp=14&bdt=179&idt=396&shv=r20210630&ptt=5&saldr=sa&cookie=ID%3D7cd341f1406e54fc%3AT%3D1625229345%3AS%3DALNI_MZW1DNEepY4UwnhBCyW8jkbI4cOyQ&correlator=8330245361517&frm=23&ife=4&pv=2&ga_vid=2059230183.1625229345&ga_sid=1625229347&ga_hid=1032051427&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1847&biw=1600&bih=1200&isw=300&ish=250&ifk=3288313951&scr_x=0&scr_y=0&eid=42530672%2C31060974%2C31061746%2C31060048&oid=3&pvsid=2053276905149562&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vh60z9v74umz&btvi=1&fsb=1&dtd=423

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1&bust=exp%3D31061746

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=5083543412&adk=3974919071&adf=816031645&pi=t.ma~as.5083543412&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625229346446&bpp=14&bdt=179&idt=396&shv=r20210630&ptt=5&saldr=sa&cookie=ID%3D7cd341f1406e54fc%3AT%3D1625229345%3AS%3DALNI_MZW1DNEepY4UwnhBCyW8jkbI4cOyQ&correlator=8330245361517&frm=23&ife=4&pv=2&ga_vid=2059230183.1625229345&ga_sid=1625229347&ga_hid=1032051427&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=970&ady=1847&biw=1600&bih=1200&isw=300&ish=250&ifk=3288313951&scr_x=0&scr_y=0&eid=42530672%2C31060974%2C31061746%2C31060048&oid=3&pvsid=2053276905149562&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.vh60z9v74umz&btvi=1&fsb=1&dtd=423
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0y2nrEvmTHO5LiSB8R4rdhELnNAhf6v4sn4_-CEs6tsr6DiWy-C1Qcb32fB4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Jul 2021 12:35:46 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 259F 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1&bust=exp%3D31061746

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a9a19e56cdf55a52ccdc15ae0f7bc04cf281e9039c1f33383266fe60df71b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625082173397852"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27722
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA27 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 07:15:41 GMT
x-content-type-options: nosniff
server: cafe
age: 19205
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 03 Jul 2021 07:15:41 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FA27 295 B
319 B 9ms
9ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 10:45:56 GMT
x-content-type-options: nosniff
server: cafe
age: 6590
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 03 Jul 2021 10:45:56 GMT

GET
H3-29 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 602C 206 B
218 B 57ms
57ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

24d4bc452b275c433488f0a408057207637abc5c59229d9ff217f52653f81e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 602C 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 602C 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C9BE 603 B
65 B 85ms
84ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530240&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625229346519&bpp=14&bdt=224&idt=391&shv=r20210630&ptt=5&saldr=sa&cookie=ID%3D7cd341f1406e54fc%3AT%3D1625229345%3AS%3DALNI_MZW1DNEepY4UwnhBCyW8jkbI4cOyQ&correlator=8330245361517&frm=23&ife=4&pv=1&ga_vid=2059230183.1625229345&ga_sid=1625229347&ga_hid=428927601&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3019&biw=1600&bih=1200&isw=728&ish=90&ifk=2200124571&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C31061383&oid=3&pvsid=2152110369479025&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nse9xkshzoaw&btvi=1&fsb=1&dtd=419

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=272530240&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625229346519&bpp=14&bdt=224&idt=391&shv=r20210630&ptt=5&saldr=sa&cookie=ID%3D7cd341f1406e54fc%3AT%3D1625229345%3AS%3DALNI_MZW1DNEepY4UwnhBCyW8jkbI4cOyQ&correlator=8330245361517&frm=23&ife=4&pv=1&ga_vid=2059230183.1625229345&ga_sid=1625229347&ga_hid=428927601&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=3019&biw=1600&bih=1200&isw=728&ish=90&ifk=2200124571&scr_x=0&scr_y=0&eid=42530671%2C31060048%2C31061383&oid=3&pvsid=2152110369479025&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.nse9xkshzoaw&btvi=1&fsb=1&dtd=419
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0y2nrEvmTHO5LiSB8R4rdhELnNAhf6v4sn4_-CEs6tsr6DiWy-C1Qcb32fB4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 02 Jul 2021 12:35:47 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 602C 72 KB
27 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a9a19e56cdf55a52ccdc15ae0f7bc04cf281e9039c1f33383266fe60df71b51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625082173397852"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27722
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:46 GMT

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 3BAD 42 KB
15 KB 21ms
7ms Document
text/html 2600:9000:20eb:400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method: GET
:authority: cdn1.avantisvideo.com
:scheme: https
:path: /connect/u_d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
last-modified: Tue, 30 Mar 2021 10:01:49 GMT
x-amz-version-id: Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Jul 2021 09:24:07 GMT
etag: W/"f5694815436f3e426c35d9ae8274ad04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: aIGvvffruxk7fgVRr98d8HRAVV0W6iJAuz58uoyqKggi0T2fVCftzw==
age: 11500

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 1B85 42 KB
15 KB 15ms
8ms Document
text/html 2600:9000:20eb:400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method: GET
:authority: cdn1.avantisvideo.com
:scheme: https
:path: /connect/u_d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
last-modified: Tue, 30 Mar 2021 10:01:49 GMT
x-amz-version-id: Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Jul 2021 09:24:07 GMT
etag: W/"f5694815436f3e426c35d9ae8274ad04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ocsJUE9tmldUW5Emm0vTLoGH8gN_S42XMnDS8i19_tVOnEJqymHi3Q==
age: 11500

GET
DATA 200
OK truncated
/ Frame D52B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f66dba7dbeef3681835963a2bfd8a275f87ba02e6aefb61eee3a1502d803fd05

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame 1051 22 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DweUPlG4bLs5Ub0hgIW9XoZKeazLewTiixBEWSwZq3GKalgYtDEni911MbgQ0gYfvUQGa5oRS5SpL1GvM_hkT5wENaomuzZKm9xpe_FzExnDCnn7JrvEuYbhq8E3czc8YwhothjdKmk1YI0RZzTnJ4RJXNmw&dbm_d=AKAmf-A-abiZj_FTJCQJ-7ehT8gHvM5B7H6uVASN0JQ7xnco87QTT8VJaMDE8GZ3VWca53rA6kO1B6HfRJl-3-TUNrGoim0TfIUTJttoIj3XyeN66oqw26iMk8yZGBxFBmHFKXbG_y0hWpN3mKebiQLs1cwZ22cPsPBM1jH5kdyMSzWaN9VCllxzfdvk9RAbrt2N9rXD0bJ9fshpELRzygGMzTihDC_jTGj-1zPurPvJwoDzJ7QoZ4LSAvlxK_Hm_m5j4BxqsO-rvyztSoiFBY6PU28mf0Wn0REXtvuYXfOhWhYcatc6wqXWjg3LO68smPPf-Lzaoo1i6HTqxwSpy5wLvlJQtFk9GwuSQLAd7JXpIaavGUhsHpWcj_LelQm3Zcl2YFwej1qCBENIECdBIMpfYO59K6UbmIr4KZT6dl4kkJJQ8Thyi4QlAJYWzublnxEPkKx3dxaSJc2CwYb1sOj_Rt705WGEOqLRYXBWsGzCeeyrg0pzPy7VGp4w2lTtT8cQbHMKxLaXUhugmNy3KK_wKToH3qqB3tcES2jZKDVr4hiqC_yxuGX4tBolY4B3e7EMXVcF4OXoSrgalHPGm5bhIbjbw6Qs4y3dDqHnRMqkrkNvkjv2vVSsfbDNqxvRZA1jYjcXVYec6jUuNDE36KSx4vx4RHLyKv0bRXClt_cDI3I7aU9F2OqeoujzBFRcz1Wq3hiM_Thn2xOuqyROQd0-zn1PH5dlB7mYnfnMxhAwUp5fcAMIi_MIMiQZ2xXs5rYAlBixaEP_iAGrLmXEQV5RiqOG2mvO4s4OVRMylx6y7AqFWVh3iXxFZcWcdUmqIHUSkFXLR9wPGAc_kq-r4_JZ6ZwyMbv9fYUf-Cbo1l7snHMF5rf2jP0U0qtEgN_Iziu9m-RLhOfrrfwmgou6UrX7kVgp2Kq5Qik7JaehNuta1CJTzn8w5c5cUBWQi2G_MmGjDl1fFt4Y6N6hx4lZYX7UlpLVv0WZJUjaj9NHzT8sY13xqEEBNFL3SFNl8uM9FdS9GRf4vJXfADG2LsOkzuBTfXPRmpGc2mPSgIgGMtZGZeHHmFOztS3U8ykpJylLyvk0oh-ja4P3fk6a3JhkGaIlbSzEWnrd8uad5iZ8sKvO5zb41gUA_FqSRt6nGVS-dl4qbL1REMjWwJppw5eq2pUlTZ9dE-Y9E9Nt3o-yQYBjx_cNCZlskz_pDYSCyEuHaayLgvxpuLu1y-IwSTvR6EUqsADyXrJxhkj1rXz7nRKrgc896djLBJzs86HV9X2CAqu2L_i2-r5ueW0lfcZGQB-8_z_nqRl5KJVzcjA-0HvClDvdIs2gFzE5Svt6Vd3NJO2tPC9nwRv1ThlKg2Gu3G07TgFKJFiL6p4vTmt2k1VSGubkboUi6o4AFqlSboUr48NgK0Yu8Jo-U9f1AvCQSXMWCgOpFNF5rvtNkL4M7nzovLqFzYe-uLMxmXj-pXQ817Uh4WpZzGPZqSxBSzBk_VNtQ4dO5cyrVsL81KPOwopw4OZHi_3xpnIpeNXN9v-I01u_Jb3vw-vCWcsJUI3oxSuJRmEEyqLlTsUHtwX7e3pKyHsOqUbO1CV3C19qbKJUKx0m7m2eZJi5DMeHCR3SDDpGuuoYXrIp6fKzeriXJrK-65MzJleTz7X3ovgOiG-mC7nk2iuc3qIYpUCGCaPugdmVlPCJvrQJQrkr7XCB4o3Xc9zHdmGDvUNMvFge2G46aAnVeefzGw6wawAG_9s44FdfmjlRLqn0_ijcIVfVYsjPXvDO_83_o1Df7BUq8r1CSporVTWSePEzfcu6j5ze-5a7zIRzHkNt8xu6oP16tyeYVU5W_oA95k9xiXkHyAT8ooUS1P4f1fKY1oCCPoOJA-qjy6MvkLjGyuINseCS88d2F3HdlS5rnszEzE-0US-Ix1kcg63vuRHFQZz-nAaZULRVi3R911h2Is_La7zmDoMvucT3utTmcPBdPDvuibDI01U5i4xmaqqfOHBrU1-tnSx8Ek6opgKpEI4z_Zh2CXrctjbpQGYIed74rUapsGfkmsFJ5jZJdhxjgp5J2vCxOUT6bng5TWh_w3LslfUmn3W_YNQWW-78k6k1KIB_Zjvicc-RLV38VYcvqYehZuAfS4ZNoLkBrImtwsN5NPV8_hKCH3ONAtqnw1QJzVh15IP0vx-eRldyQCDhujoi7n5S6d9gdgUIei5-q8uLg3Kz4Wo44hUANHNiiPXcoNSLx4RzEBy_loFpCCG9L0omjt4pjlGjBPwfbtT9e5YJ26rxUc0KpUacDd9iUQ2eSh3CZJAW9Vj8bKDF2gwAl7CkAE8QwEQeInu2HDvtqFnqY0zxJnyKOWp1e4IgQr3hTo-4x1WmLcJhQ120c5Q4102abAphyaAFo0wyEP6qvjc_JB3qNQM2kjMq7zwe9I2BBLHgDJraTDeaFm0zHmsBhY0R3Y1_MT5W2LNgoLTIu7L6hZGObfLjQ-f8qaws7JWnNFhtW-54JQQPabrk0dZJyv7nUefj8tD6HeCJQF1cjgH6NKtYO4z1nno7KpfRmtX6a5-pLCNtnHILso1s4QM_CPRh6UWHfYXOlLlfiiA8rE_QjDQ9BFotjc4VYlY4urFGkfL_FuB3IIwOjguF7SzZHORjnx1ooNseWVzQHUqMzzhkd2UK3iQbP9u-U7WxPcY__2fGd7U3f9-AR2MTEORcPd2E7blOeZU5o6Gmou1SBQPI0wNiKAvbjM1n56KW3D0PyV7nB26x3j6c806zzt1ZsjqRGJ5XqtcHWQSJIgY5FSMXZpbEC27rF9EqTs7VBPqq85zqJNFn6sHNvuxosyO5rzCO7sDFErSOtfP-eiaAPpCbERdVTpNAcFnNwfLSXYlDIkxZwGOxp3Y2baJcVCjuyRW90UEzGPZ2UQPoClx9Rl8qdJRV8Z8JbLiyqSFd7mxedftivndigZpHZqlTt-IDnJmW1wk9wPOQRJTagl86nTwbYHlh_CZtj2hZlH9nmsFaTwxYWdUHUWNGYPbJEzajXrYMfHNlN6iOEaDX7QVlkfRC9_SmkFQH_xeV1C58oNmALwFru2pyB1S1CQxq8mKuExd_wdD_J32RroP37K4t8c6PM-e4Wp1TpnYpybJE5aKQgUaPJBoNyX64ebmTUSneJk3OuaxzSfUJAtq76EoOmQ&cid=CAASPeRoXbVSB3p7oZSHSiACc6P0Zz42gq7ACnz5It5Y51v4JyGUrHwLYhSCTe2mttQMPkbe5yKmEYzPYIbeBzY&rfl=1%2Chttps%253A%252F%252Fwww.123greetings.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8676
x-xss-protection: 0
server: cafe
etag: 11618055936852703379
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:30:54 GMT

GET
H3-29 200 300x250_DK_POST.jpg
s0.2mdn.net/8278829/ Frame 1051 48 KB
48 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8278829/300x250_DK_POST.jpg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d38e850f157012f05cd741a35b44683b5fb170e5fd461d52836d28f9bd3597d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:06:03 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Mar 2021 13:43:41 GMT
server: sffe
age: 84584
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48984
x-xss-protection: 0
expires: Fri, 02 Jul 2021 13:06:03 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame 1051 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 16 Jul 2021 12:33:13 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1051 0
24 B 59ms
57ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvc1hKtgvQB18pgq-RsDnHRuyLKgoQYFdeCulRfSuolxzFVlQT-FDshFQGVJ3k5Hz1xJmNpUg1IG26i50_7vfJrEH8sGWhNx87ZqlvEkYtI9gG71mxU1yTF-t3Z0VlxbA253ddQ7EtmcGaG-i9M4g2gmjlJPS5VQ6rkCr7hqhKkFsOhPJ5VZEy5wu0w6JUZjBM-bZtR1ddm707bMzI7Jg-ff_AjBJiknBcOGog6kmLWdTgNlGMwmN5SrGn44ulhAEIVAZ-CmSRHsPrltqVOxwIIiLbtoK-MEJ-3N9qsATJD5l9WQec4A7lzz0A20WDJW88Kz2rcmXNb27JWXRR2rHhkmajC8NIjX1TgHf8sFAo9crTliFRa-jwS6uhqgr1ymXO6OykhvDpYVW96l0QD54K3YauqXcSZ5dRM9DN3MKuV7VjhSIw5laDot7ARoPNKKci-uPkmvEzjWbv-xlKy71a-dbfn9WM1LvuSflRPnyy2Oe6nmWM5CFvzhrDjVYEPWVdpncG0hK0PijAO7eu3ObcmeIKChSihhdbqphDKvBakWJP3GirGCN9KhhhQGSiWkEqjsrANs0VSA3J1oPhQtz21gKAlOcGZPjC0L-y10Y5yXzh9bYZ6JCTb-0qBEvTFwy1F1TkaWRQsaeUZMgYwomeyIizS3trp-eCsdb9XHUdY532iI3NaCWjT2goI4Mar3aMTWbNQlNdU-ESeuncSriz1pDXR9rGTpYh6-8N8mjA-cSv_TQq5ieGMct9grnz1wDgUi-TDSTjgYi2ItGdTvsOiGZKL8e8kpahc7HcWYF3SUMgvvABWiLupDKkn-d9Yv577W0lQkrydDEuIh42QmYk3Ub3NOoOb1-1gcF8AT-Xt3-t3A4BD20b-7xfVufPs09QmSxMhxB0p13PjZnxNMy2Blc5igeeeeahduniXx8ozW0fllQmhg4qWJxBbVcvJ2cwwRBKhH6fOylnGC2BtsuK9sX5ynglfePWhAJuBE4-qcUHRi1sODiZumaL6BZZiCxc8wf2LSFR7SdZgXFIQ39gJ8ZUKDGDUpMnNSO-asDkZMiUHK4DqJfBheiHcYmTc7PzXkaZ0TZi3LJrmcZc8HhNhy_KCA4GiSt9Basr0c-Mn74gmXSZaaF02KP7sKkEZGMx6Vb-16yafTiHr2oAJojBgizBoxkio0J3A4jEiDzz9nMaN6DUcNjU9FvQT_W5j&sai=AMfl-YSbk2HEJFv5jEpmGXHC4Xc6byUpsA5c8Q1lzHyr4F2gtc5e_TkTPFMrTEmDCcjd3r6LMGTww4hNA3GGo4dMUhSjEeSyMmiXXvHt09Y8xIB3hWNfQv0bx-otK-0BfwQsoWc4nsAPAIcPKQ9awAzEjFZ9l_JJH_v7p0pCRF2J6AkxaCpNt9LhHH2_Kze1LEVAlsCrCHsL0F5eoGdVy9cTzy11ajmwKKLcp0KUWn6-5A&sig=Cg0ArKJSzDrWZGW4Eb6gEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210624.55933&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 02 Jul 2021 12:35:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1051 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Jul 2022 12:22:46 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2EF7 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 16:31:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Jul 2021 16:31:23 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2EF7 26 KB
10 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 20:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 02 Jul 2021 20:19:58 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 2EF7 95 KB
33 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Jul 2022 12:14:39 GMT

GET
H3-29 200 main.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/css/ Frame 2EF7 32 KB
5 KB 9ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/css/main.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a6c2c2a049a265b59c27db0857cbb9aa6110f490c8fef05edcb4285b3ecc55b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 117656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5447
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 14:27:17 GMT
server: sffe
date: Thu, 01 Jul 2021 03:54:51 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 03:54:51 GMT

GET
H3-29 200 tweenlite_1.18.0_56fa823cfbbef1c2f4d4346f0f0e6c3c_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2EF7 26 KB
9 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenlite_1.18.0_56fa823cfbbef1c2f4d4346f0f0e6c3c_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9412
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:01:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:35:47 GMT

GET
H3-29 200 timelinelite_1.19.0_13e3bd0e510d63fd5e5ef9bf9dac7017_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2EF7 12 KB
4 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/timelinelite_1.19.0_13e3bd0e510d63fd5e5ef9bf9dac7017_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

828dccecbed3923d1c46d5cd052cc0fe2b1ab964f37755cdc542224bdb5a6258

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4215
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:35:47 GMT

GET
H3-29 200 easepack_1.18.0_ed5816e732515f56d96a67f6a2a15ccb_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2EF7 5 KB
2 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_1.18.0_ed5816e732515f56d96a67f6a2a15ccb_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1956
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:35:47 GMT

GET
H3-29 200 cssplugin_1.18.0_71489205621d46cbe88348eeb8fe493f_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 2EF7 38 KB
15 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/cssplugin_1.18.0_71489205621d46cbe88348eeb8fe493f_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15196
x-xss-protection: 0
last-modified: Fri, 09 Oct 2015 14:02:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Jul 2021 12:35:47 GMT

GET
H3-29 200 set_offer_type.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/js/ Frame 2EF7 49 KB
5 KB 11ms
9ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/js/set_offer_type.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcd34ab1db0c2cab8415ed6fa8076e670746255ed9568db9299afd5bc8f38c9a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 117656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5537
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 14:27:17 GMT
server: sffe
date: Thu, 01 Jul 2021 03:54:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 03:54:51 GMT

GET
H3-29 200 check_banner.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/js/ Frame 2EF7 50 KB
13 KB 12ms
10ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/js/check_banner.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbfa0d1b06d632c5e883f1067c1bda42b7160e210c6276eb7fb0119cb990eda9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 117656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13452
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 14:27:17 GMT
server: sffe
date: Thu, 01 Jul 2021 03:54:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 03:54:51 GMT

GET
H3-29 200 load_data.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/js/ Frame 2EF7 5 KB
1 KB 13ms
11ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/js/load_data.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90bb654ca53379330d26998780caf1acb2ddbb53d68075f409fdf70b45ca1b8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 117656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1451
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 14:27:17 GMT
server: sffe
date: Thu, 01 Jul 2021 03:54:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 03:54:51 GMT

GET
H3-29 200 mustache_2.3.2.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/js/ Frame 2EF7 13 KB
3 KB 11ms
10ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/js/mustache_2.3.2.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b99c62d69deeca674a75f363fe8939cb23b77906b134113cae68f38e28662d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 117656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3260
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 14:27:17 GMT
server: sffe
date: Thu, 01 Jul 2021 03:54:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 03:54:51 GMT

GET
H3-29 200 banner_data.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/js/ Frame 2EF7 2 KB
823 B 15ms
14ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/js/banner_data.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b728fb1563c6fed8cda251748f0b4327917730b040c1f81c20c71ccccc52b316

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 117656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 790
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 14:27:17 GMT
server: sffe
date: Thu, 01 Jul 2021 03:54:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 03:54:51 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CC21 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0y2nrEvmTHO5LiSB8R4rdhELnNAhf6v4sn4_-CEs6tsr6DiWy-C1Qcb32fB4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 02 Jul 2021 11:57:41 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7DBB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0ddaf11ff75394d4a9af6b50945ff439994bd25b7a43b961ad5a4cc235ae0a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1051 0
23 B 47ms
47ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 3BAD 123 B
1 KB 185ms
185ms XHR
application/json 54.187.161.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.161.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-161-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

d45072a60a2c7721ef109a09efb30a2c5f513c1c746285b6ae62627f6b68f602

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Origin
content-length: 123
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Fri, 02 Jul 2021 12:35:48 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 595ms
184ms Preflight 54.187.161.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

54.187.161.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-161-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Jul 2021 12:35:47 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 1B85 123 B
1 KB 185ms
184ms XHR
application/json 54.187.161.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.161.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-161-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

d45072a60a2c7721ef109a09efb30a2c5f513c1c746285b6ae62627f6b68f602

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Origin
content-length: 123
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Fri, 02 Jul 2021 12:35:48 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 591ms
184ms Preflight 54.187.161.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

54.187.161.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-161-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Jul 2021 12:35:47 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B928 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 02 Jul 2021 12:22:47 GMT
expires: Sat, 02 Jul 2022 12:22:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 780
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css2
fonts.googleapis.com/ Frame 2EF7 5 KB
628 B 28ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;800&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

359751b50d1390642a651278f1844250baf6d63ca166863d29cf8c27d8c87f74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Jul 2021 10:58:13 GMT
server: ESF
date: Fri, 02 Jul 2021 12:35:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Jul 2021 12:35:47 GMT

GET
H3-29 200 Coop_FAKTA.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/assets/ Frame 2EF7 5 KB
2 KB 7ms
7ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/assets/Coop_FAKTA.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a8202596dc4870b64efd30fbca7d8961aa8a47885e1f565191b7302f61b7f0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 117656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2177
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 14:27:17 GMT
server: sffe
date: Thu, 01 Jul 2021 03:54:51 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 03:54:51 GMT

GET
H3-29 200 newsletter_cover.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/assets/ Frame 2EF7 38 KB
38 KB 8ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/assets/newsletter_cover.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97f655508b03a3eebb5c1a281e563e5f9c92080f901ef1051f18f53ebc1818b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 117656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39218
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 14:27:17 GMT
server: sffe
date: Thu, 01 Jul 2021 03:54:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 03:54:51 GMT

GET
H3-29 200 260x110.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/assets/ Frame 2EF7 19 KB
19 KB 9ms
9ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/assets/260x110.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7227308453062012376/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eaa3eb5f031297bf6a39a0f66aca3ee4498151b3ab7b836529749a3e7fb00f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 117656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19929
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 14:27:17 GMT
server: sffe
date: Thu, 01 Jul 2021 03:54:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Jul 2022 03:54:51 GMT

GET
DATA 200
OK truncated
/ Frame 1051 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 280f347ae8b3cf87d7d72e713f6548a4d7bb13089328c41973b76245895d7dc1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 2EF7 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;800&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 19:47:59 GMT
x-content-type-options: nosniff
age: 233268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19440
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 19:47:59 GMT

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame 2EF7 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;800&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 02:22:03 GMT
x-content-type-options: nosniff
age: 209624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 02:22:03 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 259F 0
0 78ms
77ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPQGBN6cYSfcvM2AYQADC2PONrs4G3U6pT-I7GneAlqUHoY8aEXIkKLo7JKvMeuIavHoWCeVbcizGnUFSgvTr1ZByR8-yfDWeBPytKS4moOB_lgtg72CjfK59whsIRcRbwOGtdC0MZaKVnbs6tcHkXo-Iv802tiPXJlAzGI4oCXt2Xf09YGQyLNl8boFb4kBCOOyV4RZkbigwccgXZEkpy89JVJZBCbr51uG4rUYGOYSCb_AX43WioMjW3VGrtdr2V2Cd8XM_HLxAmiOswpkneCPyIF3-qb44Q-CCoJt8hPEAow4WN93iLNK6MD7a5E3Sgc58bNwkWssmkX3c&sig=Cg0ArKJSzKiwVJzubgaqEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 02 Jul 2021 12:35:47 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 259F 10 KB
8 KB 28ms
27ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210630&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1&bust=exp%3D31061746

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0871dd90183c59d871b16842859fd3551f9e529059740a19d7ff445181cf781

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7992
x-xss-protection: 0

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F6B 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 20:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 20:52:06 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 602C 0
0 77ms
77ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdQjZZjxkvi3o7Ezer3kOrrK9UEGACBJm7SqEx2GrVO5fuzekagYKZgt8RVuFipMpxRAjw2Q590T3Bv1EkbaeeTC9nNvHLskL3AyYcGjF6FLVI4x89acrEhQ6r6Kmt1qDR4dLsEBh6195LAMOiin1sKdXCW0DaOng-43Aln6g09DlQxA1M9F-aK3xknmaLcmfXBJVpgJEpSa3OVRaPfr6sOp443SfhEW1ouI0Y759Pxb1vR730n6L8ikYxK_3QJcqRR1poZl96Zq72yV8IaD9-QX6FqOW9mm-xNdkIOQv1IXkCZdxoDh3L03fY2cB2pGP24oU5taEkTalD&sig=Cg0ArKJSzDWZIePtUgljEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 02 Jul 2021 12:35:47 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 602C 11 KB
8 KB 24ms
23ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210630&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b78591a83841e0284936d78ec61ac91e83a9149da21977e3ade0bd0eaa7de8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8427
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 259F 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1&bust=exp%3D31061746

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:47 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CC21
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
URL: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl0y2nrEvmTHO5LiSB8R4rdhELnNAhf6v4sn4_-CEs6tsr6DiWy-C1Qcb32fB4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Jul 2021 12:35:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 02-Jul-2021 13:35:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Jul 2021 12:35:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Jul 2021 12:35:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 602C 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:47 GMT

GET
H3-29 200 mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js Show response
pagead2.googlesyndication.com/bg/ Frame B928 14 KB
6 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mGzIkP9MbilhhXayH-4FXVj5Hth0Auc0RFP8Od1UZbs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 20:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5744
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 20:52:06 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9C19 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 02 Jul 2021 12:23:33 GMT
expires: Sat, 02 Jul 2022 12:23:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 60F3 783 B
531 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b41d1a89a6904902f5b502584f534ce8ba311702e594c1b82a959f1344faaed8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-15nnANvTUXx4Zm+urb1S+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

expires: Fri, 02 Jul 2021 12:35:47 GMT
date: Fri, 02 Jul 2021 12:35:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-15nnANvTUXx4Zm+urb1S+w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 895A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 02 Jul 2021 12:23:33 GMT
expires: Sat, 02 Jul 2022 12:23:33 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 35B3 783 B
532 B 17ms
16ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6182713de81975db6566576b1a1fb45b89846260ef8ac7991676fbee232a6d1c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bQMN6OI5r77b8iDDYwaPnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

expires: Fri, 02 Jul 2021 12:35:47 GMT
date: Fri, 02 Jul 2021 12:35:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-bQMN6OI5r77b8iDDYwaPnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C19 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 10:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Jul 2022 10:49:49 GMT

GET
H3-29 200 kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 895A 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/kF2K4sh9HdHIDrROKsI7y_qgmnXrjcnba3wRAkJ4jaQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 10:49:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13211
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Jul 2022 10:49:49 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AD78 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCkQEstrYy2uTp9qLp811BO-kiBrgWzg6Z_Zq6LY-RhYOonlmZoAn49t4XWQQgo27OG64dmtHpAFlKMSi9xMjLBxPuDdlIuUrq3KgEpeMr-f2NlgEQ&sig=Cg0ArKJSzI0w1xFsN4kOEAE&id=lidar2&mcvt=1013&p=1141,635,1142,636&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20210630&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1067160403&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625229346356&rpt=0&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F6B 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOO04IgjfYL7_DZWG3wO5jLaQDAAAAAA4AeAEAg&bg=!KimlKW3NAAYo4NJEKOA7ACkAdvg8WgfX2Ku-d7HFQ4TDvaBctdafqDoz-opV2A_7Yl0mQaqWQK-qJwIAAAE7UgAAAC9oAQeZAr18oBZUxdx3f0drouvtIUURKuWSaSw8KKg4s5Erq2WMb6kh7MBOG1CDhJkZSG99yID-3gfnQ6k4olPPyPt9DGGfvKeMGPvvRQcaM-xGA33gN0hlnjeOm55VjTNWmoo2H2ENVr8nII54ICFp220nGMjjnZhazTuj5id2_HYwHFaZd6Yj9p6jXTD5yC8skBGrpTg3ym_4QXSFFrstFrFC1RUb8DKgHHudUUgZmNL7RagBxu_SXy1rCIldHDjhlH-vq4X1JR_96goEeKIZRIOxtgsCf3N0dTRrX32zuSbwyNOmm0hL6HGeY7JxHehEwDD4LTNiTr0JCsym9PLkoO5PR0Cuha-hhJRsZWmfH8n4vdkNZWHTnRAGOjijLrihboaxvi-QFVvJzO6_JPZp5MKsTBjIaJ2lc2r4twAYhmJiQX0xFUmVf5JdxQqjCgbzdjA23__GYLe6mTBxIt6VOKA_pUORceQs3iQnS4l6H1HFdanzqnaiBwmg7-0WCQ12bZ92swBllZIvlAnhHvM4RfMB15UN3vaGMBLyz-DEewX8kTVQ5vpuZlR6kDefACZD_WgddlWIbeYlE9qo2BS95YpyJFd3CtdyubulwBqCeiVEkSVVYLc-IW5NxpmuKVAbcMuxQ1URX8azqMdqzcKS88OZTgFJ2HpA2LFJoMNH23u8Lf-5N1QIR2pMzzqFUcomi3XFMxLC2cV6Z_rPN4U04NElWyZtyjB9Ej1D78QXokRF25XYftlLXRTsSgm3GL2HBG8zGNhgSex6fDSGGGrTLmlUnByH99x9D2XhbNFBkfFyGSUMRpGHIQykLzZx6b4m4sMPfzdOYQhXoDpVmGasIDQNShLDgpf3UCU0yf6h3eQ1qJj2WT_7oefTptv6MRqzsf5ML8kgoL9PQ7RBqwAKZII0BkH_lO2e-6_hMV2QUeT1kg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B928 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BIKB8IgjfYMioL7WprATl2a7oBwAAAAA4AeAEAg&bg=!urmluf3NAAYo4NJEKOA7ACkAdvg8Wr4yCBnhe0Yyb5DveKb5AyFg935RM0N65ei4KZ0MPN7o1OGzgQIAAAFSUgAAADJoAQeZArjRITa33063g8z_mNJXjIz2YlWiYDuEJFX7dJNMUhdW8xecLQKt6hR-kMY9SuzRqOECS3TzawROJkRKzQnCus5paoGcF5GFsdUWJcyV4kry-GM7y6ONFHlMz9hneB060ew835ROBZUX8cUqVC42aAur4C97oRPQ2s975NTE65twuArWyeS4hPf6ulLuBGv-1kcetoiE2aR7rDZPihLk5yeIGZJTWMtXO4YCC5SyJ3yH42KbNmbsPmTPfClch9TFkKXS5nh_BY3gtU__0Q0-oTldOAoi8knumMBLTaZb8KrqTaqggvcqgfsgti-9F0jBJID_ypMTfI55rDUxMyvR0UgZBrCK7vIB8liChdUZ1gAL0e_D4kyged_gIhduWurhzLSfADn-AxFU_VYq_MQ_Fbf3zrfwy5Fnlwq9HCbG3RGYzYU4Wu9NU4JFZTx2CHly_O4LHs3P1QJUlzjzfLPuSGL5wbi-JeKHkTyPHr4nDyiqBvD0Bcwdku9MTkL1qtb-OCk5XOvaPb3GvL5NY_9v3rjB5YVctN1L_8FYSGf3jPqAjJzFpPmdeLbq6toNPMxmW7rIQeeOYsRFkVGx7Ib4qwkNE1ut_2RkzbkkMxohn9WyRqXjPMi39YVSPrSOVXlZETCP8FreY3alQ39aDnlrM4TaXpYy4p9K-dv6HSbVlswFeT_fr45hO55d5gBpqFB2fm9_RlkyqFh28gAs_EElA2wnRYFYtwXZ8-AIWKTIOFE6YLp1Wr_mrxeQVRRQKSyZuie-AVER2MehtIJz0eCUQs5SxVl38X00Lqw-Wfr_21Q1Sr7_LL5CXVbwW7EmMKCifxkL-GzkkJusGr1JaM2bKTfx3v8YoZMQdY6hRatsyW0xkz_B2HkExe1O87jQtV2LvvuQMPET-d2rJhHqzJluNkWrZzJXRyrq7s4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D52B 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9_lHYXqCLCHq1Y6lvvLLr4xiXZPFfbh_3ePvBWSDXx3bI_GzeHsdvj3rKGBCp1KiGH3tyliG4Ly-v1WGfbya8opZHiVx7Q1hR2LK_CGjfqAZce2rqLrLjww02yw&sai=AMfl-YSY5_laSC79eL9SeofnUMYmVbZfejabTToJeOa8PfRwf5qVjwN4JxNdEK3Zmd_HayCQW7KHvkdZFI6WdlSukfv-yX-dm9I83FktjaNH5eytyjdpaJMdPN6d5eg&sig=Cg0ArKJSzGs8tTWBvvRkEAE&cid=CAASPeRom320IBG-6PqwjZnQL_qosRuDnm0iOMu_eDQ-GR973IcSHmo75sQaOdMylXHsahcA-neYehb8_BBuhso&id=lidar2&mcvt=1014&p=47,560,141,1288&mtos=0,1014,1014,1014,1014&tos=0,1014,0,0,0&v=20210630&bin=7&avms=nio&bs=0,0&mc=0.95&if=1&app=0&itpl=20&adk=2102598028&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625229346187&dlt=21&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 259F 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210630&jk=2053276905149562&bg=!g4ClgMTNAAbV4AdB1eA7ACkAdvg8WuVqKBarVjbw46sClrLscLWHlwruMP_RA1M9aj6A5f92X8NO-wIAAAE0UgAAAA1oAQcKAMlMKDTDZPlTWX93Vk37FnQM8UPEtz7G9yKHeZIETIAztPAp27H2rJZ8pjThvbKCS146w4-4I4jHZ-gZhrIGUaEkusQ9VfC6F386HVIW7y_WxKEGxyULVYj87waXFVfvcEMAvRfa1Qf5g_4Kr7NJyEhAnnrOAkcGUwxf9WZTeT-HO5YvIyXMqi-DeXRYY0W-GG2sUwtPr9c_dAlkRCnlrUx_OIn6Ey0h7T3jgCkEq8ey1h_QakTzPHAPSIFq1Eo06QUJlZUvA_XsS_eZApultpaw7qvZcVqeOs65PSw-TjEF1ilIEAlWEeS_IcLN988q5EeMiTUuU3iLZJJluST7acGW7mS4W26dT2mGtNMi2RZQic2gSFE6CCmASHTT_mFEre8gUiqgK0H3Gb3Liod4A4yO4FAIgiIcamOH0uffBN9Lf40LQ0u4vY95XRsFdorvxzaVYa-Scavmxg3bgrGLPQ4ZRAMWOXh9kTr-vmT6y96TghRGZFvCj8ltesg8d82z6zzEpqS8z9lrdevvGI0lZmGQzzGdmAKlJdVmnNTi2z4-uZGpfwuezhOHGNll1VMBm_hui3cXe5EczA28OTiAEnZ55ig8oWucLog9SDvubDNdyzx02hyRWjjUrEE9Ox6l-PlY9h3ba6z614qvjsUmGaA5WwkyVVtFhaMQ30_f1nZ53fxgnyOYN_Wkw6Qo8rR6xU-7VVX9AY-JeQPF3EAy7TCnvgD5D1D19_3yMdHvvodwLpd1AuO1uzuKQCZvP8khlHlKPuwVNrDTvvNGVXmQxD6nyXxPftPwGywpLYZN1ESKF9_2jmoKHSA6W6tnHKBxcFA1TNcaCwcVGCKo8zYBjbIozJFSy8lOPiqfoGnKOiudvSoEggDuQgEZ6Vjz6be1wgw1ghp8HaqRpiX-o0ml3xeatQAuDZH8DRfQ5jUooCdKKFPAO68PNM-WuEl4cDDlTxiyaCV5Zrkmbt5T05LImN0tih4IC0oM8nFyI0BIimHdto-uWHmYqo6dL82qOyCMzzkGuslMV9E9sjLUKTTILmUXCTqwLNMJ-rQWKJ6pqZf3ObOav11pK1LNY3IWWGruRiS7robV2YCeYWWcctkR4HBCtlIUjExdcLtD6qgA5OwlYlklKwtxbqYP6BNh8B4wG2AvoxwOuGfg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 602C 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210630&jk=2152110369479025&bg=!8_Cl8LTNAAbV4AdB1eA7ACkAdvg8WvrYX6x615z3mTLwcaK3KP93J0SlUWjqXIF6W_b_fl3I3SesngIAAAEkUgAAAA5oAQeZApK3aHAcENoPJtmuoc0XHynBl4kMIoL6-NDEo2XtRTYPzNmPLqieVv0Ayj0hRu6WrawK6e3Raw0MsVV_rVMd9e1R2g6qhw8ZCIwy5W0riPAwjF43Z5hDPWKtK93t0OVtfqQLQM9z11OuOOy2o-mn6bZMUrFk7zXD0EJhbtcVIWRSYwRqsUan5l-Nqsap41BAjIk-TUn5UR_HH0D9MXoccTtb-9vE3DObKGxe-8-FysJzQ4DZJyBrkavlNgevEp93TXC7kFjsWByQa6B6FjJ1VwS884Lm4bj-H7iNIb5pXvamz15NClU6yBwiQG80kUSARr7eHiAg2OAsE9VINrujXFBDiSGf8kQJSZz0vtzEAO3kWbSOrCxtP2VKvup0Up8j_h9dK2Pvg_7y7qA1064A7677ib_kvVVFnYJErFBgIr4mFhFfsrF-PSSplMrEemwrbNVWRUs8J-Mvw4sdQ7hOS5JgcDRy_-MDBsS6tbMK6m6vCS0NVtP67bNujMSt7iCP54YSYP-QFuJrOlVAm73EaWBbgRQm-4pe2d3batjt0Xg6OgtpgtlHwPGQTCOf_Ln8AsNEQxXCyvfb9OSw8dbkklyQbaVJ7XAjTTomnaOGTkxUuHQURtMK7ciIK0tMyi8fgGYEv0978V7z8ZzjuDVwyTKXT3bumb5foT_qd21nNEYrQJer5wqoKP4SLx3952fE3_vkvDPBZ40ohKVcJIicMeoe4eC9xeMnYhxfs0CG7oPk6zjlcb52HV3FxUghsDPMEC2LMkjJ7CklSWAY_X-YtkB56jmxyJD1EgMcUWOomOXscIpGVi0oRPn6Ep5yfc_odeaeIYiaDzhwyBoQTZlZWnWIMiB7Ytb4v4prLikjKJUao6O5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ Frame AD78 130 KB
39 KB 11ms
10ms Script
application/javascript 2600:9000:20eb:400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 166c5de79efdf94ced1c9abd50e0cb4b3278cb4410133ff4e8c3bd15c18e9bdb

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 11:21:44 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 07:10:16 GMT
server: AmazonS3
age: 4445
etag: W/"1f4134e527ebf9ae891ccfe2e20498e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: EtLx_Mb6KA_koCyqFUeTGTwMiQMG7foO
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: gjRUPER7twwh-AKTrDz_4q32kI-jpDE7g0QaSlARZgRiqFFtuyr3zw==

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ Frame B227 130 KB
39 KB 12ms
11ms Script
application/javascript 2600:9000:20eb:400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca969135a24d8321369b63ab1acd675d458f5ded6b28d68666f701f37fdbd0e6

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 16:42:25 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 08:31:37 GMT
server: AmazonS3
age: 71604
etag: W/"0b5bd80b427e52621f773a07fc4116fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: V_ZlXg2IsjG_9VoG0qHaSdn6j_1zJz6F
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: rX2_4O6wd7OIOFxEpLfg_e0fLwOr0asEU-PTvAssBmyRh8Sp59PWPw==

GET
H2 200 video-loader2-cr.js Show response
cdn.avantisvideo.com/js/ 130 KB
39 KB 8ms
7ms Script
application/javascript 2600:9000:20eb:400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 166c5de79efdf94ced1c9abd50e0cb4b3278cb4410133ff4e8c3bd15c18e9bdb

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 11:21:44 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 07:10:16 GMT
server: AmazonS3
age: 4445
etag: W/"1f4134e527ebf9ae891ccfe2e20498e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: EtLx_Mb6KA_koCyqFUeTGTwMiQMG7foO
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: kayqeSRAqiFq1fPfOc-CturEq1P1awFD_sQ53c-8xaZjwYV2omfkNQ==

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 130 KB
39 KB 13ms
13ms Script
application/javascript 2600:9000:20eb:400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca969135a24d8321369b63ab1acd675d458f5ded6b28d68666f701f37fdbd0e6

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 16:42:25 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 08:31:37 GMT
server: AmazonS3
age: 71604
etag: W/"0b5bd80b427e52621f773a07fc4116fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: V_ZlXg2IsjG_9VoG0qHaSdn6j_1zJz6F
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-type: application/javascript
x-amz-cf-id: 37Y4nMudUdRvtyMKNjncGa3vgKYdC1F0tsPXjP_aDzDo_biadTMRfw==

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 86FE 42 KB
15 KB 13ms
12ms Document
text/html 2600:9000:20eb:400:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method: GET
:authority: cdn1.avantisvideo.com
:scheme: https
:path: /connect/u_d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

content-type: text/html
last-modified: Tue, 30 Mar 2021 10:01:49 GMT
x-amz-version-id: Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Jul 2021 09:24:07 GMT
etag: W/"f5694815436f3e426c35d9ae8274ad04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 0v7t7M1L-j4MqEaxW9piSp11gqhqTXY_I3oxMYXTLTOWqgfig4wynA==
age: 11502

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 183ms
183ms Preflight 54.187.161.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Server

54.187.161.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-161-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://cdn1.avantisvideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Jul 2021 12:35:48 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 86FE 123 B
1 KB 184ms
184ms XHR
application/json 54.187.161.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.161.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-161-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

d45072a60a2c7721ef109a09efb30a2c5f513c1c746285b6ae62627f6b68f602

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Origin
content-length: 123
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Fri, 02 Jul 2021 12:35:48 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7DBB 42 B
64 B 16ms
16ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjEpbipWxzRh3rrmg5WQeCjRSdTiRIjg5RYW_YT0lmcGFBR60dpJ2fZVTdYq4zVlDd1xirLpEHDq1nh-Gbg1LlviR2eKFqWc16Ak8tjlHi82M_LMl85uMarY-ykw&sai=AMfl-YTtHKfsW3FhHvuo6RVKG-rSEsx4P_igOVxb1eOobJ-EL5pXW_dvktWjwdh0slMuwz9ChKrM96M_FGzONzp-r37ji618g4zwkOb-HgJsErM9UsHMy_pECGutT58&sig=Cg0ArKJSzBB8tBkXa4j-EAE&cid=CAASPeRo9DLMxTds7FcUzXC4cxqa0BjDCYr3iwSkAqtGVsKRc4L9l0shcnJ_c6X95v6KDFX3u4eRz1rvvAQQKKQ&id=lidar2&mcvt=1000&p=236,970,486,1270&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210630&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3104929529&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625229346313&dlt=58&rpt=39&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1051 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsut5__i90V8SDTQO2gPxsqUlOOa-sgh06gvlOxdd_yYmp-zEVRBoMJZBKN9_fIL1OT8DYgaQVWEjX3l_XVZzA2ZlmpyHTm6bI6b34I7hOCxBZHhbZG6a2pIDHA9_A&sai=AMfl-YRf6Z0ASFLD0Kp6s-N5MJSX_93VOR6B4Ey0gUKreHClw80tElp3rjB-BX7rnHaqNCy34cv1XssZeqQbrzuSQMs2zbkoH9WF7zhxf-Xul9xIfTp_vv9L55OBFmw&sig=Cg0ArKJSzOuXfXQsXpCHEAE&cid=CAASPeRoXbVSB3p7oZSHSiACc6P0Zz42gq7ACnz5It5Y51v4JyGUrHwLYhSCTe2mttQMPkbe5yKmEYzPYIbeBzY&id=lidar2&mcvt=1000&p=518,970,772,1270&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210630&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2048228011&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625229346353&dlt=24&rpt=0&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 generate
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/ Frame 0
0 184ms
184ms Preflight 54.187.161.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate?subId=rcvr_event&browser=chrome&utm=rcvr_event&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&eu=true&country=DK&hour=14

Protocol

Server

54.187.161.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-161-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 02 Jul 2021 12:35:48 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
vary: Origin
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 589ms
191ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT

GET
H2 200 generate Show response
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/ 2 KB
3 KB 237ms
236ms XHR
application/json 54.187.161.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.187.161.230 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-187-161-230.us-west-2.compute.amazonaws.com

Software

Resource Hash

95d45218561067337bcad11f0cf104571bc37037dad5ad0cc8dbb6ed097857c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Origin
content-length: 1827
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Fri, 02 Jul 2021 12:35:48 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
739 B 21ms
7ms Script
text/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:49 GMT
X-GUploader-UploadID: ABg5-UzuRsLKTUnE2j8TsFca2KTLvRt8NxnctG4I2-AHPJ54zUAh9bpPAQfezSx8RQX9PoHELvXaxJL-R91NukoaSB8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 02 Jul 2021 13:05:49 GMT

GET
H2 200 aniview.js Show response
player.aniview.com/script/6.1/ 25 KB
9 KB 26ms
7ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/aniview.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 809b4c0685581f80e57351f1d4e5ae1baf7b672e97d5bfe8325baa350ddebfab

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UwOFWEQJDiQmS79QkKUO5Jevzg3jqvkf8xu1cDo7IyNQph4vsrweofJd4JqnGAVyKmSyp3k0CUnWVlMlrhcvudn3_BWBA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 9069
last-modified: Wed, 23 Jun 2021 10:49:00 GMT
server: UploadServer
etag: "effe8bd6cd9245f8e164046f6f201761"
vary: Accept-Encoding
x-goog-hash: crc32c=xICmIA==, md5=7/6L1s2SRfjhZARvbyAXYQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1624445340849738
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 9069
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 02 Jul 2021 12:40:49 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame DB0D 340 KB
97 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 319cd584d0eafd2b782b2fcd8919d64b7a57286abb0be4dbb7e5b725ce235ef3

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UwTNI0an_DGLQMYS_SwESsQydFP9ZHijkwIsdr16wjQ-s5BDeHI_xFe91LnSla2eIMTRulwXiwslzsL-MseAzE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 98488
last-modified: Wed, 23 Jun 2021 10:48:36 GMT
server: UploadServer
etag: "bce4cecf47b100649e3194bf47af330f"
vary: Accept-Encoding
x-goog-hash: crc32c=yl+Wtg==, md5=vOTOz0exAGSeMZS/R68zDw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1624445316505787
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 98488
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 02 Jul 2021 12:40:49 GMT

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame A250 340 KB
97 KB 13ms
13ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 319cd584d0eafd2b782b2fcd8919d64b7a57286abb0be4dbb7e5b725ce235ef3

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UwTNI0an_DGLQMYS_SwESsQydFP9ZHijkwIsdr16wjQ-s5BDeHI_xFe91LnSla2eIMTRulwXiwslzsL-MseAzE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 98488
last-modified: Wed, 23 Jun 2021 10:48:36 GMT
server: UploadServer
etag: "bce4cecf47b100649e3194bf47af330f"
vary: Accept-Encoding
x-goog-hash: crc32c=yl+Wtg==, md5=vOTOz0exAGSeMZS/R68zDw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1624445316505787
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 98488
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 02 Jul 2021 12:40:49 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 376ms
120ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.123greetings.com&sn=rcvr_event&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5e5bd1f528a0610dd725f7d8&stagid=&stplid=&e=inventory&vi=100&cb=1625229349200
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
71 B 362ms
119ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.123greetings.com&sn=rcvr_event&ic=0&tgt=0&app=&wi=600&he=338&test=&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5ec3e3871f5e5c792c20f9f7&stagid=&stplid=&e=inventory&vi=100&cb=1625229349213
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 9 KB
2 KB 374ms
126ms XHR
application/json 52.206.107.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&AV_SUBID=rcvr_event&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&format=json&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=349199&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1625229349217
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.107.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-107-130.compute-1.amazonaws.com
Software: /
Resource Hash: 02e3678eb9e29f623e9cffc32c3e29dbe74d8aa8eaac88892c6f2944b4e1bd6c

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Sun, 20 Jun 2021 22:49:09 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 192ms
191ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 9 KB
2 KB 368ms
128ms XHR
application/json 52.206.107.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&AV_SUBID=rcvr_event&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5ec3e3871f5e5c792c20f9f7&format=json&tgt=0&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=349212&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1625229349225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.107.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-107-130.compute-1.amazonaws.com
Software: /
Resource Hash: 6e8e910a6de59bda6f47948462a8b2f06d5a3564d173665dc76fd9141f763364

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Sun, 20 Jun 2021 22:49:09 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 192ms
192ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame A5BE
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625229349531-961878530252-026334-009-001799%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1625229349531-961878530252-026334-009-001799%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1625229349531-961878530252-026334-009-001799&biddername=55&key=6095723843533412490

0
215 B

292ms
120ms

Document
text/plain

52.45.125.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1625229349531-961878530252-026334-009-001799&biddername=55&key=6095723843533412490
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.125.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-125-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1625229349531-961878530252-026334-009-001799&biddername=55&key=6095723843533412490
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1625229349532-952312090252-027726-011-002602
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-length: 0
set-cookie: 2_C_55=6095723843533412490; Path=/; Domain=aniview.com; Expires=Sat, 03 Jul 2021 12:35:50 GMT; Secure; SameSite=None 2_C_55=6095723843533412490; Path=/; Expires=Sat, 03 Jul 2021 12:35:50 GMT; Secure; SameSite=None

Redirect headers

Server: nginx/1.17.9
Date: Fri, 02 Jul 2021 12:35:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1625229349531-961878530252-026334-009-001799&biddername=55&key=6095723843533412490
AN-X-Request-Uuid: 14c69ae1-c5e7-4f72-b630-c50dbc21bc89
Set-Cookie: uuid2=6095723843533412490; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 30-Sep-2021 12:35:49 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
767 B 108ms
39ms XHR
application/xml 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&us_privacy=1---&cbb=5229349599&imp_id=ad610781-fd92-442e-ba5d-dd981f0883e2

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:49 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6ebf4f29-d0a7-410d-82a5-e03893630aab
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame DB0D 282 KB
89 KB 12ms
12ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 14fc395ad49ae416330b86596c58cfa774d3910503b94a25c51743a35a5a6288

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uzafgk_GO4dFGROVh7LPv-FSozRh2vSB7IEzxqzK1IPQtg-KxbJ-JoseY5TTfXcgpFabV-1n8M8XtvabWbHZ9HcAh_dNg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 90379
last-modified: Wed, 23 Jun 2021 10:47:56 GMT
server: UploadServer
etag: "cddb29ba1fbe753fa70d0a2f6004ba8c"
vary: Accept-Encoding
x-goog-hash: crc32c=/c9QSQ==, md5=zdspuh++dT+nDQovYAS6jA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1624445276759644
access-control-expose-headers: Content-Type
cache-control: no-transform, max-age=300
x-goog-stored-content-length: 90379
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 02 Jul 2021 12:40:49 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1625229349602&asid=606f23475c1ec675f91be5cb%2C6074a0acc740df34f540bda9%2C60dee97c67a5077093613604%2C5e9030afdc817965520eb855%2C608e90cf34acc10fb7767e4a&ofpr=%2C%2C%2C%2C0.52&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 4133
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1625229349532-952312090252-027726-011-002602%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1625229349532-952312090252-027726-011-002602%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1625229349532-952312090252-027726-011-002602&biddername=55&key=5620853209467275555

0
216 B

367ms
119ms

Document
text/plain

52.45.125.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1625229349532-952312090252-027726-011-002602&biddername=55&key=5620853209467275555
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.125.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-125-207.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1625229349532-952312090252-027726-011-002602&biddername=55&key=5620853209467275555
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: aniC=1625229349532-952312090252-027726-011-002602
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-length: 0
set-cookie: 2_C_55=5620853209467275555; Path=/; Domain=aniview.com; Expires=Sat, 03 Jul 2021 12:35:50 GMT; Secure; SameSite=None 2_C_55=5620853209467275555; Path=/; Expires=Sat, 03 Jul 2021 12:35:50 GMT; Secure; SameSite=None

Redirect headers

Server: nginx/1.17.9
Date: Fri, 02 Jul 2021 12:35:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1625229349532-952312090252-027726-011-002602&biddername=55&key=5620853209467275555
AN-X-Request-Uuid: cd8dc8b5-84f6-41d7-902b-9fde1f9a2f40
Set-Cookie: uuid2=5620853209467275555; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 30-Sep-2021 12:35:49 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
767 B 102ms
35ms XHR
application/xml 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&us_privacy=1---&cbb=5229349608&imp_id=8ca576ec-ac54-4494-8bf0-94a176042b4e

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:49 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 69f48369-b4b6-4fef-b2dc-62bbc2cf2fe4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame A250 282 KB
89 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:2ab::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 14fc395ad49ae416330b86596c58cfa774d3910503b94a25c51743a35a5a6288

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-Uzafgk_GO4dFGROVh7LPv-FSozRh2vSB7IEzxqzK1IPQtg-KxbJ-JoseY5TTfXcgpFabV-1n8M8XtvabWbHZ9HcAh_dNg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 90379
last-modified: Wed, 23 Jun 2021 10:47:56 GMT
server: UploadServer
etag: "cddb29ba1fbe753fa70d0a2f6004ba8c"
vary: Accept-Encoding
x-goog-hash: crc32c=/c9QSQ==, md5=zdspuh++dT+nDQovYAS6jA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1624445276759644
access-control-expose-headers: Content-Type
cache-control: no-transform, max-age=300
x-goog-stored-content-length: 90379
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 02 Jul 2021 12:40:49 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=31145&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349532-952312090252-027726-011-002602&cha=0.7&stagid=&stplid=&cb=51055812248&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1625229349609&asid=606f23475c1ec675f91be5cb%2C6074a0acc740df34f540bda9%2C60dee97c67a5077093613604%2C5e9030afdc817965520eb855%2C608e90cf34acc10fb7767e4a&ofpr=%2C%2C%2C%2C0.52&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 142ms
44ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Jul 2021 12:35:49 GMT
X-SpotX-Timing-Transform: 0.000335
X-SpotX-Timing-SpotMarket: 0.005854
X-SpotX-Timing-Page-Mux: 0.000935
X-SpotX-Timing-Page-Require: 0.000330
X-fe: 142
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000057
X-SpotX-Timing-Page: 0.011014
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000337
Last-Modified: Fri, 02 Jul 2021 12:35:49 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.005854
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.003156
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 132ms
41ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Jul 2021 12:35:49 GMT
X-SpotX-Timing-Transform: 0.000263
X-SpotX-Timing-SpotMarket: 0.004221
X-SpotX-Timing-Page-Mux: 0.001062
X-SpotX-Timing-Page-Require: 0.000438
X-fe: 100
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000031
X-SpotX-Timing-Page: 0.010362
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000495
Last-Modified: Fri, 02 Jul 2021 12:35:49 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.004221
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.003837
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 121ms
121ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1625229349786&asid=606f23475c1ec675f91be5cb%2C6074a0acc740df34f540bda9%2C60dee97c67a5077093613604&ofpr=%2C%2C&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
119ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=31145&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349532-952312090252-027726-011-002602&cha=0.7&stagid=&stplid=&cb=51055812248&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1625229349803&asid=606f23475c1ec675f91be5cb%2C6074a0acc740df34f540bda9%2C60dee97c67a5077093613604&ofpr=%2C%2C&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EF15 339 KB
116 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:49 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FF0D 339 KB
117 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:49 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 732B 339 KB
116 KB 47ms
28ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:49 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CBF1 339 KB
116 KB 54ms
36ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:49 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5F9E 339 KB
116 KB 51ms
34ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:49 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8FB6 339 KB
116 KB 48ms
31ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:49 GMT

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8AAD 576 KB
189 KB 22ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 29 Jun 2021 16:15:51 GMT
expires: Wed, 29 Jun 2022 16:15:51 GMT
last-modified: Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 245998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FF0D 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:49 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame FF0D 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 22DB 576 KB
189 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 29 Jun 2021 16:15:51 GMT
expires: Wed, 29 Jun 2022 16:15:51 GMT
last-modified: Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 245998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame EF15 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:49 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame EF15 107 B
122 B 23ms
20ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9C0F 576 KB
189 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 29 Jun 2021 16:15:51 GMT
expires: Wed, 29 Jun 2022 16:15:51 GMT
last-modified: Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 245998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 732B 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:49 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 732B 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 207E 576 KB
189 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 29 Jun 2021 16:15:51 GMT
expires: Wed, 29 Jun 2022 16:15:51 GMT
last-modified: Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 245999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5F9E 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:50 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5F9E 107 B
122 B 33ms
33ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 228E 576 KB
189 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 29 Jun 2021 16:15:51 GMT
expires: Wed, 29 Jun 2022 16:15:51 GMT
last-modified: Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 245999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame CBF1 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:50 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame CBF1 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame B276 576 KB
189 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 29 Jun 2021 16:15:51 GMT
expires: Wed, 29 Jun 2022 16:15:51 GMT
last-modified: Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 245999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8FB6 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:50 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8FB6 107 B
122 B 14ms
13ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B8C9 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 02 Jul 2021 13:09:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5ACD 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 02 Jul 2021 13:09:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6A83 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 02 Jul 2021 13:09:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0F20 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 02 Jul 2021 13:09:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9378 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 02 Jul 2021 13:09:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A681 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 02 Jul 2021 13:09:58 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8AAD 156 B
185 B 377ms
299ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=893032870780028&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=4072117527&sdk_apis=2%2C8&sid=7001C8B1-03F2-4312-B50D-AA2FC6D28BF6&eid=44731964&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229350428&cookie=ID%3D7cd341f1406e54fc-22c63c7d70c80027%3AT%3D1625229346%3ART%3D1625229346%3AS%3DALNI_MaOAzU3nBrrE-YhrwuPACrv3B9dpQ&scor=4435535395635057&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 22DB 25 KB
7 KB 384ms
310ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2888866991716250&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1043023986&sdk_apis=2%2C8&sid=6CBD2F6C-9A8D-44B4-9B10-FB87DA47D4C8&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229350435&cookie=ID%3D7cd341f1406e54fc-22c63c7d70c80027%3AT%3D1625229346%3ART%3D1625229346%3AS%3DALNI_MaOAzU3nBrrE-YhrwuPACrv3B9dpQ&scor=3601693757576459&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

89e3e3a03700eff3d9eea49f50bf03ff9ab7e5b9fafc9cad35f099a6fba4d2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6834
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9C0F 25 KB
7 KB 346ms
275ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=224411346153095&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=925418737&sdk_apis=2%2C8&sid=24C2311E-A3B5-4588-84CA-1693F8FFAC47&eid=44731964%2C44737473&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229350437&cookie=ID%3D7cd341f1406e54fc-22c63c7d70c80027%3AT%3D1625229346%3ART%3D1625229346%3AS%3DALNI_MaOAzU3nBrrE-YhrwuPACrv3B9dpQ&scor=1118509291300600&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

47a67f08039e0e2f3b66feaccc284d778404b0324071397d598abb17baf5ae7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6871
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 207E 156 B
769 B 328ms
259ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1492033019746015&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3091720744&sdk_apis=2%2C8&sid=BBC507CE-A2E4-4CDA-BD01-D4DEDDCB7632&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229350439&cookie=ID%3D7cd341f1406e54fc-22c63c7d70c80027%3AT%3D1625229346%3ART%3D1625229346%3AS%3DALNI_MaOAzU3nBrrE-YhrwuPACrv3B9dpQ&scor=2427297186571054&ged=ve4_td0_tt0_pd0_la0_er1126.320.1278.620_vi0.0.1200.1600_vp49_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 228E 156 B
185 B 363ms
296ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=749078037754733&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3062135741&sdk_apis=2%2C8&sid=D2FABF7F-B409-45B1-A8B9-42B68B9DD0BB&eid=40819805%2C44737473&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229350442&cookie=ID%3D7cd341f1406e54fc-22c63c7d70c80027%3AT%3D1625229346%3ART%3D1625229346%3AS%3DALNI_MaOAzU3nBrrE-YhrwuPACrv3B9dpQ&scor=1698491130458511&ged=ve4_td0_tt0_pd0_la0_er1126.320.1278.620_vi0.0.1200.1600_vp49_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B276 156 B
185 B 329ms
265ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=567217977423801&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3445515552&sdk_apis=2%2C8&sid=1E4CCA37-991E-42DB-8D12-8315CC1B8DCD&eid=44729309&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229350444&cookie=ID%3D7cd341f1406e54fc-22c63c7d70c80027%3AT%3D1625229346%3ART%3D1625229346%3AS%3DALNI_MaOAzU3nBrrE-YhrwuPACrv3B9dpQ&scor=1436035678091440&ged=ve4_td0_tt0_pd0_la0_er1126.320.1278.620_vi0.0.1200.1600_vp49_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9C0F 21 KB
12 KB 185ms
80ms XHR
text/xml 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DfnZUsYpyEVFA9BdWYuEntEYqWN_GIIMoVrPpiJUNJ0VcdGgMC2zsajqMi32JQBginL4YNVTeIEUw25uLN43T5l-mJDA&dbm_d=AKAmf-AUYmdve8qJENVFzq5tL7sstbI7h9KwkcDegt2efmV-LGqW6aaO7m3dxFQzZztgu2l0wx_NnuZDZTgesr7qR5sBTaj9G96hsRvCntx3JQ63yPhw-H1V3nmo6Fuxcw81hfijmtuZleouB9OHKmObrKvA1RxDyGdovlfxkOiWhHRGM5WU9O012MJR67IPIR7XObjDwRQHzFoZ5Toe0kJrD0kAEghoDM-UyjhbITxqLiezxPvHx98M8rEVIV55a-ll1VTJjGFp3Y00r42d41SGTsbEGN6fvrcJfBxNQi5-QPgNnzzByjumHVZV6UQufIZlIwlhgGRZQ6eFCz6tn4z9-qnHcCSzbwjcyGMHAmyHxWUt6FQ9JH7z01owph81RHghBKEdoLWz781BHbI_UnF2zsFh0TXhMTArjg7mnGjv6XdoSPLvqiqZno7P657ehW7TF_n6swgCGQmGqBoJ0oHITvR72daj-MO2Wv0SUCoEpZNwWED7ANS5PCGBFnvOW_AzBQlAtLUDPP3ZWZS7QRvTRXdJgvXBbK-pIXAf3sxOIhcc8BNzjCaFd3vyMNEubCOzZbpzJx-l2320lMp5lMjoF8mRU3ap7gkBP3tcUjT-TBOytaNdUgRJEe4F9OgZr8gsL11BW5vBTzGTtx5iy99iOoMM-kxfrkDHHgHbsQWqxkSjGF3pDKqO4yFdMOVydEl0pefaIcBBCydgtRcqmyFazb3Vsgb_o2l1NVIzfcJzzkJWlXvQSODKT9iUghHOT6D6NG1jybQXAJqbPGbX8p4BsqWYjwwtw2f40soZ53eEsllcOpp5fiQGQaIhTaHGJiEclszfnHVjdbe8AGfI_9HUoC9SS2pJ5fWLkg-2wfoMug_9zXx5Y3V9hnNq5YX4NP9BI3Rqk_TEiSblmof_w9pNqRYMvAcq8dl5i90EX21k86HPQ2uAn6KCc_78bSbQOVdRCvrUTxFiFrnrg7wzWfgLg5-MsTUvahrrt_8R2UFSlZxSxXdtK0hXQkWtIDc2msAWU4_b4Py0spkPgqRHPsrTRiUBvwlKnFeWBekL51GaECkyDZCC8ZmMb0e6eXdrI9v2DtczOrcdKFklCy1ELiishPTIBNWJHVPLI74OKLJw1rSHCcmVCmlKcEzmmQO7wd2TmQLuROGby7j6UxfMm8JqJ7pmRuc5pk0W-uGZCzZzi6-_Ycl4N76BML-hKX7PH0rRIf1Kxwot30kWxd-gBYVoqhVjFX5q_SZB15c8K9Iyq8hThTKEsu4UaxEtZ4UP6q9vA8-13ZzpGgmwwS1CeoQpwwKvVWirvyCHUO29HH_FD4psMiZt7jlsGo-D0kfCRsjlkBXE6tN8S0t0kkbHzvJDdM_V-2UMwUKC9S_Te6jhBhGYK5YVEj0jjVnIZ5sooSbr6SnAuAxnq5axPuHBERBmrDHOCkORgI69GDVrMd2q3130KVWEBlDBjGkTVb7xVeJOWa-uSPpMQKTzsAKxwcjGpt2GWjYMNbO-Mp2R3Q54xSAcAlEJrjeWboa1tAdUkeSjtItT1bUfP4lt0uauED3FkSf1K2KSpk4D_wTr3JEa_K-8nHeeShJUsY-SkT6qRBeXntk1vwQoOlXNiZMtoPAuzY1jNCM9r4vl4JjCHDxqdjAFrmRx3k9WuRamHeJJxvZPmEg1HXVS4Pdq4KfzjAxwcuPMW7Fdpew7R9Cqav652vzHx97STsS1OSEr2b7e-VVwu4qfkH7xXD6U8wov54CZFzHeHSgKn6sJY6B3kA2x-tdoyt1S0sM3sa-62wz07f3F9cflSK8VHMN4oz484KurWj53fbmJP7MuWda65juEMcPxlJX7S9awkE6cygMQIQi-E_KkgrubkpnhczOKwUFndi2vAp57X3N5pYwg-7lXkTDHYGVev9PVpUl2kNDNX4v7rR431aWcu60E_lOo769Bsgp2swYliNrGqyukRwn46tEuoixkVUBUnavk3l8MB6U92h6xJbwvBaaj4-ndGaQJDmv0mt-G91_TTW84JKkcYmg_zSbTvw4YHPeLG6VnfM7JORfCpe84Tvb5kcHpmjsVxWLRHBwSjDTXag1K0858_UM0Z1JbLo-hqQAjYkxVQeU_dPRB83jo9MQkjy9wJIG0zZmQr5MwdF-oQe4DTTbPcUYkJV5yZKmV0JgMZ861T7E9wvrDgPu7XZzLM4jADhzepyZTKCq6tnBxqtbrIV7WjtyhCAtmboAtlKPXN2SqmZMg3w47up7fs9fT8aHfDKvg-chMp8S2BamHqTf_ypkWn-TAGKqgOpuRFFS2E1LgNFYqRA-LzapElpXtYjrhpTbcT41IoDA0PkXyCz5x48jgsfC58dZBWikRG3_ajDHsSe3a27lTPMpd1aZR0RE4T7t96XWKGamluNtoLhWxi6h6nPFaB68AkHpg15sKi1PpljbVeOGOD9XplQvAQrnhPfLJg1ePNpF2tbwMWWV_gTayXptclVf9zntW1T1PgBeEkejIkqd0VTVJHpLh-E_QpCyryaP1r8xZ7OOmXFn0RQudDjXUDjIcRwbMG50bGBMfcyCUG40UycChHzVZZqM4k922_2v5-sZdcnPU3nOP0TTHNwJUNKq-v6cOVbe6RmmOcRa0tuk9ydC57hjk7lUhjkUSCUBXdoCNI130avm5yApn2ETuy_YG1e3FKyfzzsBM9SjNtJjkqJnb1jv7uSWKmRwbTMPHyjv4Y5fX_-rq2ijAdXpJNwipYOPfNXMCnLM1oONLCe4r86uJ6P7jcGddN-uWG_CGX05qt4L-GJvZJ1mxC70lG9fxFN7VAWsJjskIcCwxOUlVbtK0zHo18u2tvQysJ-bO4pid71EgzAH1OWBr-XCL5vY-iMfmhuCEXRyE7e2M49og0CpQtI6Y-WaMP81hdxbyKKVBCxsakHDQ5BtGTKR8Tv_3uYt0fbpPKSkFdWNsU36DM-9MPbSs6nTC0JVOAbzg-XkeNaYZg87niqWahujZiT4t-ql-eXzuSstkxf_RqU9B-dJbNe14VeBjO0CB37jF0Wf681rpfBraUbWYtSAI1VDy5xVzv38WJ1SR3TQ4iQ7t8Dx0GfRhRnUdow3DzcEACxSf9-D-ZTWitPmCNMUfTEgXPLnOBHA-LAyQulSTDlHmHkY9xQzcf8Vny6TJByR88FgjWEejHOSBvOreHbO4eJYE7kjKeGtXdKia6L2svQTEDakiMVXbIzMnky1-0X0PHhXTGOI91IC3TSHSO2c92FV-dHLzS7nmO9t241Yu6LbC9rV5&cid=CAASEuRoK-eRVevoidxGc036Bm-EDQ&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=925418737&sdk_apis=2%2C8&sid=24C2311E-A3B5-4588-84CA-1693F8FFAC47&eid=44731964%2C44737473&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229350800&ged=ve4_td1_tt1_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_ts1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

cafe /

Resource Hash

052b709978677b3dd76a0ab609a92a688000c1d1e070c56cd2aa877fae77a3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12033
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 193ms
192ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT

GET
H/1.1 200
OK ptv Show response
ib.adnxs.com/ 85 B
922 B 136ms
136ms XHR
application/xml 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&us_privacy=1---&cbb=5229350825&imp_id=1fb296a0-5b5d-4e6e-a5a4-e73e971625e0

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:50 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 84b79fb2-2b35-4868-9042-bee4f1d6c3c7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 85
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 130ms
130ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=31145&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349532-952312090252-027726-011-002602&cha=0.7&stagid=&stplid=&cb=51055812248&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1625229350825&asid=606f23475c1ec675f91be5cb%2C6074a0acc740df34f540bda9%2C60dee97c67a5077093613604%2C5e9030afdc817965520eb855%2C608e90cf34acc10fb7767e4a&ofpr=%2C%2C%2C%2C0.52&fpo=%2C%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content 287573 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 44ms
44ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 02 Jul 2021 12:35:50 GMT
X-SpotX-Timing-Transform: 0.000375
X-SpotX-Timing-SpotMarket: 0.005728
X-SpotX-Timing-Page-Mux: 0.001154
X-SpotX-Timing-Page-Require: 0.000395
X-fe: 102
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000020
X-SpotX-Timing-Page: 0.012108
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.001137
Last-Modified: Fri, 02 Jul 2021 12:35:50 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.005728
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
X-SpotX-Timing-Page-Misc: 0.003273
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000026
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 22DB 21 KB
12 KB 110ms
70ms XHR
text/xml 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BB23mYczVYZJsvtkSZKmxmAALELF-DXpmwt2_R2GGFsMkq4wuHjA9gkpGfQN6zYJDwasFDh-FBWK02wifVXqvS_CIkUg&dbm_d=AKAmf-BrC7gCACjvH9LgNrXhLDlUa6iIbtc6PAJn6zIAnUWwHvaO8pZztGiLqJHl2_sl4JBdV7vxPLm1yQgbqhRlMteAflMIk2khmi_FU3W7Ov7boqhIyH_nylAFDF-GPn1d3utI0C8ZZFwRNMGXvSq-tiqj4oKBltDMhQEsUWyIhmTcjT6mJOz0hHjq1Wye1WfJBRlXVrUuUxpoqQ6kmwdutbQxriiEQaOrXgwtIoTcRflgK3wiyXa8nlzVvLUO2Ajo5gOo_Id41aGUAvAQXygDF7qikh9y1l8EHNPjpnYG1_b9FBqHwqcJw6z4ECGlZnbYdvo0YNXobuWtfcBKkMJ6Qasy34h9AZAUIgvBfjXDjqW4pEcmaFjqsgfU_F6xSYNuZYK4CtjdOMWALnmsh9KSLyk2nNc-NVdgtBVyFOPupmTqvH6K02nM-Yb5sO_VQ8Zhofepp5HFk1OjKhlGspc0E_O8fKtIfnPNyyRhzDyA-DHDNidQ3pgjqgZIR1R7aks9EvsDwUNfiOTz6nYwZa9jdhpXHGemh_XFKHerNBiE3VU_7F1t9APQSaFNO-y8IPk5E5LUK49btxKiFYif79VGY-xM7c9TRgueQccrjBs90JxUcPxw_N49jYz84SGA9GfmBCEqZN9Y4glhLF10P2UDo5d_u4VAGWwEjt_RSF4DAlWHxk9TW8G-hDPnifihKxN2HpkPabnoTFMzULuW7u58MDREd-IZ1ZdyrG5afDTYcjSOEhN4WZwtHERKEED5FqJ1j8lvtGmR-6gD4DmV-bEX6Dh0NkSdixPWc7B2mVjnersPN2TNgww_DGOfSYjv1EgvAh6p_nhqwpZIX8rPKwSqHxW0iEX8Y7SUJStF-dcC45bnPjFLByenGRK7hQJXbe3w-Z04CpfI3oGteAMHOpnaViSG7TKkBhJ5yvOinr99e7_R6h0GsS7fatVki4cTUQx3wH5---_7DuZxK_XKoBiiTCPfralV9kXwZweJbMadj7C7BMugpS7oiqQc3dBsrj_TibaifJz7G5P1BWWJfLB07WgdkgjBiNWBnEgj9mkgLRoOjK-vGeOe1eg1t8ZJShMCbZH_Q3kvb_fEd2Lzr7yl0IG6qb0ORRtWWTLYj83wkVdDhEaYnnABYFaVqrwuk_O1E2Z3f505reRwkM6RlbDovuPUUbDyocHoKVgAHSjt1Ecqg44Pfp2gdhUAP3-7sXf2bbLGjd1XpFeUN0tltzSiX1zY_YxD4ip9kUxFIwDmZcSQJaQZi-oZ51WgDFYCX4aAijcWRgA3j45ldriQ2jTdAvyL9QoVv-OAGUN6__wY9ClcmQHlqpdfsV0kGbnac5uMvXuDXw9lwJe25ocoKJrr6J9y4rJfJgJiyXnxVkcnoJszJs6BcQiG2JR-u7KF0r4bXTWgbUzMkk9aI0yHiCcsySpTzm6FxDRbeWm_Loj7XpIC5Asl5wtArpwh7TCleppy9zSEWJlRWaIjzhg0XQ6utueBdwcCIMNVGWWoERhPRlPbnvp6CpoJAT6R_sHpStvIReU8CKvCkmkh_GJiXWLW7m5zE-A-c7v5Caat7suTDogjl0wrtk3NvadhZ2fU6gycsZ2kevhuGrTXqjo3dKeQcyXvjh9FpSkQHkwKJ0ZDjjkCmS-nYp8HP_KSyVuJsqsOBp2po2iyDEMaCayYW5ZeWchCJRhYB2Mml3DnF7cLpFXVBmVa2-rqBW1CgRaQW6fvuaZQrhndy6JDfUj3O0J2Y7aoki8VykVAnhH3jgCuHybIGpfkFmmP4hgzXInr8COSRKlb3KXmuuvc2tD2Kn5YO_2K2r3_P1eLHGDOGWT3z6DTn_wJDXsgTNJ_GAfbxh_77l8Nx0Q2Sb5vFnxZBcyl4eZgNK0IzYdCt9Bxt6pjf2N806m3G-_IzMqhU7Ploj1q67cN2Nkatxf3dgeIJGYycR-kzohZAR2zLdVff1cUcE0_UdIaEgSYyBQgAWO93Xlw-Z7fzlyvco23fIIHx29CGeoR-v4HAJF_5jSG3ULaZhVsmJp4IRLDyYPLRgNkpsN2uh8qhVhlveKfE5RuS8EA-z9m5MW6dfOS3Rx2o15RliC2705j9j5lIIVMTijCG6_HVVlm0kbB-9H3qbAdvo7BejIY338G-oD2pRvcaMp6UnyXUJx4ZapD7SxD5rTmSAq0mhjJct_cqgr2Zh6VJwv1-GIEPRa6lPI6mUlmmuDbBaXlJuPSXaFu4Tiw4SCTkFUTBqqTYnpk52tEHjxQ0dTDASw-fWtCR1n0QjzZs8MxHJr3XmcwK6FmqrW-9CoK4qzxaXnLzWQ-WzViXtrjcOvQBARggJaNppm22kL4F9ASiHIph6ZAohhSSL9oTmWGSCNpCKRAccEf0X1qnZOK9lQhz77Dic0EoG7XAj85AyKjQ2oXq0dy_b9J3UuRpldw_fkxrpn-54mxNYESk_BI2CJqRAlmTR5SQOvvpf5ugPh4LZTi3_Mar3QX71J7XXx-wGqjZLB0avO9i1l8II_C0NDyAcvkvmRmFMliHjQxdLSBj9Ieuf_KpHV0ugT-lshTEeWsAYHXLIHfd1Tpp9aHHDRTgGX2PVPAr9R99g3wiV2Vce0UIDVwdWqyLYuvvrs8_25vqxaK8HEasevph9W_oVkSZPw-Nk358Lxc5QigCmz5Esmv0mGa0r2hqB5x9Ea4_mymEaTWuZqnJkucmAd4pl86ekgi7L9AhF7cIb4_tVplwq0YrZtqT5GM7sNmRi30J4y9avWpGhEhgk5p97lCUArDc2GwK1eFd93axMntKMxhia409_e_JX-1XIG_eQUAr09njGKMVg3PCcL8jCKbgmt3TC9FoAhup0SI0pNWmCdgKxBhCSxPpEDmuBdvBdAKCyzM0v55dd0hgx4mAerkHaR6zYhvNpeapIbYb6NG_U_RSOHAU0ABEJio2B4DzTSz-LUDCfsrOADjYK2RMIsb0y07duArXO_FYlQd9BYgt7t7uJ4gQNDnFcoq7SJBrgj72erSlKjN8ZqV4XlcpvcXxoBA-ruwEZDc2cae29XKd2aFbS2IGA6RZtYL3RI3rnSP9pn7zG18-YX_hOWpJc2i-FprC4ysgHiWc9fCamRFF_ZHGZGbRT3l1YxZabaa9LUZMYDkMiyChpLRj8k0NlPn-iybsiZtQ94WSZkwi36PGMNs69L4K7_0JwaRFR7uIdbh6DxYtyUsOxjB4KY839Jpl4EIVwEnUiZOZDnEgBf_BLByZxesfeERTVw&cid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1043023986&sdk_apis=2%2C8&sid=6CBD2F6C-9A8D-44B4-9B10-FB87DA47D4C8&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229350864&ged=ve4_td1_tt1_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_ts1_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

cafe /

Resource Hash

79381d68e91816fbadc6a29a361636f02c8f78ff54501a8f2e20da09bb749952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12112
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
119ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=31145&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349532-952312090252-027726-011-002602&cha=0.7&stagid=&stplid=&cb=51055812248&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5ec3e3871f5e5c792c20f9f7&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1625229350966&asid=606f23475c1ec675f91be5cb%2C6074a0acc740df34f540bda9%2C60dee97c67a5077093613604&ofpr=%2C%2C&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK skeleton.js Show response
vast.adsafeprotected.com/vast/fwjsvid/st/472664/51195172/ Frame 22DB 11 KB
4 KB 241ms
74ms XHR
text/xml 52.210.216.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.adsafeprotected.com/vast/fwjsvid/st/472664/51195172/skeleton.js?includeFlash=false&originalVast=https://ad.doubleclick.net/ddm/pfadx/N916230.279382DBMGSKDENMARK-PHA0/B24430678.291239302%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.470.1%3Bdc_osd%3D2%3Bdc_frm%3D0%3Bdc_adk%3D1043023986%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.123greetings.com/events/fourth_of_july/%253Futm_source%253Drcvr_event%3Bdc_vast%3D4%3Bdc_ves%3DdGltZXN0YW1wOiAxNjI1MjI5MzUwOTUxCg%3Bdc_cid%3D136029740%3Bdc_adid%3D484183034%3Bdc_vpaid%3D0%3B
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.216.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-216-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 559fe004c2c97cffd0ae0d9f3ffb0d2546dc35c2a31481e6f2306bd138bf4b4d

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:51 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 3366

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5920 339 KB
116 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-instream-static
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:51 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D320 339 KB
116 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:51 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 18A4 339 KB
116 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:51 GMT

GET
H/1.1 200
OK skeleton.js Show response
vast.adsafeprotected.com/vast/fwjsvid/st/472664/51195172/ Frame 9C0F 11 KB
4 KB 226ms
76ms XHR
text/xml 52.210.216.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.adsafeprotected.com/vast/fwjsvid/st/472664/51195172/skeleton.js?includeFlash=false&originalVast=https://ad.doubleclick.net/ddm/pfadx/N916230.279382DBMGSKDENMARK-PHA0/B24430678.291239302%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.470.1%3Bdc_osd%3D2%3Bdc_frm%3D0%3Bdc_adk%3D925418737%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.123greetings.com/events/fourth_of_july/%253Futm_source%253Drcvr_event%3Bdc_vast%3D4%3Bdc_ves%3DdGltZXN0YW1wOiAxNjI1MjI5MzUwOTUxCg%3Bdc_cid%3D136029740%3Bdc_adid%3D484183034%3Bdc_vpaid%3D0%3B
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.216.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-216-43.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e024f3781e3364a706edbb56ea150018d0c9db75b7431b00ed39f9c46b170a10

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:51 GMT
Content-Encoding: gzip
Vary: Origin
Content-Type: text/xml; charset=UTF-8
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 3363

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame D120 576 KB
189 KB 8ms
8ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 29 Jun 2021 16:15:51 GMT
expires: Wed, 29 Jun 2022 16:15:51 GMT
last-modified: Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 246000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D320 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:51 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D320 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3D85 576 KB
189 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 29 Jun 2021 16:15:51 GMT
expires: Wed, 29 Jun 2022 16:15:51 GMT
last-modified: Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 246000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5920 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:51 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5920 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 bridge3.470.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame B857 576 KB
189 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.470.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.123greetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 193313
date: Tue, 29 Jun 2021 16:15:51 GMT
expires: Wed, 29 Jun 2022 16:15:51 GMT
last-modified: Tue, 29 Jun 2021 16:12:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 246000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 18A4 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:35:51 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 18A4 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 80B6 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 02 Jul 2021 13:09:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A831 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 02 Jul 2021 13:09:58 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 395D 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 02 Jul 2021 13:09:58 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D120 156 B
142 B 198ms
155ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2154066674071291&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=2668489212&sdk_apis=2%2C8&sid=8FF69088-3ED8-4678-B4AE-A8B121279416&eid=420706098&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229351281&cookie=ID%3D7cd341f1406e54fc-22c63c7d70c80027%3AT%3D1625229346%3ART%3D1625229346%3AS%3DALNI_MaOAzU3nBrrE-YhrwuPACrv3B9dpQ&scor=2127985067658146&ged=ve4_td0_tt0_pd0_la0_er1126.320.1278.620_vi0.0.1200.1600_vp49_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 3D85 156 B
142 B 249ms
214ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2509987876597064&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1322083244&sdk_apis=2%2C8&sid=338DF7E9-F572-478F-BBCB-14FB42677781&eid=44736153&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229351288&cookie=ID%3D7cd341f1406e54fc-22c63c7d70c80027%3AT%3D1625229346%3ART%3D1625229346%3AS%3DALNI_MaOAzU3nBrrE-YhrwuPACrv3B9dpQ&scor=2029034317032483&ged=ve4_td0_tt0_pd0_la0_er1126.320.1278.620_vi0.0.1200.1600_vp49_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame B857 156 B
142 B 203ms
172ms XHR
text/xml 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3960155208866135&sdkv=h.3.470.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=2764715405&sdk_apis=2%2C8&sid=C3ACC0F4-6D1B-42A2-B7F3-0196E444AE64&eid=44736284%2C668123728&url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&dt=1625229351293&cookie=ID%3D7cd341f1406e54fc-22c63c7d70c80027%3AT%3D1625229346%3ART%3D1625229346%3AS%3DALNI_MaOAzU3nBrrE-YhrwuPACrv3B9dpQ&scor=2707198349973254&ged=ve4_td0_tt0_pd0_la0_er1126.320.1278.620_vi0.0.1200.1600_vp49_eb23147

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 22DB 0
348 B 1057ms
383ms Ping
image/gif 2404:6800:4006:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kqmblche&c=8330245361517&slotId=4165122680758.5&qqid=CKzx-ZCzxPECFZ6VdwodjO4AUA&gqid=JgjfYJ_WINyNjuwPx9C04AI&fb=ima_html5-lima&sdkv=h.3.470.1&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:812::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 22DB 42 B
64 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 22DB 42 B
64 B 16ms
16ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame 22DB 0
0 58ms
46ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CpPmkJgjfYKzGIp6r3gOM3YOABeuzncJj9MaCipcO8C4QASCwr-IfYNGBuYLQB8gBBakCQblQv2BahT6oAwHIAxOYBACqBNABT9DJxbaENPU-kduh2nFsQQmXCXuNv0syFIdNzGiP3AsGjJ1L2JFXY21kWMfPYn6PnqJQeQE3S7eNgRupxYonF8P4S-TSZ73JdPCGt_ny0NMfRL7v7_DqC48dzZcSLbkn6sOppZqZwdtWHSHOY7tTmh_AUJr3boGKHLxSHjAtKOf89LeE74o3M78wQW1DUH_xa7lpRnZ4tN5Xt1dbSDFFbGvJuSR5Nqq3a0A3d9N--Zf2b7KhJMQ5ZjJkVJL2n97G-G0ml7bWkXnMFfjYch0Fe8AE48O3rdED4AQDiAWJha-AM5IFBggDEAEYAZIFBggbEAMYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH8M34ggGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG9gHAPIHCxDi1ZoCGMuhyZkB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi03NjkyMzM3NzY1OTI3ODk4gAoDyAsBsBPMovYLyBOMg8XdA9ATANgTCogUAtgUAdAVAYAXAbIXGgoYCAASFHB1Yi01NzE3MDkyNTMzOTEzNTE1&sigh=XjhUh03uwmE&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&cid=CAQSOwCNIrLMML1kj520I6SYI50gne3gUtZQ7S7716Pp3Rv5GLqr2YroId7xV6ehdTbOfGPAW9hGt1ir--Nh&vt=10&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlAiQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEB6ClwIARIYdmFzdC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg0MTgzMDM0MgkxMzYwMjk3NDBAiwJSHiUAAMBAKAE6CzEzNjAyOTc0MC0xQgRHRENNUABgARgB
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0447 51 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccb343946d6d59be6a51396e1ee093d75165121c9eb86a1bc84c0e1d4a2bdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 21:18:22 GMT
server: sffe
age: 532
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18540
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:41:59 GMT

GET
H2 200 vpaid.2021.02.11-11.02-19676e0.js Show response
static.adsafeprotected.com/ias/v1/ Frame 0447 176 KB
42 KB 183ms
80ms Script
application/javascript 52.17.241.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 40ca98c145bf27de21e87e43748da8e926d8986e851f3e6747cafc4da373bca2

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 16:29:40 GMT
server: nginx/1.16.1
age: 14747
etag: W/"14bdef8489e0d98a23c89039d178011f"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 361ms
123ms XHR
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=31145&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349532-952312090252-027726-011-002602&cha=0.7&stagid=&stplid=&cb=51055812248&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Jul 2021 12:35:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 192ms
192ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/472664/51195172/ 40 B
386 B 171ms
68ms XHR
application/javascript 99.81.129.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/472664/51195172/skeleton.js?videoId=c2105c89c8bbcf2c57e5901a1b15dbba&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&adsafe_type=abdq&adsafe_jsinfo=br:u
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.129.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-129-224.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-server-name: app22.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: X-Server-Name
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/fwjsvid/st/472664/51195172/ 227 KB
75 KB 175ms
77ms Script
application/javascript 99.81.129.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/fwjsvid/st/472664/51195172/skeleton.js?videoId=c2105c89c8bbcf2c57e5901a1b15dbba&xmapp=0&xmtp=v&xsId=0d0c71ee-abc8-4d35-b0c5-7aafbb960c8c&adsafe_par=&logTestResults=false
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.129.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-129-224.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b7f1dee42949de63e45b1d6c2f23fb069cef53df921d8104268a35786783b22a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-server-name: app07.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1

206
Partial Content

file.mp4
r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m...
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,i...

115 KB
0

27ms
7ms

Media
video/mp4

2a00:1450:4001:3d::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A49E430D03204A6A8A138C87ABE7BAB7C0255B2.0FB0A47E033519BC0A0B81AEB048EE94DC92544E/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625229155/mv/m/mvi/3/pl/49/file/file.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:3d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:51 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Aug 2020 03:45:07 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-454120/454121
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 454121
Expires: Fri, 02 Jul 2021 12:35:51 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:51 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A49E430D03204A6A8A138C87ABE7BAB7C0255B2.0FB0A47E033519BC0A0B81AEB048EE94DC92544E/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625229155/mv/m/mvi/3/pl/49/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/472664/51195172/ 92 B
316 B 58ms
58ms Script
application/javascript 99.81.129.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/472664/51195172/skeleton.js?ias_callback=__IntegralAS_b37e55285b60f4f010d563bfd7feef9c_9331&videoId=c2105c89c8bbcf2c57e5901a1b15dbba&xmapp=0&xmtp=v&xsId=0d0c71ee-abc8-4d35-b0c5-7aafbb960c8c&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=f&adsafe_jsinfo=,id:b37e5528-5b60-f4f0-10d5-63bfd7feef9c,c:hdv3r9,sl:outOfView,em:false,fr:true,mn:app07ie,pt:2-5-15,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,br:u,abv:na,an:n,oam:0,vc:jv3,scm:publ2,nbld:0,mtim:3,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:fwjsvid,thd:1,et:46,oid:09647b81-db32-11eb-a66a-06aaa1ae1a14,v:19.8.212,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/fwjsvid/st/472664/51195172/skeleton.js?videoId=c2105c89c8bbcf2c57e5901a1b15dbba&xmapp=0&xmtp=v&xsId=0d0c71ee-abc8-4d35-b0c5-7aafbb960c8c&adsafe_par=&logTestResults=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.129.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-129-224.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 636b8fb1805a5317e4675ec9a4bf620ffe6433f22373f37794e9db4f9b631ba1

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: application/javascript;charset=utf-8
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 691B 82 KB
21 KB 57ms
56ms Script
application/javascript 52.17.241.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 3618991
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29

206

https://gcdn.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,i...

443 KB
444 KB

15ms
6ms

Media
video/mp4

2a00:1450:4001:3d::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/526F29923BBD75748032931E3A40C8B8A519E084.2FFCD425FDB45E013BDC686E17C6B112A8ABF65E/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625228915/mv/m/mvi/3/pl/49/file/file.mp4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:3d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f3719a162c105abe14ab92b0e048d69214856bbe06eb2979c3b6e33bf74ac957

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:51 GMT
x-content-type-options: nosniff
last-modified: Mon, 10 Aug 2020 03:45:07 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-454120/454121
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 454121
expires: Fri, 02 Jul 2021 12:35:51 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:51 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/526F29923BBD75748032931E3A40C8B8A519E084.2FFCD425FDB45E013BDC686E17C6B112A8ABF65E/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625228915/mv/m/mvi/3/pl/49/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 22DB 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 07:23:31 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 22DB 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrBfIJgjfYKzGIp6r3gOM3YOABeuzncJj9MaCipcO8C4QASCwr-IfYNGBuYLQB8gBBakCQblQv2BahT6oAwHIAxOYBACqBNMBT9DJxbaENPU-kduh2nFsQQmXCXuNv0syFIdNzGiP3AsGjJ1L2JFXY21kWMfPYn6PnqJQeQE3S7eNgRupxYonF8P4S-TSZ73JdPCGt_ny0NMfRL7v7_DqC48dzZcSLbkn6sOppZqZwdtWHSHOY7tTmh_AUJr3boGKHLxSHjAtKOf89LeE74o3M78wQW1DUH_xa7lpRnZ4tN5Xt1dbSDFFbGvJuSR5Nqq3a0A3d9N--Zf2b7KhfMXLyKGebwAfLBahTaV9Qn3tTbL_nmnq-aRLY7G8FcAE48O3rdED4AQDkAYBoAZOgAfwzfiCAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATzKL2C8gTjIPF3QPQEwDYEwqIFALYFAHQFQGAFwE&sigh=coSdeAl1MkE&label=vast_creativeview&ad_mt=0&acvw=sv%3D899%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-1%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D1092%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,3%26avms%3Dexc%26qi%3D887810133%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1625229351944%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1625229351349&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlAiQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEB6CmEIARIYdmFzdC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg0MTgzMDM0MgkxMzYwMjk3NDBAiwJSIxAEJQAAwEAoAToLMTM2MDI5NzQwLTFCBEdEQ01IjARQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 330ms
110ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=b37e5528-5b60-f4f0-10d5-63bfd7feef9c&tv=%7Bc:hdv3s7,pingTime:-2,time:105,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:8350,beZ:8351,mfA:8353,cmA:8354,inA:8354,inZ:8360,prA:8360,prZ:8389,si:8395,poA:8397,poZ:8418,cmZ:8418,mfZ:8418,loA:8439,loZ:8440,ltA:8454,ltZ:8454%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:44%7D%5D,ve:%7BvEventCount:4,vEvents:%5B%7Bt:-227,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-52,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-51,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-2,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:105,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B99~0%5D,as:%5B99~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:fwjsvid,dtt:0,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,rmeas:1,rend:1,renddet:env,slid:%5BAVplayer0,videoslot,slot,av-inner,av-container,avntsPlayer0gui,avntsPlayer0,avantisContainer0,vid-container0%5D,sinceFw:57,readyFired:true%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:52 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 5FA6 23 KB
9 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Tue, 29 Jun 2021 07:24:12 GMT
expires: Wed, 29 Jun 2022 07:24:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 277899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FA6 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac714194de282f4e54c7d818bebedaf6b6edd6cd0ff99ee0292801f664538035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 08:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5752
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Jul 2022 08:54:34 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5FA6 0
22 B 43ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.470.1&bgai=BAKBeJgjfYIy9ObC8-wbUgbKADAAAAAA4AeAEAg&bg=!dXaldjLNAAYo4NJEKOA7ACkAdvg8WhpMoW3aB8YMoAdZoWDtVWTXraA3o9Hwp-g2EaNU5yI0ROxEGQIAAACEUgAAAAxoAQeZApf-WGC92uvvzO140l5tYegwuV3TVZ29FvUaRZoWB5dPJuGvb-edTtIl9R9d6tGN4oybJ_HXKCpaxjqLjcEbXYjNe3e5xq58vakCooj5CnJK0oomxeIPnDi0O5EknLDUZMUUgl2D6pHnxr_gP-WucZ-ry2GIH3yYucn2mXnm-5r4rtfdiwbbYJMAdzpM617pYYdX1q6_XkdT-bn2cJW8MhPGhfZ40SIgLs9a56xwS1oQVTRWqwmJ6wXwJP7OTDqmZ1Vida6ZlIE2rLTXVxnSDyvjh1m3dlgZBE6Z6zHZMSLDrqsvVMRxwzi0LyEJ9GYOuBC0sJp6074Hd2tZgmZhFO1I-HtaHvCm78q2ijNxbSxepgbPX8__MncvlfakTSVAog959revsA7fQzPTE4b-ZOeG-TjT9R5JdSEqWra8OQ1VWdALUhrmEWo5wRxDApdHNj8Zed_UWmOaQ4AqQPU9FRN83pGxQBCSvffdYrO7FIp6z5jmM27roe5jvNKYv0OoX7_Ge_gf0-nBjcmyCgtrjL1mdDt5WbD4BG8SGbokRVybfSa4qFqTFgfjhl04aXXATQFfc4DpIbDjPkAizvBfhqJTlsWyY3b0Y3dAX8-XkDYD_MuBtFixuRrV1vQibgzcY4ESMFBcoNpj4Zl7prVV5o7iMXWwqNtcnXo3CUTUPmctAAxO5eIviiq5JoFNotWuul4TEjNckymh7hxJyG2BnArtHlIkMpmggjAo4KENgdpAkwe8oK7S7gkgnfgAjE2SeCmwdbLoPtGM2oHfbipshDvZS_xEj8eXB2XLTq45RswhobbZOXcW-qlyIUKqjzJ0kziTihqxiXox_sVxPEzT7uLpQ4ZqBihg-81ouuzh4yNZkGoVDvq8smo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 138ms
110ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=b37e5528-5b60-f4f0-10d5-63bfd7feef9c&tv=%7Bc:hdv3wW,pingTime:-10,time:404,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1625229352253%7C%7C9702fc51f89570e550699ab8089a1059%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C7985d6c13b5251b12a5addcfade123ec%7C%7C899a69503590b00767eb8568d15e9810%7C%7Cf08fc359c0415936e61db65c00234560%7C%7C5a0b24a4c8a60e24106daf96728225ab%7C%7C8946df64d8ca927214064a134d34ea0a%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:52 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 0447 35 B
174 B 203ms
50ms Image
image/gif 34.247.125.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vd3d3LjEyM2dyZWV0aW5ncy5jb20vZXZlbnRzL2ZvdXJ0aF9vZl9qdWx5Lz91dG1fc291cmNlPXJjdnJfZXZlbnQifX0sImNiIjoxNjI1MjI5MzUyMjg2LCJpYXNfc2luZ2xldGFnIjpmYWxzZSwiaGVhZGVycyI6eyJoZWFkZXI4IjoiaWFzbyJ9LCJjdXN0b20iOnsiY3VzdG9tNyI6IjQ3MjY2NCIsImN1c3RvbTgiOiI1MTE5NTE3MiIsImN1c3RvbTExIjoiMjAyMS4wMi4xMS0xMS4wMi0xOTY3NmUwIiwieHNpZCI6IjBkMGM3MWVlLWFiYzgtNGQzNS1iMGM1LTdhYWZiYjk2MGM4YyJ9fQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.125.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-125-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:52 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.js
static.adsafeprotected.com/
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/472664/51195172/skeleton.js?videoId=c2105c89c8bbcf2c57e5901a1b15dbba&xmapp=0&xmtp=v&xsId=0d0c71ee-abc8-4d35-b0c5-7aafbb960c8c&adsafe_par=&logTestResults=fal...
https://static.adsafeprotected.com/skeleton.js?videoId=c2105c89c8bbcf2c57e5901a1b15dbba&xmapp=0&xmtp=v&xsId=0d0c71ee-abc8-4d35-b0c5-7aafbb960c8c

17 B
17 B

50ms
49ms

Image
application/javascript

52.17.241.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.js?videoId=c2105c89c8bbcf2c57e5901a1b15dbba&xmapp=0&xmtp=v&xsId=0d0c71ee-abc8-4d35-b0c5-7aafbb960c8c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:52 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 10368509
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:52 GMT
x-server-name: app28.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?videoId=c2105c89c8bbcf2c57e5901a1b15dbba&xmapp=0&xmtp=v&xsId=0d0c71ee-abc8-4d35-b0c5-7aafbb960c8c
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 dc_oe=ChMIjOiQkbPE8QIVMN7eCh3UgAzAEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCKzx-ZCzxPECFZ6VdwodjO4AUA;dc_rmcid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 22DB 42 B
515 B 150ms
71ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjOiQkbPE8QIVMN7eCh3UgAzAEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCKzx-ZCzxPECFZ6VdwodjO4AUA;dc_rmcid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,5%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1625229352293%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1625229351349;dc_rfl=1,https%253A%252F%252Fwww.123greetings.com%252Fevents%252Ffourth_of_july%252F%253Futm_source%253Drcvr_event%240;ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 22DB 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrBfIJgjfYKzGIp6r3gOM3YOABeuzncJj9MaCipcO8C4QASCwr-IfYNGBuYLQB8gBBakCQblQv2BahT6oAwHIAxOYBACqBNMBT9DJxbaENPU-kduh2nFsQQmXCXuNv0syFIdNzGiP3AsGjJ1L2JFXY21kWMfPYn6PnqJQeQE3S7eNgRupxYonF8P4S-TSZ73JdPCGt_ny0NMfRL7v7_DqC48dzZcSLbkn6sOppZqZwdtWHSHOY7tTmh_AUJr3boGKHLxSHjAtKOf89LeE74o3M78wQW1DUH_xa7lpRnZ4tN5Xt1dbSDFFbGvJuSR5Nqq3a0A3d9N--Zf2b7KhfMXLyKGebwAfLBahTaV9Qn3tTbL_nmnq-aRLY7G8FcAE48O3rdED4AQDkAYBoAZOgAfwzfiCAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATzKL2C8gTjIPF3QPQEwDYEwqIFALYFAHQFQGAFwE&sigh=coSdeAl1MkE&label=part2viewed&ad_mt=210&acvw=sv%3D899%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,5%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1625229352293%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1625229351349&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlAiQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEB6CmEIARIYdmFzdC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg0MTgzMDM0MgkxMzYwMjk3NDBAiwJSIxAEJRKDwEAoAToLMTM2MDI5NzQwLTFCBEdEQ01IjARQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22DB 0
22 B 40ms
39ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 22DB 0
24 B 52ms
50ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQDc_mljRWW9Szrj0cVQz9mMOhsblPLF-kMAdaTxrZhqBRB00x5tVLTbCTsj0uZOTh-DpqvmXKJYiw-b2dYBPWom1eJ9LqmS-xvZgEJp03nD85R2IBcX316_3lOvDesPHZpYR_PmzwSezmw1Ox-H6qpXgDnqudsEIO_ZC4QprroHn7SbNGU0Yb1ffEStvhqpOXZmhaZ667_AAcUYUQqeMOWEFAEQza-hyerQh5lD9wYRATKMoR5RgEqlmaJPmRksEa9EBMfTLnv0QvXDVGl3iYWOpc5yuE7IAijtYgSlIZ1edCPiexpvkC2_LGWds7W0NgWxvN4xoaji83P9KaAUP_H-hOat0EmjVVCHuAvJIq3UyJj2ECXlAN94CejfoCx_XLAUAhltn-opZ8VtmiaqKExuASzI8BxQTMOaVdhgeveqUAFxIec1zTpoBrWZVFWMkVWGmtqh9q5MARQjY5J4x_gonsZ28cKa2TAmR85ZygAUN9PE5B1EIhBLscbID_QFSPA6BluZX4f6o0wAt9cISYPPWr3v7wtwX9HaC_Qt2W8YMTNUFK4vnPGszlJubBlN_iW_JNJDNVjCSTWS4vGW5Qa5QnpkWPGq6DX3qSgZKhCK7NqWiTGDSS9JQ7Wzjiz2CRGJgo9cYE7BeS2nTqG_W_nXGhQQUoDhkCSwtdZE6yzUdzDNcAJXhSxaS3vS0LYBaEhyi2aH1ufHe9an0WttxRwNqiDZTAAHEmt86kBezYVOZMz8eEFqoXaBTZL55Z1QzQ1h_9abVaxXTH3__GHLih4i1JDSk-YSGtk5FO_qgzYOTMajp_QOGojoD52cHh2WE7C2zet0-QBg0wGzD9czH8A-lu962cazFZKukxPPbHs4wPxqV0wUS-0XOU8wdeGk4bg4KJhx6_FC71_p2O-smnoZ0IFUjzSZ3B0v46Dm2cKiGWrSUhXgXeO4q72-MlhsWN4R_TmGp3_KN6VaX_j_YTGJ56oBmHLj-OctnABq2L9lmOm8MGGJk7EIkcFITakl2MXy4gMV7jgPeLdBzXd2WU1JuaMf_n7boU4ZJlJhd5LQz2ksfWc_p7MMrSE5JYVMf9e9IJ-pEdabmlLy49AFKeGmJTiUbMqLTsE0Pbsb6nfsCU818xlHbZyhJidzDZwiz1svzO0DZvoKa857Xmpep1H6l-GF-73g&sai=AMfl-YSGwB_d_hJwJzlR9CM_he_sh4jM03LN9ON14XqOB1gz6sLAmUHiEmbh3z5KwLri8_cT-GJ8sDvh_QZ5TTBuZnAZfEeyyftqLlkaeBT9BVZCR2K6gk_cZ-jyAgKGiGp0CN7THx6UHDQ7EbmQEQzqaM4IX8SlOQ&sig=Cg0ArKJSzE3hFM2ibl8tEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.470.1&adurl=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 02 Jul 2021 12:35:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 22DB 0
0 18ms
17ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLi_qAEQ4vqsARjLocmZASABMAE&v=APEucNUsKw2q2wcNsUADKWD_Mc3XpEI1TKjgY2II2hu5ryTw6fMfWibqYqH757EYBC70P8WGZ77M6qz-1bOw4W_eD835eWTwWA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 dot.gif
s0.2mdn.net/ Frame 22DB 43 B
64 B 8ms
6ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 10:48:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
age: 6420
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 03 Jul 2021 10:48:52 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 22DB 35 B
174 B 201ms
50ms Image
image/gif 34.247.125.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiNC4wIiwiY3VzdG9tMyI6IjQuMCIsImN1c3RvbTciOiI0NzI2NjQiLCJjdXN0b204IjoiNTExOTUxNzIiLCJ4c2lkIjoiMGQwYzcxZWUtYWJjOC00ZDM1LWIwYzUtN2FhZmJiOTYwYzhjIn0sImhlYWRlcnMiOnsiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2MjUyMjkzNTEyMDg1NzIxNDYifQ==&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.125.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-125-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:52 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2 200 dc_oe=ChMIjOiQkbPE8QIVMN7eCh3UgAzAEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCKzx-ZCzxPECFZ6VdwodjO4AUA;dc_rmcid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 22DB 42 B
107 B 146ms
72ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 22DB 42 B
66 B 17ms
16ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaYuN2uawrHZgM5XlpRnmiUZqcNv3zKtVewVvA5d1gTMpwYCuci6ndxOPBUEFh9WzinlnZRr-CWgrDtcA00GbCCjDqpz8qXfJCy6l1zX1EHeMb&sai=AMfl-YSsvf-YjnS2Lqu5hcIhQNyBw2jPp8nUusJLbtC3NxPF8TWytIeG5XKVLXwd_F-8RugjtomR_Hqj6p9cChit_lXNeR4RLm_n7tt3TS4uPL-e3IO1xscgJcNVtas&sig=Cg0ArKJSzIq53-yX1_yQEAE&cid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA&id=lidarv&acvw=sv%3D899%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D0,0,0,0,5%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1625229352291%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1625229351349&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 233ms
233ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:52 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 199ms
199ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:52 GMT

GET
H/1.1 200
OK av.png
static.avantisvideo.com/images/ 2 KB
2 KB 19ms
6ms Image
image/png 2a02:26f0:6c00::210:ba12
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.avantisvideo.com/images/av.png
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:52 GMT
Last-Modified: Mon, 25 Jan 2021 10:20:27 GMT
Server: AmazonS3
x-amz-request-id: V58NBT9W3D8WR5VM
ETag: "b8ce0fbf2e3e2f4f74cffe16c3b65adf"
Content-Type: image/png
Access-Control-Allow-Origin: *
CDN-Origin-Protocol: HTTP
Connection: keep-alive
Accept-Ranges: bytes
X-Forward-Proto: http
Content-Length: 1986
x-amz-id-2: TtRC2RP44U+Gl2/qUyhRoENlxJs5wMYUtnROBADENKrjwAaWbDdFz1yMMk99cevOgLO4bJhlbxY=

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
119ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C606f23475c1ec675f91be5cb&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=6.016&vi=0&ofpr=4&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328348&e=impression&cb=1625229349595&ad=6.016&vi=0&d1=vpaid&fv=3&cb=1625229349602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 119ms
119ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C606f23475c1ec675f91be5cb&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=4&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328348&e=start&d1=vpaid&fv=3&cb=1625229349602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 0447 35 B
174 B 50ms
50ms Image
image/gif 34.247.125.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjo0MDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vd3d3LjEyM2dyZWV0aW5ncy5jb20vZXZlbnRzL2ZvdXJ0aF9vZl9qdWx5Lz91dG1fc291cmNlPXJjdnJfZXZlbnQifX0sImNiIjoxNjI1MjI5MzUzNzg2LCJpYXNfc2luZ2xldGFnIjpmYWxzZSwiaGVhZGVycyI6eyJoZWFkZXI4IjoiaWFzbyJ9LCJjdXN0b20iOnsiY3VzdG9tNyI6IjQ3MjY2NCIsImN1c3RvbTgiOiI1MTE5NTE3MiIsImN1c3RvbTExIjoiMjAyMS4wMi4xMS0xMS4wMi0xOTY3NmUwIiwieHNpZCI6IjBkMGM3MWVlLWFiYzgtNGQzNS1iMGM1LTdhYWZiYjk2MGM4YyJ9fQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.125.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-125-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:53 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 111ms
110ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=b37e5528-5b60-f4f0-10d5-63bfd7feef9c&tv=%7Bc:hdv3VF,pingTime:-4,time:1937,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:44%7D,%7Bpiv:97,vs:i,r:,t:1293%7D,%7Bpiv:100,t:1494%7D%5D,ve:%7BvEventCount:27,vEvents:%5B%7Bt:-227,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-52,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-51,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-2,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:107,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:186,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:207,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:343,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:189,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:436,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:437,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:464,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:469,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:605,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:706,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:756,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:955,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1205,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1686,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1936,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:644,o:1293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1287~0,0~75%5D,as:%5B1287~400.225%5D%7D%7D,%7Bsl:i,t:1293,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,443~100%5D,as:%5B644~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:146,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:53 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 dc_oe=ChMIjOiQkbPE8QIVMN7eCh3UgAzAEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCKzx-ZCzxPECFZ6VdwodjO4AUA;dc_rmcid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 22DB 42 B
63 B 114ms
71ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjOiQkbPE8QIVMN7eCh3UgAzAEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCKzx-ZCzxPECFZ6VdwodjO4AUA;dc_rmcid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D296,402,201,200,402%26mtos%3D296,698,899,1099,1501%26amtos%3D0,0,0,0,0%26mcvt%3D899%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1501%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1099%26pst%3D201%26vpaid%26dur%3D6016%26vmtime%3D1467%26dvs%3D899%26dfvs%3D296%26dvpt%3D1501%26is%3D275%26i0%3D274%26i1%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D296,698,899,1099,1501%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D3,2,1,1,6%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483645%26psv%3D2%26psfv%3D2%26psa%3D0%26ptlt%3D1625229353791%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1501;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1625229351349;ecn1=1;etm1=0;eid1=960584;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 22DB 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrBfIJgjfYKzGIp6r3gOM3YOABeuzncJj9MaCipcO8C4QASCwr-IfYNGBuYLQB8gBBakCQblQv2BahT6oAwHIAxOYBACqBNMBT9DJxbaENPU-kduh2nFsQQmXCXuNv0syFIdNzGiP3AsGjJ1L2JFXY21kWMfPYn6PnqJQeQE3S7eNgRupxYonF8P4S-TSZ73JdPCGt_ny0NMfRL7v7_DqC48dzZcSLbkn6sOppZqZwdtWHSHOY7tTmh_AUJr3boGKHLxSHjAtKOf89LeE74o3M78wQW1DUH_xa7lpRnZ4tN5Xt1dbSDFFbGvJuSR5Nqq3a0A3d9N--Zf2b7KhfMXLyKGebwAfLBahTaV9Qn3tTbL_nmnq-aRLY7G8FcAE48O3rdED4AQDkAYBoAZOgAfwzfiCAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATzKL2C8gTjIPF3QPQEwDYEwqIFALYFAHQFQGAFwE&sigh=coSdeAl1MkE&label=videoplaytime25&ad_mt=1710&acvw=sv%3D899%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D296,402,201,200,402%26mtos%3D296,698,899,1099,1501%26amtos%3D0,0,0,0,0%26mcvt%3D899%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1501%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1099%26pst%3D201%26vpaid%26dur%3D6016%26vmtime%3D1467%26dvs%3D899%26dfvs%3D296%26dvpt%3D1501%26is%3D275%26i0%3D274%26i1%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D296,698,899,1099,1501%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D13%26emuc%3D0%26emb%3D3,2,1,1,6%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483645%26psv%3D2%26psfv%3D2%26psa%3D0%26ptlt%3D1625229353791%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1501&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1625229351349&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlAiQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEB6CmEIARIYdmFzdC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg0MTgzMDM0MgkxMzYwMjk3NDBAiwJSIxAEJRKDwEAoAToLMTM2MDI5NzQwLTFCBEdEQ01IjARQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 193ms
192ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:53 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 121ms
120ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C606f23475c1ec675f91be5cb&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=6.016&vi=100&ofpr=4&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328348&e=firstQuartile&ad=6.016&vi=100&d1=vpaid&fv=3&cb=1625229349602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 125ms
124ms XHR
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Jul 2021 12:35:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C606f23475c1ec675f91be5cb&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=6.016&vi=100&ofpr=4&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328348&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1625229349602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjOiQkbPE8QIVMN7eCh3UgAzAEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCKzx-ZCzxPECFZ6VdwodjO4AUA;dc_rmcid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1498,402,201,200,402%26mtos%3D1498,1900,2101,2301,2703%26amtos%3D0,0,0,0,0%26mcvt%3D2101%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2703%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2101%26pst%3D201%26vpaid%26dur%3D6016%26vmtime%3D2471%26dtos%3D2101%26dtoss%3D1%26dvs%3D1202%26dfvs%3D1202%26dvpt%3D1202%26is%3D275%26i0%3D274%26i1%3D275%26ic%3D1%26cs%3D275%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D19%26emuc%3D0%26emb%3D9,2,1,1,6%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D1625229354994%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2703;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1625229351349;ecn1=1;etm1=0;eid1=200000;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 22DB 42 B
66 B 16ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaYuN2uawrHZgM5XlpRnmiUZqcNv3zKtVewVvA5d1gTMpwYCuci6ndxOPBUEFh9WzinlnZRr-CWgrDtcA00GbCCjDqpz8qXfJCy6l1zX1EHeMb&sai=AMfl-YSsvf-YjnS2Lqu5hcIhQNyBw2jPp8nUusJLbtC3NxPF8TWytIeG5XKVLXwd_F-8RugjtomR_Hqj6p9cChit_lXNeR4RLm_n7tt3TS4uPL-e3IO1xscgJcNVtas&sig=Cg0ArKJSzIq53-yX1_yQEAE&cid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA&id=lidarv&acvw=sv%3D899%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1498,402,201,200,402%26mtos%3D1498,1900,2101,2301,2703%26amtos%3D0,0,0,0,0%26mcvt%3D2101%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2703%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2101%26pst%3D201%26vpaid%26dur%3D6016%26vmtime%3D2471%26dtos%3D2101%26dtoss%3D1%26dvs%3D1202%26dfvs%3D1202%26dvpt%3D1202%26is%3D275%26i0%3D274%26i1%3D275%26ic%3D1%26cs%3D275%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D19%26emuc%3D0%26emb%3D9,2,1,1,6%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D1625229354994%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2703&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1625229351349

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 114ms
113ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=b37e5528-5b60-f4f0-10d5-63bfd7feef9c&tv=%7Bc:hdv4hC,pingTime:2,time:3298,type:p,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:44%7D,%7Bpiv:97,vs:i,r:,t:1293%7D,%7Bpiv:100,t:1494%7D%5D,ve:%7BvEventCount:34,vEvents:%5B%7Bt:-227,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-52,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-51,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-2,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:107,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:186,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:207,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:343,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:189,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:436,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:437,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:464,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:469,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:605,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:706,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:756,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:955,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1205,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1686,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1936,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2691,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2706,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3206,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:2005,o:1293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1287~0,0~75%5D,as:%5B1287~400.225%5D%7D%7D,%7Bsl:i,t:1293,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,1804~100%5D,as:%5B2005~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:114,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:55 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 118ms
117ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=b37e5528-5b60-f4f0-10d5-63bfd7feef9c&tv=%7Bc:hdv4jR,pingTime:-4,time:3437,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:44%7D,%7Bpiv:97,vs:i,r:,t:1293%7D,%7Bpiv:100,t:1494%7D%5D,ve:%7BvEventCount:35,vEvents:%5B%7Bt:-227,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-52,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-51,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-2,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:107,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:186,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:207,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:343,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:189,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:436,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:437,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:464,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:469,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:605,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:706,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:756,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:955,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1205,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1686,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1936,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2691,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2706,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3206,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3436,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:2144,o:1293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1287~0,0~75%5D,as:%5B1287~400.225%5D%7D%7D,%7Bsl:i,t:1293,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,1943~100%5D,as:%5B2144~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:127,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:55 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjOiQkbPE8QIVMN7eCh3UgAzAEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCKzx-ZCzxPECFZ6VdwodjO4AUA;dc_rmcid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1798,402,201,200,402%26mtos%3D1798,2200,2401,2601,3003%26amtos%3D0,0,0,0,0%26mcvt%3D2401%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3003%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2401%26pst%3D201%26vpaid%26dur%3D6016%26vmtime%3D2471%26dtos%3D300%26dtoss%3D2%26dvs%3D300%26dfvs%3D300%26dvpt%3D300%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D787%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1502,1502,1502,1502,1502%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D20%26emuc%3D0%26emb%3D10,2,1,1,6%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D1625229355294%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3003;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1625229351349;ecn1=1;etm1=0;eid1=18;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 22DB 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrBfIJgjfYKzGIp6r3gOM3YOABeuzncJj9MaCipcO8C4QASCwr-IfYNGBuYLQB8gBBakCQblQv2BahT6oAwHIAxOYBACqBNMBT9DJxbaENPU-kduh2nFsQQmXCXuNv0syFIdNzGiP3AsGjJ1L2JFXY21kWMfPYn6PnqJQeQE3S7eNgRupxYonF8P4S-TSZ73JdPCGt_ny0NMfRL7v7_DqC48dzZcSLbkn6sOppZqZwdtWHSHOY7tTmh_AUJr3boGKHLxSHjAtKOf89LeE74o3M78wQW1DUH_xa7lpRnZ4tN5Xt1dbSDFFbGvJuSR5Nqq3a0A3d9N--Zf2b7KhfMXLyKGebwAfLBahTaV9Qn3tTbL_nmnq-aRLY7G8FcAE48O3rdED4AQDkAYBoAZOgAfwzfiCAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATzKL2C8gTjIPF3QPQEwDYEwqIFALYFAHQFQGAFwE&sigh=coSdeAl1MkE&label=videoplaytime50&ad_mt=3210&acvw=sv%3D899%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1798,402,201,200,402%26mtos%3D1798,2200,2401,2601,3003%26amtos%3D0,0,0,0,0%26mcvt%3D2401%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3003%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2401%26pst%3D201%26vpaid%26dur%3D6016%26vmtime%3D2471%26dtos%3D300%26dtoss%3D2%26dvs%3D300%26dfvs%3D300%26dvpt%3D300%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D787%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1502,1502,1502,1502,1502%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D20%26emuc%3D0%26emb%3D10,2,1,1,6%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D1625229355294%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3003&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1625229351349&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlAiQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEB6CmEIARIYdmFzdC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg0MTgzMDM0MgkxMzYwMjk3NDBAiwJSIxAEJRKDwEAoAToLMTM2MDI5NzQwLTFCBEdEQ01IjARQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 192ms
192ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:55 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C606f23475c1ec675f91be5cb&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=6.016&vi=100&ofpr=4&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328348&e=midpoint&ad=6.016&vi=100&d1=vpaid&fv=3&cb=1625229349602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:55 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
119ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C606f23475c1ec675f91be5cb&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=6.016&vi=100&ofpr=4&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328348&e=sec3&vi=100&d1=vpaid&fv=3&cb=1625229349602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:55 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 112ms
110ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=b37e5528-5b60-f4f0-10d5-63bfd7feef9c&tv=%7Bc:hdv4kN,pingTime:2,time:3495,type:pf,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:44%7D,%7Bpiv:97,vs:i,r:,t:1293%7D,%7Bpiv:100,t:1494%7D%5D,ve:%7BvEventCount:36,vEvents:%5B%7Bt:-227,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-52,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-51,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-2,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:107,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:186,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:207,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:343,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:189,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:436,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:437,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:464,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:469,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:605,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:706,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:756,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:955,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1205,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1686,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1936,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2691,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2706,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3206,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3436,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3457,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:2203,o:1293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1287~0,0~75%5D,as:%5B1287~400.225%5D%7D%7D,%7Bsl:i,t:1293,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,2002~100%5D,as:%5B2203~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:127,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:55 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 170ms
118ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=b37e5528-5b60-f4f0-10d5-63bfd7feef9c&tv=%7Bc:hdv4kT,pingTime:2,time:3501,type:c,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:44%7D,%7Bpiv:97,vs:i,r:,t:1293%7D,%7Bpiv:100,t:1494%7D%5D,ve:%7BvEventCount:36,vEvents:%5B%7Bt:-227,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-52,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-51,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-2,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:107,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:186,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:207,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:343,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:189,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:436,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:437,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:464,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:469,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:605,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:706,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:756,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:955,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1205,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1686,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1936,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2691,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2706,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3206,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3436,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3457,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:2208,o:1293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1287~0,0~75%5D,as:%5B1287~400.225%5D%7D%7D,%7Bsl:i,t:1293,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,2007~100%5D,as:%5B2208~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:127,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,rmeas:1,rend:1,renddet:env,metricId:publ2,cmr:t%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:55 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 119ms
119ms XHR
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=31145&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349532-952312090252-027726-011-002602&cha=0.7&stagid=&stplid=&cb=51055812248&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Jul 2021 12:35:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 119ms
118ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=b37e5528-5b60-f4f0-10d5-63bfd7feef9c&tv=%7Bc:hdv4I3,pingTime:-4,time:4937,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:44%7D,%7Bpiv:97,vs:i,r:,t:1293%7D,%7Bpiv:100,t:1494%7D%5D,ve:%7BvEventCount:43,vEvents:%5B%7Bt:-227,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-52,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-51,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-2,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:107,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:186,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:207,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:343,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:189,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:436,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:437,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:464,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:469,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:605,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:706,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:756,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:955,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1205,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1686,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1936,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2691,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2706,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3206,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3436,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3457,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3707,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3936,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4936,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:3644,o:1293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1287~0,0~75%5D,as:%5B1287~400.225%5D%7D%7D,%7Bsl:i,t:1293,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,3443~100%5D,as:%5B3644~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:187,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:56 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjOiQkbPE8QIVMN7eCh3UgAzAEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCKzx-ZCzxPECFZ6VdwodjO4AUA;dc_rmcid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D3297,402,201,200,402%26mtos%3D3297,3699,3900,4100,4502%26amtos%3D0,0,0,0,0%26mcvt%3D3900%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4502%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3700%26pst%3D201%26vpaid%26dur%3D6016%26vmtime%3D3717%26dtos%3D1499%26dtoss%3D3%26dvs%3D1499%26dfvs%3D1499%26dvpt%3D1499%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D16777216%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1499,1499,1499,1499,1499%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D17,2,1,1,6%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483633%26psv%3D14%26psfv%3D14%26psa%3D0%26ptlt%3D1625229356792%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4502;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1625229351349;ecn1=1;etm1=0;eid1=960585;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 22DB 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrBfIJgjfYKzGIp6r3gOM3YOABeuzncJj9MaCipcO8C4QASCwr-IfYNGBuYLQB8gBBakCQblQv2BahT6oAwHIAxOYBACqBNMBT9DJxbaENPU-kduh2nFsQQmXCXuNv0syFIdNzGiP3AsGjJ1L2JFXY21kWMfPYn6PnqJQeQE3S7eNgRupxYonF8P4S-TSZ73JdPCGt_ny0NMfRL7v7_DqC48dzZcSLbkn6sOppZqZwdtWHSHOY7tTmh_AUJr3boGKHLxSHjAtKOf89LeE74o3M78wQW1DUH_xa7lpRnZ4tN5Xt1dbSDFFbGvJuSR5Nqq3a0A3d9N--Zf2b7KhfMXLyKGebwAfLBahTaV9Qn3tTbL_nmnq-aRLY7G8FcAE48O3rdED4AQDkAYBoAZOgAfwzfiCAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATzKL2C8gTjIPF3QPQEwDYEwqIFALYFAHQFQGAFwE&sigh=coSdeAl1MkE&label=videoplaytime75&ad_mt=4710&acvw=sv%3D899%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D3297,402,201,200,402%26mtos%3D3297,3699,3900,4100,4502%26amtos%3D0,0,0,0,0%26mcvt%3D3900%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4502%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3700%26pst%3D201%26vpaid%26dur%3D6016%26vmtime%3D3717%26dtos%3D1499%26dtoss%3D3%26dvs%3D1499%26dfvs%3D1499%26dvpt%3D1499%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D16777216%26cs%3D16778003%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1499,1499,1499,1499,1499%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D17,2,1,1,6%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483633%26psv%3D14%26psfv%3D14%26psa%3D0%26ptlt%3D1625229356792%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4502&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1625229351349&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlAiQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEB6CmEIARIYdmFzdC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg0MTgzMDM0MgkxMzYwMjk3NDBAiwJSIxAEJRKDwEAoAToLMTM2MDI5NzQwLTFCBEdEQ01IjARQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 192ms
191ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:56 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
119ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C606f23475c1ec675f91be5cb&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=6.016&vi=100&ofpr=4&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328348&e=thirdQuartile&ad=6.016&vi=100&d1=vpaid&fv=3&cb=1625229349602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:56 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 0447 35 B
174 B 52ms
51ms Image
image/gif 34.247.125.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjo0MDYsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vd3d3LjEyM2dyZWV0aW5ncy5jb20vZXZlbnRzL2ZvdXJ0aF9vZl9qdWx5Lz91dG1fc291cmNlPXJjdnJfZXZlbnQifX0sImNiIjoxNjI1MjI5MzU4MDkwLCJpYXNfc2luZ2xldGFnIjpmYWxzZSwiaGVhZGVycyI6eyJoZWFkZXI4IjoiaWFzbyJ9LCJjdXN0b20iOnsiY3VzdG9tNyI6IjQ3MjY2NCIsImN1c3RvbTgiOiI1MTE5NTE3MiIsImN1c3RvbTExIjoiMjAyMS4wMi4xMS0xMS4wMi0xOTY3NmUwIiwieHNpZCI6IjBkMGM3MWVlLWFiYzgtNGQzNS1iMGM1LTdhYWZiYjk2MGM4YyJ9fQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.125.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-125-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:58 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 122ms
120ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=b37e5528-5b60-f4f0-10d5-63bfd7feef9c&tv=%7Bc:hdv538,pingTime:-4,time:6244,type:m,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:44%7D,%7Bpiv:97,vs:i,r:,t:1293%7D,%7Bpiv:100,t:1494%7D%5D,ve:%7BvEventCount:52,vEvents:%5B%7Bt:-227,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-52,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-51,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-2,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:107,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:186,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:207,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:343,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:189,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:436,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:437,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:464,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:469,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:605,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:706,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:756,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:955,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1205,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1686,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1936,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2691,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2706,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3206,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3436,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3457,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3707,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3936,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4936,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4936,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5206,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5456,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5956,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6186,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:6205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6240,tp:adVideoComplete,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:4951,o:1293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1287~0,0~75%5D,as:%5B1287~400.225%5D%7D%7D,%7Bsl:i,t:1293,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,4751~100%5D,as:%5B4952~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:123,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:58 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 118ms
117ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=b37e5528-5b60-f4f0-10d5-63bfd7feef9c&tv=%7Bc:hdv53e,pingTime:-1,time:6250,type:u,clog:%5B%7Bpiv:0,vs:o,r:l.v,w:400,h:225,t:44%7D,%7Bpiv:97,vs:i,r:,t:1293%7D,%7Bpiv:100,t:1494%7D%5D,ve:%7BvEventCount:52,vEvents:%5B%7Bt:-227,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-52,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-51,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-2,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:107,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:186,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:207,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:343,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:437,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:189,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:436,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:437,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:461,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:462,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:464,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:469,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:555,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:605,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:706,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:756,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:955,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1205,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1686,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1936,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2691,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:2706,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3206,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3436,tp:adVideoMidpoint,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3457,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3707,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:3936,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:3955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4455,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:4936,tp:adVideoThirdQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4936,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:4955,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5206,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5456,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5705,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:5956,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6186,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:6205,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:6240,tp:adVideoComplete,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,ndt:8,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:4957,o:1293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:44,wc:0.0.1600.1200,ac:1200.1199.400.225,am:v,cc:1200.1199.400.225,piv:0,obst:0,th:0,reas:l.v,bkn:%7Bpiv:%5B1287~0,0~75%5D,as:%5B1287~400.225%5D%7D%7D,%7Bsl:i,t:1293,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,4757~100%5D,as:%5B4958~400.225%5D%7D%7D%5D,slEventCount:2,em:false,fr:true,e:,tt:fwjsvid,dtt:123,metricIdList:%5Bpubl2%5D,fm:sC0EJsK+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r1%7C1s%7C1t1%7C1u%7C1v1%7C1w%7C1x1%7C1y%7C1z1%7C110%7C111%7C112%7C113%7C1141%7C115%7C1161%7C117%7C1181%7C119,idMap:1*,rmeas:1,rend:1,renddet:env,lt:2%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:58 GMT
X-Server-Name: dt36.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjOiQkbPE8QIVMN7eCh3UgAzAEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCKzx-ZCzxPECFZ6VdwodjO4AUA;dc_rmcid=CAASEuRoXZacs7m3pwDuS7Jz_r23yA;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D1199,1200,1424,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26p3%3D975,1200,1200,1600%26tos%3D4623,402,201,200,402%26mtos%3D4623,5025,5226,5426,5828%26amtos%3D0,0,0,0,0%26mtos1%3D296,603,602%26mtos2%3D1502,0,0%26mtos3%3D1499,0,0%26mcvt%3D5226%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5828%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D4703%26pst%3D201%26vpaid%26dur%3D6016%26vmtime%3D5967%26dtos%3D1326%26dtoss%3D4%26dvs%3D1326%26dfvs%3D1326%26dvpt%3D1326%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1326,1326,1326,1326,1326%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D34%26emuc%3D0%26emb%3D24,2,1,1,6%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483585%26psv%3D62%26psfv%3D62%26psa%3D0%26ptlt%3D1625229358119%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5828%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04%26ss3%3D0.04;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1625229351349;ecn1=1;etm1=0;eid1=13;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 22DB 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CrBfIJgjfYKzGIp6r3gOM3YOABeuzncJj9MaCipcO8C4QASCwr-IfYNGBuYLQB8gBBakCQblQv2BahT6oAwHIAxOYBACqBNMBT9DJxbaENPU-kduh2nFsQQmXCXuNv0syFIdNzGiP3AsGjJ1L2JFXY21kWMfPYn6PnqJQeQE3S7eNgRupxYonF8P4S-TSZ73JdPCGt_ny0NMfRL7v7_DqC48dzZcSLbkn6sOppZqZwdtWHSHOY7tTmh_AUJr3boGKHLxSHjAtKOf89LeE74o3M78wQW1DUH_xa7lpRnZ4tN5Xt1dbSDFFbGvJuSR5Nqq3a0A3d9N--Zf2b7KhfMXLyKGebwAfLBahTaV9Qn3tTbL_nmnq-aRLY7G8FcAE48O3rdED4AQDkAYBoAZOgAfwzfiCAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA5gLAcgLAYAMAbATzKL2C8gTjIPF3QPQEwDYEwqIFALYFAHQFQGAFwE&sigh=coSdeAl1MkE&label=videoplaytime100&ad_mt=6016&acvw=sv%3D899%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D1199,1200,1424,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26p3%3D975,1200,1200,1600%26tos%3D4623,402,201,200,402%26mtos%3D4623,5025,5226,5426,5828%26amtos%3D0,0,0,0,0%26mtos1%3D296,603,602%26mtos2%3D1502,0,0%26mtos3%3D1499,0,0%26mcvt%3D5226%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5828%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D4703%26pst%3D201%26vpaid%26dur%3D6016%26vmtime%3D5967%26dtos%3D1326%26dtoss%3D4%26dvs%3D1326%26dfvs%3D1326%26dvpt%3D1326%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16778003%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1326,1326,1326,1326,1326%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1092%26femvt%3D0%26emc%3D34%26emuc%3D0%26emb%3D24,2,1,1,6%26avms%3Dexc%26qi%3D887810133%26psm%3D-2147483585%26psv%3D62%26psfv%3D62%26psa%3D0%26ptlt%3D1625229358119%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5828%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04%26ss3%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1625229351349&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlAiQMKOAgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEB6CmEIARIYdmFzdC5hZHNhZmVwcm90ZWN0ZWQuY29tGgNEQ00gBCoJNDg0MTgzMDM0MgkxMzYwMjk3NDBAiwJSIxAEJRKDwEAoAToLMTM2MDI5NzQwLTFCBEdEQ01IjARQAGABGAE.

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 192ms
191ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:58 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C606f23475c1ec675f91be5cb&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=6.016&vi=100&ofpr=4&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328348&e=complete&ad=6.016&vi=100&d1=vpaid&fv=3&cb=1625229349602
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 9C0F 0
54 B 683ms
382ms Ping
image/gif 2404:6800:4006:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kqmblci1&c=8330245361517&slotId=4165122680758.5&qqid=CK64-ZCzxPECFfrKuwgdfqYI5g&gqid=JgjfYO7UIM-f7_UPhbOauA0&fb=ima_html5-lima&sdkv=h.3.470.1&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&wta=1&ghmsh_eids=44731964%2C44737473&vmfc=1&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4006:812::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9C0F 42 B
64 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9C0F 42 B
64 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
pubads.g.doubleclick.net/pagead/ Frame 9C0F 0
0 47ms
47ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubads.g.doubleclick.net/pagead/adview?ai=CKKCbJgjfYK6NIvqV7_UP_syisA7rs53CY_TGgoqXDvAuEAEgsK_iH2DRgbmC0AfIAQWpAkG5UL9gWoU-qAMByAMTmAQAqgTQAU_QCrXBaU8rjrydWHZ4EdIcXp7caLLInIW3alJEMYLrOuLkBPv2Y2LA7sYyiPmsqytweRRGZELKImDDK59FTKkCAsofICNgcNfFL_H6agwIrb5sGZ66bA_g9JDmviNm6ZXe2gPxOZ2TUJT8GYMj9WQ_xrHSoU5Lpd0y-fJn9CoCCzM_WxR_lPTlliA9D1H-qwIA8h0XMrfaq0LdsgL_2Ma2UfuwPgixfwedgyFla9m-kb-EaeyyXrJrYuf7EVuTJnUWFUz9ioGDOqI0PVipipfABOPDt63RA-AEA4gFiYWvgDOSBQYIAxABGAGSBQYIGxADGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB_DN-IIBqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RvYBwDyBwsQkODvARjLocmZAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzY5MjMzNzc2NTkyNzg5OIAKA8gLAbATzKL2C8gTjIPF3QPQEwDYEwqIFALYFAHQFQGAFwGyFxoKGAgAEhRwdWItNTcxNzA5MjUzMzkxMzUxNQ&sigh=xefGTtIvLHY&cmd=Ch1jYS12aWRlby1wdWItNTcxNzA5MjUzMzkxMzUxNRAAGAI&cid=CAQSOwCNIrLMH7wO_62hsDGHPyumyPSD9JSTXwq3S4IldxGYvw0G2YX2NhIyiWzhl8ZknSHVjUtFK7Rcnyu1&vt=10&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlA4AIKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEDQAQpcCAESGHZhc3QuYWRzYWZlcHJvdGVjdGVkLmNvbRoDRENNIAQqCTQ4NDE4MzAzNDIJMTM2MDI5NzQwQPsBUh4lAADAQCgBOgsxMzYwMjk3NDAtMUIER0RDTVAAYAEYAQ..
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D180 51 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cccb343946d6d59be6a51396e1ee093d75165121c9eb86a1bc84c0e1d4a2bdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:26:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 21:18:22 GMT
server: sffe
age: 539
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18540
x-xss-protection: 0
expires: Fri, 02 Jul 2021 12:41:59 GMT

GET
H2 200 vpaid.2021.02.11-11.02-19676e0.js Show response
static.adsafeprotected.com/ias/v1/ Frame D180 176 KB
42 KB 56ms
56ms Script
application/javascript 52.17.241.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 40ca98c145bf27de21e87e43748da8e926d8986e851f3e6747cafc4da373bca2

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:58 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 16:29:40 GMT
server: nginx/1.16.1
age: 16115
etag: W/"14bdef8489e0d98a23c89039d178011f"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/472664/51195172/ 40 B
386 B 54ms
53ms XHR
application/javascript 99.81.129.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/472664/51195172/skeleton.js?videoId=0f765c2c43cee5574128c4e292f50062&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&adsafe_type=abdq&adsafe_jsinfo=br:u
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.129.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-129-224.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
content-encoding: gzip
x-server-name: app13.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: X-Server-Name
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/fwjsvid/st/472664/51195172/ 227 KB
75 KB 55ms
55ms Script
application/javascript 99.81.129.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/fwjsvid/st/472664/51195172/skeleton.js?videoId=0f765c2c43cee5574128c4e292f50062&xmapp=0&xmtp=v&xsId=2db71a58-7b4b-47ea-b23e-9176b1914e0b&adsafe_par=&logTestResults=false
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/ias/v1/vpaid.2021.02.11-11.02-19676e0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.129.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-129-224.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4b55487d2725589aa3eb97e26b94afdd8a3a18f251f2a150c44d49052b242558

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
content-encoding: gzip
x-server-name: app23.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29

206

https://gcdn.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,i...

102 KB
0

7ms
6ms

Media
video/mp4

2a00:1450:4001:3d::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20852359DDBB7D702DD7C8DEFD2A33E78F24F1D7.1F5CA2CFF5C12EB9FA1B1B502C56D2088A1E3B38/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625228915/mv/m/mvi/3/pl/49/file/file.mp4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:3d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 10 Aug 2020 03:45:07 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-454120/454121
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 454121
expires: Fri, 02 Jul 2021 12:35:58 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/20852359DDBB7D702DD7C8DEFD2A33E78F24F1D7.1F5CA2CFF5C12EB9FA1B1B502C56D2088A1E3B38/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625228915/mv/m/mvi/3/pl/49/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

206

https://gcdn.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,i...

443 KB
444 KB

7ms
6ms

Media
video/mp4

2a00:1450:4001:3d::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/66286BD766FE7917CD3BA414FDB9FACF0A61CEBF.4522EE950FE7641CBA5EF7D22BD1D692A4419624/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625228915/mv/m/mvi/3/pl/49/file/file.mp4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:3d::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f3719a162c105abe14ab92b0e048d69214856bbe06eb2979c3b6e33bf74ac957

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
last-modified: Mon, 10 Aug 2020 03:45:07 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-454120/454121
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 454121
expires: Fri, 02 Jul 2021 12:35:58 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-4g5ednz7.c.2mdn.net/videoplayback/id/8f5e6d4744ac175c/itag/342/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3741479110/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/66286BD766FE7917CD3BA414FDB9FACF0A61CEBF.4522EE950FE7641CBA5EF7D22BD1D692A4419624/key/cms1/cms_redirect/yes/mh/7Q/mip/2a01:4f8:192:5414::2/mm/42/mn/sn-4g5ednz7/ms/onc/mt/1625228915/mv/m/mvi/3/pl/49/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9C0F 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.470.1_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277947
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jun 2022 07:23:31 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9C0F 42 B
64 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQGuDJgjfYK6NIvqV7_UP_syisA7rs53CY_TGgoqXDvAuEAEgsK_iH2DRgbmC0AfIAQWpAkG5UL9gWoU-qAMByAMTmAQAqgTTAU_QCrXBaU8rjrydWHZ4EdIcXp7caLLInIW3alJEMYLrOuLkBPv2Y2LA7sYyiPmsqytweRRGZELKImDDK59FTKkCAsofICNgcNfFL_H6agwIrb5sGZ66bA_g9JDmviNm6ZXe2gPxOZ2TUJT8GYMj9WQ_xrHSoU5Lpd0y-fJn9CoCCzM_WxR_lPTlliA9D1H-qwIA8h0XMrfaq0LdsgL_2Ma2UfuwPgixfwedgyFla9m-kb-EabSzrBz4mNxp-OhbQcDeTpk2sV1ICSmlD9MQxI_MogDABOPDt63RA-AEA5AGAaAGToAH8M34ggGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgOYCwHICwGADAGwE8yi9gvIE4yDxd0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=bXrMJ3UCqDo&label=vast_creativeview&ad_mt=0&acvw=sv%3D899%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D-1%26vmtime%3D-1%26is%3D0%26cs%3D0%26c%3D0%26mc%3D-1%26nc%3D-1%26mv%3D-1%26nv%3D-1%26lte%3D-2%26ces%26femt%3D7893%26femvt%3D0%26emc%3D1%26emuc%3D0%26emb%3D1,0,0,0,0%26avms%3Dexc%26qi%3D5142188%26psm%3D0%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1625229358318%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1625229358172&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlA4AIKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEDQAQphCAESGHZhc3QuYWRzYWZlcHJvdGVjdGVkLmNvbRoDRENNIAQqCTQ4NDE4MzAzNDIJMTM2MDI5NzQwQPsBUiMQBCUAAMBAKAE6CzEzNjAyOTc0MC0xQgRHRENNSJwBUABgARgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame D392 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://imasdk.googleapis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imasdk.googleapis.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8727
date: Tue, 29 Jun 2021 07:24:12 GMT
expires: Wed, 29 Jun 2022 07:24:12 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 277906
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/db2/video/472664/51195172/ 91 B
314 B 51ms
50ms Script
application/javascript 99.81.129.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/db2/video/472664/51195172/skeleton.js?ias_callback=__IntegralAS_62864aa72ee6218bc77c91d57c1fdf0f_703&videoId=0f765c2c43cee5574128c4e292f50062&xmapp=0&xmtp=v&xsId=2db71a58-7b4b-47ea-b23e-9176b1914e0b&adsafe_par=&logTestResults=false&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Ffourth_of_july%2F%3Futm_source%3Drcvr_event&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.123greetings.com%2F&adsafe_type=f&adsafe_jsinfo=,id:62864aa7-2ee6-218b-c77c-91d57c1fdf0f,c:hdv57r,sl:outOfView,em:false,fr:true,mn:app23ie,pt:2-5-15,wc:0.0.1600.1200,ac:1200.1033.400.225,am:v,cc:1200.1033.400.225,piv:74,obst:0,th:0,reas:v,br:u,abv:na,an:n,oam:0,vc:jv3,scm:publ2,nbld:0,mtim:2,fm:sC0EL9q+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l1%7C1m1%7C1n1%7C1o%7C1p,idMap:1*,pl:,rmeas:1,rend:1,renddet:env,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:fwjsvid,thd:1,et:21,oid:0d4b2bd4-db32-11eb-be6f-0ad2739237b2,v:19.8.212,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/fwjsvid/st/472664/51195172/skeleton.js?videoId=0f765c2c43cee5574128c4e292f50062&xmapp=0&xmtp=v&xsId=2db71a58-7b4b-47ea-b23e-9176b1914e0b&adsafe_par=&logTestResults=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.129.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-129-224.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 449b8777ff7d8e8f848377e77e812623d0c7cce48074ef2d131dac2ad4988305

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
content-encoding: gzip
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: application/javascript;charset=utf-8
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame CC05 82 KB
21 KB 54ms
54ms Script
application/javascript 52.17.241.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:58 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 1615574
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 111ms
111ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=62864aa7-2ee6-218b-c77c-91d57c1fdf0f&tv=%7Bc:hdv583,pingTime:-2,time:59,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:14839,beZ:14840,mfA:14841,cmA:14843,inA:14843,inZ:14847,prA:14847,prZ:14856,si:14861,poA:14862,poZ:14877,cmZ:14877,mfZ:14877,loA:14890,loZ:14891,ltA:14898,ltZ:14898%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:74,vs:o,r:v,w:400,h:225,t:20%7D,%7Bpiv:71,t:50%7D%5D,ve:%7BvEventCount:3,vEvents:%5B%7Bt:-53,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-30,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-28,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:59,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:1200.1041.400.225,am:v,cc:1200.1041.400.225,piv:71,obst:0,th:0,reas:v,bkn:%7Bpiv:%5B54~50%5D,as:%5B54~400.225%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:fwjsvid,dtt:0,fm:sC0EL9q+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l1%7C1m1%7C1n1%7C1o%7C1p,idMap:1*,rmeas:1,rend:1,renddet:env,slid:%5BAVplayer2,videoslot,slot,av-inner,av-container,avntsPlayer0gui,avntsPlayer0,avantisContainer0,vid-container0%5D,sinceFw:36,readyFired:true%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:35:58 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js Show response
pagead2.googlesyndication.com/bg/ Frame D392 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rHFBlN4oL05Ux9gYvr7a9rbt1s0P-Z7gKSgB9mRTgDU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac714194de282f4e54c7d818bebedaf6b6edd6cd0ff99ee0292801f664538035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 08:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5752
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 16:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Jul 2022 08:54:34 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D392 0
22 B 41ms
40ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.3.470.1&bgai=ByVCEJgjfYPO9Ob-B2fcP-rqegAYAAAAAOAHgBAI&bg=!AQKlAkbNAAYo4NJEKOA7ACkAdvg8Wttke5j8ZPKJg3f1imrvgdJPWTuKr5JDr-Rp16qUDTxWrxlUBwIAAACsUgAAAA1oAQeZAqu1a32iJV3zOjjNrxykattE5G_sfOHB3yVAKOPenbZaNFN3EO-W2p3eyesT1eZXG5RXW0FQgrWMRZcwDQ8V-_D-SJy_iqnLTCwPpUCGAwUEswkoQiTNVrIdGxihlKUAIkcp1EeogOh2RMmc3_UoU9EVLvtdw79le6NdnsC7yUD7pYQuAMm2da92ImdhajC-tc6-fcQiaFTI-tX85g4iGsbhgfPteDEHZZOh_r2pQoewwoZt5fPw74_235LJMleJS-fJ1z5TwV1VrusGHuD9l3XpJZSQzuHJ8EDAZ9jES2cy-3epDorMNNFo1UDwv8fJrn2P0P6Mko3OUsuuiF3wDH45JJC0lGDfu8m5DFfBR1ENcBcNOV0oyRnfA8uUmFEC7No2FwOxjakcWfsA3mPpzZIZ9hiDrIisZdftECaI2FppG-eWq3nhUMktJ5Fno-nCttq4-3O60lJiDuoiGEzAjd27ua5gwUprTH3b4ejruH8XQ2kThL8xx5_lHA8CxX_y2V45-7mMjiUhki2qAKqYBAJrlnJMOgIVyTFpQafya3ckYF54nyCqtUbUZG358XRYzCz13H11eT1GmCePn4EHD9X0XnPH62dAiOBSaodQEhbMw2dsGSFsW5mPbcvK4jNKjJEGYOV4DQ2Wu-8pJMR6tzP8mmlqO82AqVXJhF3QHJtprwTsMiku1Qh8tR5K9_6srDeUHG4mEVQmGxz0JiHEF6b7eb5ZY63CLlO1DfRBWz-AVrRlz50oOKVqxD3ExmgzEbHlADUncmgsPar8uE-DPNdpPEJIYmXL10Ubf4T5tKxcwHVzAFze1vkmHdA02LzHqOOnJky6s053kVXW6Vh7VjRChJfeW82vJxCVNDSvP4gXXsxqM09yuXUUH6umcSTPgn4w8E89_4s1v_cajg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame D180 35 B
174 B 51ms
51ms Image
image/gif 34.247.125.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjozMDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vd3d3LjEyM2dyZWV0aW5ncy5jb20vZXZlbnRzL2ZvdXJ0aF9vZl9qdWx5Lz91dG1fc291cmNlPXJjdnJfZXZlbnQifX0sImNiIjoxNjI1MjI5MzU4NjQ0LCJpYXNfc2luZ2xldGFnIjpmYWxzZSwiaGVhZGVycyI6eyJoZWFkZXI4IjoiaWFzbyJ9LCJjdXN0b20iOnsiY3VzdG9tNyI6IjQ3MjY2NCIsImN1c3RvbTgiOiI1MTE5NTE3MiIsImN1c3RvbTExIjoiMjAyMS4wMi4xMS0xMS4wMi0xOTY3NmUwIiwieHNpZCI6IjJkYjcxYTU4LTdiNGItNDdlYS1iMjNlLTkxNzZiMTkxNGUwYiJ9fQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.125.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-125-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:58 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H2

200

skeleton.js
static.adsafeprotected.com/
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/472664/51195172/skeleton.js?videoId=0f765c2c43cee5574128c4e292f50062&xmapp=0&xmtp=v&xsId=2db71a58-7b4b-47ea-b23e-9176b1914e0b&adsafe_par=&logTestResults=fal...
https://static.adsafeprotected.com/skeleton.js?videoId=0f765c2c43cee5574128c4e292f50062&xmapp=0&xmtp=v&xsId=2db71a58-7b4b-47ea-b23e-9176b1914e0b

17 B
17 B

50ms
50ms

Image
application/javascript

52.17.241.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.js?videoId=0f765c2c43cee5574128c4e292f50062&xmapp=0&xmtp=v&xsId=2db71a58-7b4b-47ea-b23e-9176b1914e0b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.241.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-241-173.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:58 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 10371228
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-server-name: app25.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?videoId=0f765c2c43cee5574128c4e292f50062&xmapp=0&xmtp=v&xsId=2db71a58-7b4b-47ea-b23e-9176b1914e0b
cache-control: no-cache
content-length: 0
server: nginx

GET
H3-29 200 dc_oe=ChMI8-iQkbPE8QIVv0D2CB16nQdgEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCK64-ZCzxPECFfrKuwgdfqYI5g;dc_rmcid=CAASEuRoK-eRVevoidxGc036Bm-EDQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3D...
ade.googlesyndication.com/ddm/activity/ Frame 9C0F 42 B
63 B 71ms
71ms Image
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8-iQkbPE8QIVv0D2CB16nQdgEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCK64-ZCzxPECFfrKuwgdfqYI5g;dc_rmcid=CAASEuRoK-eRVevoidxGc036Bm-EDQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1138,1200,1363,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0.27%26mc%3D0.27%26nc%3D0.27%26mv%3D0%26nv%3D0%26lte%3D0.27%26ces%26femt%3D7893%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,1,0,1%26avms%3Dexc%26qi%3D5142188%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1625229358650%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1625229358172;dc_rfl=1,https%253A%252F%252Fwww.123greetings.com%252Fevents%252Ffourth_of_july%252F%253Futm_source%253Drcvr_event%240;ecn1=1;etm1=0;eid1=11;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9C0F 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQGuDJgjfYK6NIvqV7_UP_syisA7rs53CY_TGgoqXDvAuEAEgsK_iH2DRgbmC0AfIAQWpAkG5UL9gWoU-qAMByAMTmAQAqgTTAU_QCrXBaU8rjrydWHZ4EdIcXp7caLLInIW3alJEMYLrOuLkBPv2Y2LA7sYyiPmsqytweRRGZELKImDDK59FTKkCAsofICNgcNfFL_H6agwIrb5sGZ66bA_g9JDmviNm6ZXe2gPxOZ2TUJT8GYMj9WQ_xrHSoU5Lpd0y-fJn9CoCCzM_WxR_lPTlliA9D1H-qwIA8h0XMrfaq0LdsgL_2Ma2UfuwPgixfwedgyFla9m-kb-EabSzrBz4mNxp-OhbQcDeTpk2sV1ICSmlD9MQxI_MogDABOPDt63RA-AEA5AGAaAGToAH8M34ggGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgOYCwHICwGADAGwE8yi9gvIE4yDxd0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=bXrMJ3UCqDo&label=part2viewed&ad_mt=190&acvw=sv%3D899%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1138,1200,1363,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0.27%26mc%3D0.27%26nc%3D0.27%26mv%3D0%26nv%3D0%26lte%3D0.27%26ces%26femt%3D7893%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,1,0,1%26avms%3Dexc%26qi%3D5142188%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1625229358650%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1625229358172&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlA4AIKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEDQAQphCAESGHZhc3QuYWRzYWZlcHJvdGVjdGVkLmNvbRoDRENNIAQqCTQ4NDE4MzAzNDIJMTM2MDI5NzQwQPsBUiMQBCUSg8BAKAE6CzEzNjAyOTc0MC0xQgRHRENNSJwBUABgARgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C0F 0
22 B 40ms
38ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9C0F 0
24 B 53ms
52ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuVx23mQ4FYYe4tMD00Dp3MiOO2RMmWq74aWSqe6vgBEJuQlxbRwCJEYbz9GZi7uM7fKjmU6swd7rZwf5FwKVvyyVxS9-M0xX5UXGZhgxXOZHkFawOkrF-Mi0fbMKaZDsUVlsG0eGMVBadj3o6AvbA8xCoVmji2SmMo_IDvmLdanxrfYTepM0yci0EmtVYU7q7kSp-FvXu2pLN7M-vrwvq4ESNFiyWpVzHyzg-Q6LHtYCWM3S6g5_QaHgzKfi_fYCnl9Fq_qjqiSHkMZKEtSI47sYK4waIV1HzlZyXsh8s_GSFQK8_QdC__v95CrStU6DspYbjkvcSosJhfesHxHhkHG_0s2AkScZ-VU6If1rCZ20_IjsjJJclWQlSUi11ncd4ijhrHL766xU4ql4CUqlZ-NL8EvHnT8FczpsvUzMrrT9dx-EyF0XxL9G_fxCLHL9tYMFCR9k4V5mxR2UliHCf2RyMQuTljM3DV3LTVXynY9HjHbFBqsWNgGMQV6vRWPFugjugfw1g1YjhImZNUzGyq6mIu7CKO6FVATIEpcA4pVoZHW8augt1ow2eSUSy25G9H06zX4G_yV9p3b5K0jkajd-Q95JMvXaRWfEtUWwfVVYbZRV0xoV77E_hZaY4Ki7MDnfbCY241Nfu7AQ0SN-ptAg9G5qkYcUPmzbRHu0WfTZFpYHcvt7w88rdDVGywdnvN38rDxSySfcdUG7rau6xaNSoen6UY_BsSXdyAwLwtlr__FkOcCmw9cLPfOSziqUB4egwo4nfOu5wBqpsKF-9lRPzzzj3WvlauPFoQo0hd1Mb_VDtjf1aO0BFCj5k3RFt2HeG5khYARbJcI6YeFnO816r_Y-50cJG6QTs8GYAup70dr4EGFiTDNOO6sXWfD9sqRuNnGsg9aIrZTCNGVkl2wt8WHzmT-RxkOOcXfu5Sda1JQPX8f6kar_pW6hrWtrwR0F1GRGz62dopWCgm5_WqtnA-KvHm_9HSSrs7RxwByc7n3TtnI7CNjiHG2pDc1Do1Gs1ExEcfLiJZDEShwMopzGQNpGlffll9a4mE2ayBvtXLdYQs30dS_6HzQJdf46s6NE84o_sYRuqpjR0F8APeOkXrqxvepRyuCvWbTC7EwxqqkofxDLcJLKsUJpDRAhKhrzn--wzE30_Bti8SYTN8tcZBqNW1M6q1&sai=AMfl-YQ4MCbEkhbFIOWsF7hSHDr0JLbUBi19kxoy1lrAqVfewdGUYy0bVFcXU_WQfRod9Ttn1kwvqLmyoBZ-58_PbaVrW-jwUswNPNFXR_yQxJPfe6a2LsQbDFRbtSS0S0ztccZj3MG0ed7gHydb8AuWMdgbXVgwtw&sig=Cg0ArKJSzKWYmISiu9AiEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.470.1&adurl=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 02 Jul 2021 12:35:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 9C0F 0
0 17ms
16ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLi_qAEQ4vqsARjLocmZASABMAE&v=APEucNVVhyVQw_d6IXBkr-W66NmFS0P9TaUWOLKknb6TNcgx7fGXauQvmJINGUfi3Q55E7rzNhKZmqsqoGm8lmwj3MW5BkaGGg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 dot.gif
s0.2mdn.net/ Frame 9C0F 43 B
64 B 9ms
7ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 10:48:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
age: 6426
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sat, 03 Jul 2021 10:48:52 GMT

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame 9C0F 35 B
174 B 51ms
50ms Image
image/gif 34.247.125.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjoiU0VDT05EQVJZX0lNUFJFU1NJT04iLCJwdWJsaXNoZXJVdWlkIjoiYTVkYjAyYjAtMmI3OC00OWEzLTg0ZmYtMDA1NTlkNjk3Y2I5Iiwic2l0ZVV1aWQiOiJhZmRkZWY1ZC1jMjA0LTQwYTktYjRmYi05NjVhMTQ1ZDA2OTYiLCJiaWRSZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vaW1hc2RrLmdvb2dsZWFwaXMuY29tLyJ9fSwiY3VzdG9tIjp7ImN1c3RvbTEiOiIiLCJjdXN0b20yIjoiNC4wIiwiY3VzdG9tMyI6IjQuMCIsImN1c3RvbTciOiI0NzI2NjQiLCJjdXN0b204IjoiNTExOTUxNzIiLCJ4c2lkIjoiMmRiNzFhNTgtN2I0Yi00N2VhLWIyM2UtOTE3NmIxOTE0ZTBiIn0sImhlYWRlcnMiOnsiaGVhZGVyMTEiOiJEQ00iLCJoZWFkZXIxMiI6ImFkLmRvdWJsZWNsaWNrLm5ldCIsImhlYWRlcjgiOiJpYXNvIiwiaGVhZGVyOSI6IiJ9LCJjYiI6IjE2MjUyMjkzNTEyMTIzMzUzNTkifQ==&key1=ROKU_ADS_APP_ID&key2=$APP_STOREURL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.125.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-125-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:35:58 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8-iQkbPE8QIVv0D2CB16nQdgEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCK64-ZCzxPECFfrKuwgdfqYI5g;dc_rmcid=CAASEuRoK-eRVevoidxGc036Bm-EDQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1138,1200,1363,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0.27%26mc%3D0.27%26nc%3D0.27%26mv%3D0%26nv%3D0%26lte%3D0.27%26ces%26femt%3D7893%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,1,0,1%26avms%3Dexc%26qi%3D5142188%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1625229358647%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1625229358172;ecn1=1;etm1=0;eid1=200101;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9C0F 42 B
66 B 42ms
41ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTnuxfT4Oa-bZoPS_hnfZB-brxDKh0kF0IsiMJmt8GJf0IKOKYmInIV0yghJJvhtX6d9-YCwV9bRJKfb3uT-XYsRWf9_nN4-lRNZ7qH8iESb0s&sai=AMfl-YQfftOKvlxBH8dYwibIkqIAYNGnU3Fnk-nZ6iCcKbwLGAWhbzJivdfugCBSOEzfbb0tKWCTvCzANQMlpKiwDgB7pyNo0Y-MQcSF-hBbmk4VvBT8nesrcg3Z384&sig=Cg0ArKJSzFTMPWmm9HgMEAE&cid=CAASEuRoK-eRVevoidxGc036Bm-EDQ&id=lidarv&acvw=sv%3D899%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1138,1200,1363,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26vpaid%26dur%3D6016%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0.27%26mc%3D0.27%26nc%3D0.27%26mv%3D0%26nv%3D0%26lte%3D0.27%26ces%26femt%3D7893%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D1,0,1,0,1%26avms%3Dexc%26qi%3D5142188%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1625229358647%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.01%26t%3D1625229358172&avm=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:35:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 197ms
197ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:35:58 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60dee97c67a5077093613604&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=6.016&vi=20&ofpr=2&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328350&e=impression&cb=1625229349599&ad=6.016&vi=20&d1=vpaid&fv=3&cb=1625229349604
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 120ms
120ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60dee97c67a5077093613604&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=2&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328350&e=start&d1=vpaid&fv=3&cb=1625229349604
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:35:58 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK pixel.png
unified.adsafeprotected.com/ Frame D180 35 B
174 B 50ms
49ms Image
image/gif 34.247.125.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unified.adsafeprotected.com/pixel.png?eyJ0eXBlIjo0MDMsInNpdGVfdXVpZCI6ImFmZGRlZjVkLWMyMDQtNDBhOS1iNGZiLTk2NWExNDVkMDY5NiIsImJpZF9yZXF1ZXN0Ijp7InNpdGUiOnsicGFnZSI6Imh0dHBzOi8vd3d3LjEyM2dyZWV0aW5ncy5jb20vZXZlbnRzL2ZvdXJ0aF9vZl9qdWx5Lz91dG1fc291cmNlPXJjdnJfZXZlbnQifX0sImNiIjoxNjI1MjI5MzYwMTQ0LCJpYXNfc2luZ2xldGFnIjpmYWxzZSwiaGVhZGVycyI6eyJoZWFkZXI4IjoiaWFzbyJ9LCJjdXN0b20iOnsiY3VzdG9tNyI6IjQ3MjY2NCIsImN1c3RvbTgiOiI1MTE5NTE3MiIsImN1c3RvbTExIjoiMjAyMS4wMi4xMS0xMS4wMi0xOTY3NmUwIiwieHNpZCI6IjJkYjcxYTU4LTdiNGItNDdlYS1iMjNlLTkxNzZiMTkxNGUwYiJ9fQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.125.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-125-120.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 02 Jul 2021 12:36:00 GMT
Connection: keep-alive
Content-Length: 35
Vary: Origin
Content-Type: image/gif

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 111ms
110ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=62864aa7-2ee6-218b-c77c-91d57c1fdf0f&tv=%7Bc:hdv5Ad,pingTime:-4,time:1805,type:m,clog:%5B%7Bpiv:74,vs:o,r:v,w:400,h:225,t:20%7D,%7Bpiv:71,t:50%7D,%7Bpiv:28,r:l.v,t:255%7D,%7Bpiv:34,r:l,t:452%7D,%7Bpiv:74,vs:pp,r:,t:651%7D,%7Bpiv:93,vs:i,t:851%7D,%7Bpiv:100,t:1051%7D%5D,ve:%7BvEventCount:25,vEvents:%5B%7Bt:-53,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-30,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-28,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:54,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:126,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:257,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:304,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:55,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:304,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:305,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:323,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:323,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:324,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:324,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:329,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:331,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:420,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:471,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:570,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:620,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:820,tp:volumeChanged,sl:pp,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1070,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1320,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1554,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1570,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1804,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:954,o:651,n:0,pp:200,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:1200.1123.400.225,am:v,cc:1200.1123.400.225,piv:34,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B250~50,197~25,199~30%5D,as:%5B646~400.225%5D%7D%7D,%7Bsl:pp,t:651,wc:0.0.1600.1200,ac:1200.1033.400.225,am:v,cc:1200.1033.400.225,piv:74,obst:0,th:0,reas:,bkn:%7Bpiv:%5B200~50%5D,as:%5B200~400.225%5D%7D%7D,%7Bsl:i,t:851,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B200~75,754~100%5D,as:%5B954~400.225%5D%7D%7D%5D,slEventCount:3,em:false,fr:true,e:,tt:fwjsvid,dtt:131,fm:sC0EL9q+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l1%7C1m1%7C1n1%7C1o%7C1p,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:36:00 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8-iQkbPE8QIVv0D2CB16nQdgEAAYACCszO5AOhoIufWVgwEQ48O3rdEDGIyDxd0DIPTGgoqXDkITCK64-ZCzxPECFfrKuwgdfqYI5g;dc_rmcid=CAASEuRoK-eRVevoidxGc036Bm-EDQ;eps=CIDhgBAQARgd;met=1;acvw=sv%3D899%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D498,601,0,201,202%26mtos%3D498,1099,1099,1300,1502%26amtos%3D0,0,0,0,0%26mcvt%3D1099%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1502%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1097%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D1454%26dvs%3D1099%26dfvs%3D498%26dvpt%3D1502%26is%3D275%26i0%3D274%26i1%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D0.27%26mv%3D0%26nv%3D0%26qmt%3D498,1099,1099,1300,1502%26qnc%3D0.27%26qmv%3D0%26qnv%3D0%26lte%3D0.27%26ces%26femt%3D7893%26femvt%3D0%26emc%3D10%26emuc%3D0%26emb%3D4,3,1,1,1%26avms%3Dexc%26qi%3D5142188%26psm%3D-2147483645%26psv%3D2%26psfv%3D2%26psa%3D0%26ptlt%3D1625229360149%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1502;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1625229358172;ecn1=1;etm1=0;eid1=960584;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:36:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9C0F 42 B
64 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQGuDJgjfYK6NIvqV7_UP_syisA7rs53CY_TGgoqXDvAuEAEgsK_iH2DRgbmC0AfIAQWpAkG5UL9gWoU-qAMByAMTmAQAqgTTAU_QCrXBaU8rjrydWHZ4EdIcXp7caLLInIW3alJEMYLrOuLkBPv2Y2LA7sYyiPmsqytweRRGZELKImDDK59FTKkCAsofICNgcNfFL_H6agwIrb5sGZ66bA_g9JDmviNm6ZXe2gPxOZ2TUJT8GYMj9WQ_xrHSoU5Lpd0y-fJn9CoCCzM_WxR_lPTlliA9D1H-qwIA8h0XMrfaq0LdsgL_2Ma2UfuwPgixfwedgyFla9m-kb-EabSzrBz4mNxp-OhbQcDeTpk2sV1ICSmlD9MQxI_MogDABOPDt63RA-AEA5AGAaAGToAH8M34ggGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTc2OTIzMzc3NjU5Mjc4OTiACgOYCwHICwGADAGwE8yi9gvIE4yDxd0D0BMA2BMKiBQC2BQB0BUBgBcB&sigh=bXrMJ3UCqDo&label=videoplaytime25&ad_mt=1692&acvw=sv%3D899%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D498,601,0,201,202%26mtos%3D498,1099,1099,1300,1502%26amtos%3D0,0,0,0,0%26mcvt%3D1099%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D1502%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1097%26pst%3D202%26vpaid%26dur%3D6016%26vmtime%3D1454%26dvs%3D1099%26dfvs%3D498%26dvpt%3D1502%26is%3D275%26i0%3D274%26i1%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D0.27%26mv%3D0%26nv%3D0%26qmt%3D498,1099,1099,1300,1502%26qnc%3D0.27%26qmv%3D0%26qnv%3D0%26lte%3D0.27%26ces%26femt%3D7893%26femvt%3D0%26emc%3D10%26emuc%3D0%26emb%3D4,3,1,1,1%26avms%3Dexc%26qi%3D5142188%26psm%3D-2147483645%26psv%3D2%26psfv%3D2%26psa%3D0%26ptlt%3D1625229360149%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,ssmol%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,1502&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.04%26t%3D1625229358172&sdkv=h.3.470.1&vci=CjwIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgtBZFNlbnNlL0FkWCAEKgw0ODY2NjI1NzM5ODlA4AIKOQgCEhViaWQuZy5kb3VibGVjbGljay5uZXQaA0RCTSAEKgk0ODQxODMwMzQyCTEzNjAyOTc0MEDQAQphCAESGHZhc3QuYWRzYWZlcHJvdGVjdGVkLmNvbRoDRENNIAQqCTQ4NDE4MzAzNDIJMTM2MDI5NzQwQPsBUiMQBCUSg8BAKAE6CzEzNjAyOTc0MC0xQgRHRENNSJwBUABgARgB

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Jul 2021 12:36:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 192ms
192ms Ping
text/plain 52.42.142.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.142.109 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-142-109.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Jul 2021 12:36:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 121ms
120ms Image
text/plain 52.22.200.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60dee97c67a5077093613604&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=6.016&vi=100&ofpr=2&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328350&e=firstQuartile&ad=6.016&vi=100&d1=vpaid&fv=3&cb=1625229349604
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.200.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-200-65.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Jul 2021 12:36:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST csi
csi.gstatic.com/ Frame 22DB 0
0

GET
H/1.1 200
OK mantle_loader.gif
c.123g.us/images/ 2 KB
2 KB 34ms
34ms Image
image/gif 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/mantle_loader.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1b91d59c4bdd90f11c17f875ae27b15c1efe83d42182702f51570fcc2063fd24

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 15 Jun 2021 19:00:43 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1445717
ETag: "855-54da7c7b5a240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2133
jake_test: Test_Pass
Expires: Tue, 15 Jun 2021 19:15:43 GMT

GET
H/1.1 200
OK ejul_fourthjuly_lovedones_mtl_01.jpg
i.123g.us/c/ejul_fourthjuly_lovedones/mtl/ 25 KB
25 KB 55ms
55ms Image
image/jpeg 67.27.157.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejul_fourthjuly_lovedones/mtl/ejul_fourthjuly_lovedones_mtl_01.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b3a0221838686a9875fedb3724e6e4ef2f0a87bc0464343702454784f54a4d6f

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 09:56:13 GMT
Last-Modified: Mon, 24 Feb 2014 09:40:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2255987
ETag: "628b-4f323c3123d40"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25227
jake_test: Test_Pass
Expires: Wed, 23 Jun 2021 08:07:19 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 117ms
117ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=472664&asId=62864aa7-2ee6-218b-c77c-91d57c1fdf0f&tv=%7Bc:hdv5NR,pingTime:2,time:2651,type:p,clog:%5B%7Bpiv:74,vs:o,r:v,w:400,h:225,t:20%7D,%7Bpiv:71,t:50%7D,%7Bpiv:28,r:l.v,t:255%7D,%7Bpiv:34,r:l,t:452%7D,%7Bpiv:74,vs:pp,r:,t:651%7D,%7Bpiv:93,vs:i,t:851%7D,%7Bpiv:100,t:1051%7D%5D,ve:%7BvEventCount:29,vEvents:%5B%7Bt:-53,tp:volumeChanged,sl:o,ad_duration:6,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:-30,tp:adLoaded,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:-28,tp:adStarted,sl:o,ad_duration:6,width:400,height:225,volume:0%7D,%7Bt:54,tp:adDurationChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:126,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:257,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:304,tp:adImpression,sl:o,ad_duration:6.016,width:400,height:225,volume:0,integral_timeToDecision:55,integral_didBlock:false,viewMode:normal,x_vv:3.7.0,x_vanstag:fw,x_xpc:iaso%7D,%7Bt:304,tp:adVideoStart,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:305,tp:adRemainingTimeChange,sl:o,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:323,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:323,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:324,tp:resizeAd,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:324,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:329,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:331,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:420,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:471,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:570,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:620,tp:volumeChanged,sl:o,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:820,tp:volumeChanged,sl:pp,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1070,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1320,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1554,tp:adRemainingTimeChange,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1570,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:1804,tp:adVideoFirstQuartile,sl:i,ad_duration:6.016,width:400,height:225,volume:0%7D,%7Bt:1820,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2070,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2321,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D,%7Bt:2571,tp:volumeChanged,sl:i,ad_duration:6.016,width:400,height:225,volume:0,viewMode:normal%7D%5D%7D,vv:3.7.0,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1800,o:651,n:0,pp:200,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:1200.1123.400.225,am:v,cc:1200.1123.400.225,piv:34,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B250~50,197~25,199~30%5D,as:%5B646~400.225%5D%7D%7D,%7Bsl:pp,t:651,wc:0.0.1600.1200,ac:1200.1033.400.225,am:v,cc:1200.1033.400.225,piv:74,obst:0,th:0,reas:,bkn:%7Bpiv:%5B200~50%5D,as:%5B200~400.225%5D%7D%7D,%7Bsl:i,t:851,wc:0.0.1600.1200,ac:1200.975.400.225,am:v,cc:1200.975.400.225,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B200~75,1600~100%5D,as:%5B1800~400.225%5D%7D%7D%5D,slEventCount:3,em:false,fr:true,e:,tt:fwjsvid,dtt:114,fm:sC0EL9q+1*.472664-51195172%7C11%7C12%7C13%7C14%7C15%7C161%7C162%7C171%7C172%7C181%7C182%7C191%7C192%7C193%7C1a%7C1b%7C1c1%7C1c2%7C1c3%7C1d1%7C1e1%7C1f%7C1g1%7C1h1%7C1i%7C1j%7C1k1%7C1l1%7C1m1%7C1n1%7C1o%7C1p,idMap:1*,rmeas:1,rend:1,renddet:env%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Jul 2021 12:36:01 GMT
X-Server-Name: dt55.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET track
track1.aniview.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kqmbldah&c=8330245361517&slotId=4165122680758.5&qqid=CKzx-ZCzxPECFZ6VdwodjO4AUA&gqid=JgjfYJ_WINyNjuwPx9C04AI&fb=ima_html5-lima&sdkv=h.3.470.1&mrd=4&aab=1&itv=1&uet=2&rec=loaded-1%7Cshow_ad-1%7CcreativeView-1%7Cstart-1%7Cimpression-1%7Cmeasurable_impression-1%7CfirstQuartile-1%7Cviewable_impression-1%7Cmidpoint-1%7CthirdQuartile-1%7Ccomplete-1%7Cstop-1

Domain: track1.aniview.com
URL: https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=57504&t=1625229349&cip=82.102.20.235&sn=rcvr_event&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1625229349531-961878530252-026334-009-001799&cha=0.7&stagid=&stplid=&cb=11284791682&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C60dee97c67a5077093613604&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=3c8f5376792c98775790be12582b3eb4766467e8&d9=1000&ad=6.016&vi=100&ofpr=2&imid=70f9ba7f4c3818ffce1f4ebfa6315bdb_172316050_4328350&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1625229349604

Verdicts & Comments Add Verdict or Comment

464 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.123greetings.com/	1970-01-20 04:48:45	Name: __gads Value: ID=7cd341f1406e54fc-2286e35253c9002e:T=1625229345:RT=1625229345:S=ALNI_MYuJrd5HdV8t-OVTpEMRW_wlTtLHA
.doubleclick.net/	1970-01-19 19:27:10	Name: test_cookie Value: CheckForPermission
.123greetings.com/	1969-12-31 23:59:59	Name: utm_source Value: rcvr_event
.123greetings.com/	1970-01-19 19:27:09	Name: _gat_gtag_UA_5085183_1 Value: 1
www.123greetings.com/	1970-01-19 19:27:09	Name: config_data Value: CADB=1\|CLG=1\|CBR=1\|CUB=1\|CCC=1\|CFLC=1\|CPFR=1\|CBRR=1\|TCP=1\|TAP=1\|TCAP=1\|TRE=1\|QkDshLgd=0\|FBCon=1
.123greetings.com/	1970-01-19 19:28:35	Name: _gid Value: GA1.2.517423890.1625229345
.123greetings.com/	1970-01-20 12:58:21	Name: _ga Value: GA1.2.2059230183.1625229345

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2106212012000 https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
console-api	info	URL: https://cdn.ampproject.org/rtv/012106212012000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2106212012000 https://www.123greetings.com/events/fourth_of_july/?utm_source=rcvr_event
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.001708984375 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a9d7a7ecde26e8cedc9ae888f72d5982.safeframe.googlesyndication.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
avm.avantisvideo.com
bid.g.doubleclick.net
c.123g.us
cdn.ampproject.org
cdn.avantisvideo.com
cdn1.avantisvideo.com
csi.gstatic.com
dt.adsafeprotected.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.123g.us
i.ytimg.com
i1.ytimg.com
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
play.aniview.com
player.aniview.com
pubads.g.doubleclick.net
r3---sn-4g5ednz7.c.2mdn.net
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.avantisvideo.com
stats.g.doubleclick.net
sync.aniview.com
tpc.googlesyndication.com
track1.aniview.com
trkn.us
unified.adsafeprotected.com
vast.adsafeprotected.com
www.123greetings.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.123g.us
csi.gstatic.com
track1.aniview.com
104.244.36.20
108.177.15.155
142.250.185.66
142.250.185.98
142.250.186.162
184.72.244.154
185.33.221.91
185.94.180.123
216.58.212.162
2404:6800:4006:812::2003
2600:9000:20eb:400:1c:38a0:8a40:93a1
2a00:1450:4001:3d::8
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:803::2001
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::2016
2a00:1450:4001:813::2016
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c08::9c
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:ba12
34.247.125.120
52.17.241.173
52.206.107.130
52.206.179.19
52.210.216.43
52.22.200.65
52.42.142.109
52.45.125.207
54.187.161.230
67.27.157.124
67.27.157.252
99.81.129.224
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
02e3678eb9e29f623e9cffc32c3e29dbe74d8aa8eaac88892c6f2944b4e1bd6c
052b709978677b3dd76a0ab609a92a688000c1d1e070c56cd2aa877fae77a3a3
057bd2e1111c20317b83b065febb8e92d9a2059a5e1bab28b6e0aa3658d34f4b
05b8bf94c8bdbb13f1bdbb4a32e63caa9a8a87debf1843e7f7945d10c7bff8e5
076856980b362cc75496b058e2528a33de3cb4d083ad6e1506347190f8618817
0814e5148bcc2438216e6198a067a4b944c5d07b7155908dc1a342d739579287
0987431484cf368a2c05bda4219aac7b7c0e875cf74fc45d615a57c0967e3dfc
09fb57be251adc0962ccdbb00d96a49d63ba8a7ef23801027183c842ba4ae1f7
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
14fc395ad49ae416330b86596c58cfa774d3910503b94a25c51743a35a5a6288
1541de4983dc48d213148b0c926fc3d45154b7bdb24106ddb5cba39773c77c0a
1565cde329ae601fa496ae34fe2f9fc866e24381af10a781799067947867a545
166c5de79efdf94ced1c9abd50e0cb4b3278cb4410133ff4e8c3bd15c18e9bdb
1764b6de9a79fbd9a6c7550b114bd1c2fc1dced294976aca92df4d8e4660afc4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b91d59c4bdd90f11c17f875ae27b15c1efe83d42182702f51570fcc2063fd24
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e059c892e1206952c135bd2c624040bef95491d28bb64220694c21abcc671cd
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
22428f9093ad269f49827ae21c713dfbad293be5816f50b68fcf2e2527b05d9b
24d4bc452b275c433488f0a408057207637abc5c59229d9ff217f52653f81e9a
26a17027ef50e8f302cc81a974a2cb10a952b59cb1c88e32ccc7750c5b4b22dc
280f347ae8b3cf87d7d72e713f6548a4d7bb13089328c41973b76245895d7dc1
28573d89b4dec06a73ea08012f02bead6e2e52445bd205c361609765049c6c22
2865f46b4389eef0830ded97cb9d14999f2ec1409f60f97ff7bd0eec6348102c
2d853d5c205e6bc73c9928255af1ea931f948c6f46f607eeef92935f37f72f5a
319cd584d0eafd2b782b2fcd8919d64b7a57286abb0be4dbb7e5b725ce235ef3
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
359751b50d1390642a651278f1844250baf6d63ca166863d29cf8c27d8c87f74
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
38134680bb976c78119e7410bf61f8999be65777ed76db497173b264318c1796
3a50a48990ea984747f071ddf811d218f9444896dd5e9fbaf76feea41ceeadda
3c107239496609ede285e80b91336c653f68e65956a25b489ef9b4d9591d07ea
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038
40ca98c145bf27de21e87e43748da8e926d8986e851f3e6747cafc4da373bca2
40d4c68f71f23b353895a8df6705c2e3783b00abdc5ed3a57f88c8304763d042
42bfbde3c7a0481f12b82e3334e401d9bb7db1988e90b6bf006a3e735c8c6631
42c0019ac2f32d24160ef9f53853c7caeb65ea3b21bcbcd8e3b90a5a230dfba4
4330d4072d013510b91ca5648f210b614c2e4e8ecbea94a1f8a8373aa6068532
449b8777ff7d8e8f848377e77e812623d0c7cce48074ef2d131dac2ad4988305
47a67f08039e0e2f3b66feaccc284d778404b0324071397d598abb17baf5ae7a
48f9695743d1ea7156fe612eb25beb3be6ca81d94a30891b848d0177137dfaa6
4a644e13536068bbc974297393c1b963045e89cac72ef27c4c370b765631d7b1
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b55487d2725589aa3eb97e26b94afdd8a3a18f251f2a150c44d49052b242558
4f1464ba40a2ac111c0e403d0cd44080b4cd23e72c3a8cccd5cec0b58e30df58
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510d99f13b8762e009e6988bde74f788474f70d079e8aece447018f7264c9116
5336fb757df91e343cca414c112da532ff47f3d40b0d6e1b3c39ea00c8e24ab6
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
559fe004c2c97cffd0ae0d9f3ffb0d2546dc35c2a31481e6f2306bd138bf4b4d
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0
587b5213faa804c698a3c66445d38fa8daca067fdfcf3488978d7476e8c0ce87
598a6c545ec2b27cf7388041cb424a0f4ecc1884dc06e37781b927fbd3cd58fd
5a6c2c2a049a265b59c27db0857cbb9aa6110f490c8fef05edcb4285b3ecc55b
5a8c623b34dcf729895c3bc9b6e261796bbad69555a21ad6d2f9b4e7bc27b6e7
6182713de81975db6566576b1a1fb45b89846260ef8ac7991676fbee232a6d1c
627ce7bbabf0f890a634284af04091df987e5cc13bd7536c16403356eaf29ba6
62fdb63ff4b7e2e4ad6dba8f2d45b5f4cccc15b4697a6ea53f7b0108da516b6c
636b8fb1805a5317e4675ec9a4bf620ffe6433f22373f37794e9db4f9b631ba1
63e8b8b2eae37f4666f5a09819fc88ac4557ab69de01dfab7e297505bc775dfd
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d38e850f157012f05cd741a35b44683b5fb170e5fd461d52836d28f9bd3597d
6e8e910a6de59bda6f47948462a8b2f06d5a3564d173665dc76fd9141f763364
6fd054e395cfc15cf30b1ef79b06a45c6a44818199b5f45d07370b8e520b21ab
701e42f5fcb972d523bf73fe9b45f61678f46910d44924d3c07d0d10ebe844db
70d0aa1a7429573e8d63a5d732a2bc27150ac345ca82e3550d5d3a4a148508df
71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab
7120d844c5aeff5bf30238cf096ea959220578980e2480d4f2d634108a1ab734
71c845d7bb5cc7417e59bb473d8015dc093581f4f1f95a6b97b11beec16177fb
72a8202596dc4870b64efd30fbca7d8961aa8a47885e1f565191b7302f61b7f0
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
789d25597a48ee75857b4f804d9bc81fe5c0484b6f05cf76c3c6335948c41cb0
79381d68e91816fbadc6a29a361636f02c8f78ff54501a8f2e20da09bb749952
7ad4551e10686884204e10bbafdbc001804a37e45ee0e20f2f0289e2819ed6f1
7b78591a83841e0284936d78ec61ac91e83a9149da21977e3ade0bd0eaa7de8b
7bfd2a9639f7bba13a750df9f04f31fc8a19ddef240d3b23b1a5b276508c72cb
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
809b4c0685581f80e57351f1d4e5ae1baf7b672e97d5bfe8325baa350ddebfab
818ff789d6fdb14f1573e66d90200eb3b1a0e83871b32e6cdfc6d478cd6816c1
828dccecbed3923d1c46d5cd052cc0fe2b1ab964f37755cdc542224bdb5a6258
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
879c7c35ea7abd239cdbe7dda6271e1ed4da5a21f42561366a24ca975db2aa7d
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
89e3e3a03700eff3d9eea49f50bf03ff9ab7e5b9fafc9cad35f099a6fba4d2e2
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8a9a19e56cdf55a52ccdc15ae0f7bc04cf281e9039c1f33383266fe60df71b51
8b67ead8272d7778ba52209e66b8de20a6c88cf3318ced3a7dba65ea18086288
8bb7ea6db04e6e74e6092dc5813ce28c38147139cbe4753f4bdceaff8929b385
8cab2a16365827e9747dcb6b86c454f232cab1ac5d30d1bbafc13e00f322bb6a
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e92d1082d548068676093bd2fd6e2defbfc109cb67c0ac45724b1b79235ff0e
8f05f9b4c67b7fe9377c08d777aee84ed730fbdb3dc600ef5dd322f1ccb5778f
905d8ae2c87d1dd1c80eb44e2ac23bcbfaa09a75eb8dc9db6b7c110242788da4
90bb654ca53379330d26998780caf1acb2ddbb53d68075f409fdf70b45ca1b8e
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
926dc9b720d35d125beeb72d5db3f7d48cd9810abbf1f58efab96d663c6910ba
93b99c62d69deeca674a75f363fe8939cb23b77906b134113cae68f38e28662d
942c768f21b9bee96dadcf753ba7314fc52c5b8227be0ca632af8531c9ca425a
9569f62cd99c920f6035dfeae36da60338cbd29414d1213da88df32e49d638df
95d45218561067337bcad11f0cf104571bc37037dad5ad0cc8dbb6ed097857c1
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944
97f655508b03a3eebb5c1a281e563e5f9c92080f901ef1051f18f53ebc1818b5
986cc890ff4c6e29618576b21fee055d58f91ed87402e7344453fc39dd5465bb
99e3d0a0f7b92b109c9c21035daef51486ff1ed73b5a3bdbe5b487e5619d8240
9ce32dd0505b7e1ae279bede121c8c7c05bdd0086bce3d99d5dcd1db830db1b8
9eaa3eb5f031297bf6a39a0f66aca3ee4498151b3ab7b836529749a3e7fb00f3
9ec7a2c23d14eb76c0f5bac272f9a01b2a70c489a9908efdd3e3355b2d9da0d6
9ef7c4fe51b63f4f4749fe8efff004cc8e9e673dcbb44cc15f6ea55411b5cd5f
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a079b84b2836c196b8e730329f58334abfcd773b40123b46f06ea0292921bd22
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a13bda9a50a6db619cccde803d490cf9da132954d20445528b186640555f66bf
a38059bcc8e0aa4348b158002c9a5ed76de0d16bfc31ed9270ce8638e64ca35a
a41501da77de17931e13e67620c032986c1769070843a2663c30a5257af78a33
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a574123b407db639bb3e30ebfc640b75121b707a0ed9721f6203af3559b3de67
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a99f2c8a831f374f2c28114fdd6415fed0be98de572c23f647eea5575381e128
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ac42f28820c1a06584cf80f69fc888b8d19d7b87197bef5ea6ea355b712df62c
ac714194de282f4e54c7d818bebedaf6b6edd6cd0ff99ee0292801f664538035
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c304a55e23c298e34b2922b7a9fc3971d8b18e43973c0f333a0554f124d131
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b3a0221838686a9875fedb3724e6e4ef2f0a87bc0464343702454784f54a4d6f
b41d1a89a6904902f5b502584f534ce8ba311702e594c1b82a959f1344faaed8
b728fb1563c6fed8cda251748f0b4327917730b040c1f81c20c71ccccc52b316
b7f1dee42949de63e45b1d6c2f23fb069cef53df921d8104268a35786783b22a
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bdc50fc2fb7760f181e1b94ca3e8197a18083677167ce9abe86549f030e70f6d
c0871dd90183c59d871b16842859fd3551f9e529059740a19d7ff445181cf781
c0fe9eb22790e879a185745f9b8674a5c985d224ac6393e90ee24845d66a4263
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c5729c30306a6c06f52259ec28fcecf999e87e53d7560a2ad7c67292af888016
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
ca969135a24d8321369b63ab1acd675d458f5ded6b28d68666f701f37fdbd0e6
caa2fbd9b1dd9711b03a5437a022f35326aec84ce87b6a90b6b91153b65a5ec7
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cccb343946d6d59be6a51396e1ee093d75165121c9eb86a1bc84c0e1d4a2bdbf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09b7c9239485b3b88573874e5ea2636a6fa0e9e16ba5316aa41d48e186dacd0
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0ddaf11ff75394d4a9af6b50945ff439994bd25b7a43b961ad5a4cc235ae0a2
d18e0815388dd132e48176697e39e2b580564223855de1e8a99c39191a339d79
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d3d0226d7439921cb6f949eef99ec124bcef04050296815663b3e5299f953b63
d45072a60a2c7721ef109a09efb30a2c5f513c1c746285b6ae62627f6b68f602
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7eee94259910aaa93cbc1e9719941b9b0a167a0acb0a08ccf9da061bffb58fc
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
dbfa0d1b06d632c5e883f1067c1bda42b7160e210c6276eb7fb0119cb990eda9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de63788525c08e10dc8e0a28d8c9213a8b4cfe8dae1ce1c06477bf6e2c1e6eb0
e024f3781e3364a706edbb56ea150018d0c9db75b7431b00ed39f9c46b170a10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54b897cb477a0ce61dc7c6900e1c57a4f127c24716662b84313be238e0f7abb
e66724b7284c1cb011a5594f5af03602189da837569e74cd5511249572f9b83c
e6be7bd6b94057e9b2696725350ebfe9096fcfd37997fa72ddbde8a18693ba3c
e872cbf02c8b399de0bc02a3120c525d1397d73e6fe9b396ddb9fb8ca645421f
e87ceefaaeef2a8e9f88b08287f849c82d8a6f7c933db3db33aca99eb076723b
eaa5e7b0aa7790c90ba06be6a9cad21c3427ebd9f010a00bfbd145df878a523e
ed72690522a553c2800b9b742ddcc58fe9c221ec9047d9b27596a774908f859a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796
f3719a162c105abe14ab92b0e048d69214856bbe06eb2979c3b6e33bf74ac957
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f53cc4c51698d41c1d3fde42c5b0d9c80a3343fcb25daeb5c3c5c684cb08df31
f66dba7dbeef3681835963a2bfd8a275f87ba02e6aefb61eee3a1502d803fd05
f7bf7433e6f51ced016386100acbcf95d5775010d93f6f8ac5174e6f1c07e242
faa9f937cdb6a2a45f0d5b9b89838679b09fce760e9e3786640fd0f93ae9f2d4
fb41e96940058c1071a940f204531734a74d4c76bf3a2be1174949d3318f9f74
fb9fd164c1b39bbfdb9228608956817ed56f5030982dec23b839f664282724df
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fcd34ab1db0c2cab8415ed6fa8076e670746255ed9568db9299afd5bc8f38c9a
ff22e1aac4db3d04a92185282612d0bf9958c205db160e3beef256eecaf14ad6
ffb687425d9ead1673765545f99b4dc22a39ae408ee8498e2c84dc92002d6713

www.123greetings.com Open in urlscan Pro 184.72.244.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

448 Requests

100 %HTTPS

55 %IPv6

21 Domains

51 Subdomains

47 IPs

6 Countries

7797 kBTransfer

20049 kBSize

7 Cookies

12 Outgoing links

Redirected requests

448 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.123greetings.com Open in urlscan Pro
184.72.244.154 Public Scan

Screenshot
Live screenshot

Full Image

448
Requests

100 %
HTTPS

55 %
IPv6

21
Domains

51
Subdomains

47
IPs

6
Countries

7797 kB
Transfer

20049 kB
Size

7
Cookies

448 HTTP transactions
12 data transactions