urlscan.io logo urlscan.io
SecurityTrails logo

www.123greetings.com Open in urlscan Pro
184.72.244.154  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.123greetings.com/send/view/03304221117548838576
Submission: On March 05 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 7 countries across 24 domains to perform 443 HTTP transactions. The main IP is 184.72.244.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.
This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 184.72.244.154 14618 (AMAZON-AES)
155 67.26.83.252 3356 (LEVEL3)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 54.204.180.26 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f10... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
8 67.26.137.252 3356 (LEVEL3)
1 2a04:4e42:9::84 54113 (FASTLY)
13 2a00:1450:400... 15169 (GOOGLE)
20 142.250.186.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 30 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
52 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
5 2.16.107.18 20940 (AKAMAI-ASN1)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 142.250.186.34 15169 (GOOGLE)
2 2.16.107.43 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
6 54.212.156.141 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
12 54.244.32.41 16509 (AMAZON-02)
4 2a02:26f0:170... 20940 (AKAMAI-ASN1)
17 52.200.134.48 14618 (AMAZON-AES)
2 35.171.145.49 14618 (AMAZON-AES)
2 2 185.33.221.14 29990 (ASN-APPNEX)
1 34.202.70.106 14618 (AMAZON-AES)
3 185.33.220.243 29990 (ASN-APPNEX)
3 185.94.180.124 35220 (SPOTX-AMS)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2001:6c8:180:... 3292 (TDC TDC A/S)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.70 15169 (GOOGLE)
9 142.250.185.194 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.130 15169 (GOOGLE)
443 45
3    184.72.244.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com
www.123greetings.com
155    67.26.83.252 (United States)

ASN3356 (LEVEL3, US)
c.123g.us
i.123g.us
2    2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    54.204.180.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-180-26.compute-1.amazonaws.com
trkn.us
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a03:2880:f106:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    67.26.137.252 (United States)

ASN3356 (LEVEL3, US)
x.123g.us
1    2a04:4e42:9::84 (United States)

ASN54113 (FASTLY, US)
assets.pinterest.com
13    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
20    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
30    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0900d52e7942607e78205221c832f89a.safeframe.googlesyndication.com
52    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
cdn.ampproject.org
9    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
3    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
32    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2.16.107.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-18.deploy.static.akamaitechnologies.com
cdn.avantisvideo.com
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a02:26f0:6c00::210:ba12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.avantisvideo.com
4    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com
2    2.16.107.43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-43.deploy.static.akamaitechnologies.com
cdn1.avantisvideo.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    54.212.156.141 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-212-156-141.us-west-2.compute.amazonaws.com
avm.avantisvideo.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    54.244.32.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-244-32-41.us-west-2.compute.amazonaws.com
events.avantisvideo.com
4    2a02:26f0:1700:59a::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
player.aniview.com
17    52.200.134.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-134-48.compute-1.amazonaws.com
track1.aniview.com
2    35.171.145.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
2    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
1    34.202.70.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-70-106.compute-1.amazonaws.com
sync.aniview.com
3    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
6    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a00:1450:4009:817::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2001:6c8:180:5::11 (Denmark)

ASN3292 (TDC TDC A/S, DK)
r4---sn-uqj-j2ik.googlevideo.com
1    2a00:1450:400f:10::a (Ireland)

ASN15169 (GOOGLE, US)
r4---sn-5goeen7k.googlevideo.com
1    2a00:1450:4001:1::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r4---sn-4g5e6nzz.googlevideo.com
1    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
9    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
ade.googlesyndication.com
4    2a00:1450:400c:c07::8b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
163 123g.us
c.123g.us
x.123g.us
i.123g.us
5 MB
85 googlesyndication.com
0900d52e7942607e78205221c832f89a.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
ade.googlesyndication.com
931 KB
42 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
pubads.g.doubleclick.net
ad.doubleclick.net
197 KB
28 avantisvideo.com
cdn.avantisvideo.com
static.avantisvideo.com
cdn1.avantisvideo.com
avm.avantisvideo.com
events.avantisvideo.com
214 KB
24 aniview.com
play.aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
193 KB
15 ampproject.org
cdn.ampproject.org
295 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
163 KB
13 googletagservices.com
www.googletagservices.com
393 KB
12 google.com
adservice.google.com
www.google.com
2 KB
10 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
907 KB
6 googleadservices.com
partner.googleadservices.com
www.googleadservices.com
1 KB
5 adnxs.com
secure.adnxs.com
ib.adnxs.com
6 KB
5 google.de
adservice.google.de
2 KB
5 facebook.com
www.facebook.com
139 KB
4 youtube.com
s.youtube.com
3 googlevideo.com
r4---sn-uqj-j2ik.googlevideo.com
r4---sn-5goeen7k.googlevideo.com
r4---sn-4g5e6nzz.googlevideo.com
3 MB
3 2mdn.net
s0.2mdn.net
50 KB
3 spotxchange.com
search.spotxchange.com
3 KB
3 trkn.us
trkn.us
2 KB
3 123greetings.com
www.123greetings.com
39 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 facebook.net
connect.facebook.net
63 KB
1 pinterest.com
assets.pinterest.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
443 24
Domain Requested by
120 i.123g.us www.123greetings.com
c.123g.us
38 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
srcdoc
37 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.123greetings.com
cdn.ampproject.org
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
35 c.123g.us www.123greetings.com
c.123g.us
21 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
17 track1.aniview.com player.aniview.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
15 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.123greetings.com
13 www.googletagservices.com c.123g.us
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
12 events.avantisvideo.com cdn.avantisvideo.com
9 ade.googlesyndication.com
9 fonts.gstatic.com fonts.googleapis.com
8 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
8 x.123g.us c.123g.us
6 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
6 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
5 pubads.g.doubleclick.net imasdk.googleapis.com
5 cdn.avantisvideo.com securepubads.g.doubleclick.net
cdn.avantisvideo.com
5 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 www.facebook.com connect.facebook.net
www.facebook.com
4 s.youtube.com blank
4 partner.googleadservices.com pagead2.googlesyndication.com
4 www.google.com 2 redirects googleads.g.doubleclick.net
4 fonts.googleapis.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
3 csi.gstatic.com imasdk.googleapis.com
3 s0.2mdn.net imasdk.googleapis.com
3 search.spotxchange.com player.aniview.com
3 ib.adnxs.com player.aniview.com
3 player.aniview.com cdn.avantisvideo.com
player.aniview.com
3 static.avantisvideo.com cdn.avantisvideo.com
www.123greetings.com
3 trkn.us 1 redirects www.123greetings.com
3 www.123greetings.com c.123g.us
2 www.googleadservices.com
2 secure.adnxs.com 2 redirects
2 go1.aniview.com player.aniview.com
2 cdn1.avantisvideo.com cdn.avantisvideo.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.123greetings.com
connect.facebook.net
1 ad.doubleclick.net
1 r4---sn-4g5e6nzz.googlevideo.com
1 r4---sn-5goeen7k.googlevideo.com 1 redirects
1 r4---sn-uqj-j2ik.googlevideo.com 1 redirects
1 sync.aniview.com player.aniview.com
1 play.aniview.com cdn.avantisvideo.com
1 www.gstatic.com googleads.g.doubleclick.net
1 0900d52e7942607e78205221c832f89a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 assets.pinterest.com
1 www.googletagmanager.com www.123greetings.com
443 48
Subject Issuer Validity Valid
*.123greetings.com
Go Daddy Secure Certificate Authority - G2		 2020-04-29 -
2022-04-29		 2 years crt.sh
*.123g.us
Go Daddy Secure Certificate Authority - G2		 2019-06-21 -
2021-09-16		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2		 2020-03-20 -
2021-03-20		 a year crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
content.avantisvideo.com
R3		 2021-02-22 -
2021-05-23		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.avantisvideo.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-03 -
2022-02-19		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2019-03-18 -
2021-03-17		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-04		 2 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 42 frames:

Primary Page: https://www.123greetings.com/send/view/03304221117548838576
Frame ID: 03087BBD849A6FD2269DC1403161E1F2
Requests: 226 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d0535ec6487c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff12818b32f877d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Femployee_appreciation_day%2Fyoure_the_best_worker.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Frame ID: ECE9BD7826740656369DCDFEC3B6C638
Requests: 4 HTTP requests in this frame

Frame: https://www.123greetings.com/send/fcp_track/2a2c5e6a7d66764564686b6c6c62/03304221117548838576/summary
Frame ID: EAF713D07CE4BF6B7DB5B382C49A521F
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrrhWVlyeTHeGuufBsux0_Q46bUJXw22z0y5ZwvbqNJ84HMrAmtWWLeRwGplTMdhhuFBUObXAuuGuyDWQgtpVbi4OLYE_NeVzDzkD1di-01QjHsh1qR3puz4hIquY4iYnSBp1XBhWryK-3ICGZ26Vj9JBX_0oCBr8n71Tv2DuDvpvOcpxP0qyHgHt3QHxm6u7tQYkiLvwJ8dmr6Z0IawUvmtJVNRY8YEb7AJHXgRVUVIwTEhFUS3pfdZE-2aK9SBbTcy3gFYH5-xCaD5l-bN-ecrlKjoaT7BVDCV4AmaspRVtDKSlwX3cLhma5LoYheqXdjw&sai=AMfl-YQsm6iyw7ZtMNhxJ4XXn00SB3gFeIdP1B5KDtVwXj5kc3wxpFopxr8rd0UHvuEOFwtxgOullgal6yx2Kg6-SzCWVEm8WKJ-s6gOju4hwYdNTN6GBL9wFNUL66NShh8&sig=Cg0ArKJSzLfaK50wNR4cEAE&urlfix=1&adurl=
Frame ID: B7AB7570FB3B58D6C2588B731334D6BD
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNI-m8yQFsZE6CZAYbLgrt0eVXAPthSHDjHWIY5uL-zYD93lU23OsaYxKB8QxB0rcFeiE9DT1iWl_3jR9VQQDFdPxyjl8JUYN1nLHf5PR796N5BA1Gb9hyDmaURqvwNMJBYfhITv_6UwIAAQNIIsqYbnCogG0_0BbpXXtA4r00aKisB9slA6mFgL1LBVNcAhH5eTTyK7-Y-p-Ta4TOhXCQw0sanGLSZYMAXRAUaNx1IhtPH1w0C91aQF06OvIHnzEA8n_3nKt6ZJ2rRg3wr5BzCLQlai3_d4kAWI9gkLK9j3HNfq2LuzUsZO-VY1-T52462LyK&sai=AMfl-YQZqm4zr3zs9sh_KqOCUjERljlBbAySsvA1YZyLIUIVvJFMP68o9xL_3UNB076RnDvM5fqLr2UhI75Ed-ZsJDFpPuUjn9FUGJaB6P-mA04K5OvsOowSdZeLG60FABc&sig=Cg0ArKJSzLOJmH2gw8FwEAE&urlfix=1&adurl=
Frame ID: 7ED259B0EF9296CB75F5377C65F2F3C1
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7UMKtGrhDmMmoCsb7TWcZPc6J-vmvJ7B6fMj6ODYqF2EvwjLV7LWldbUiahiUG9pln98bsyZD0moka4TFDnbi_oZjbdH2TDq4ZBBP5yrq_MHFaDGv9evF1X62sgeStM4S_Fa2REQLvpwsh3fhZE4tDRkPce6ue395VsK8FaE8adHqvv2Opl6-SclygQWCwFsbpAgUvhPqJ0U6Nx_kbtlr9-5cVXfg1QS9UZcweOz9eIJEasRK7SKn6kvEIFWfwgjlebB2jHGk1A3nMXlTcngmxTEWf2hR3_Ikw-q_mYsOq2L3fqaVztClEKuVJh2gNByzIjSgX2Y&sai=AMfl-YSbh03S5ovB35sQC1upeJMSIN5JtENPw6i_8UkpVGzXmWpp1WsfZQk1-u_knvryzoYka4d1AILwBqfNfM2QVXHPZXNArQQnBjVODfeORMfHGuGx2_ec7q1wC0Sz6ZQ&sig=Cg0ArKJSzPUZyvi1zrwwEAE&urlfix=1&adurl=
Frame ID: E303E485A902977872B5507BD3BFA878
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: EC96F4B1166F00B014509813E7DE3FCC
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: B5506D63C63D6BF388A0B5AE005A9F4D
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutWpB5gVyFLnGfBDPVcs1ukD7FqnEndE_b568o6RSFP8L5KUdR5QXO1EtGIN1HC3UXswRwDManeg9V6BcOQXiSnlCbai1RfyHXAo-mB2Z9RyoGGvPoznG_15J_iiwTojWZn_j9qcBw5T5odV1bdRxQQXFAxMbgK2hwNZyTRQXYA3ZwU4qWxoQnGDlm1A-MltesfduIzihF0QG9XaSrZ134EoqvOfUz6QYi3J_cH4aQCiZuZSrJWoX9TnchE8FCPXp2dz7wgWdV8jzCvTwmXybLoSY84_pJG5lqXMO_erdrvdDBned-8nSr-eIDD-3PSGS9bJhJsJL7b-LW&sai=AMfl-YSRBV6aF6mjYBZLnG9RMfuJ7RH9XEQTcqjeX-VRNQN9OFf3IS2o7br93W1MiJwSkzP5_n6zeOuZcyM3pdLdJHfn1xRwCrArBRvfneJgJPhw9OjW2M0f-buoRUPH4bM&sig=Cg0ArKJSzBPO9AD-h3XTEAE&urlfix=1&adurl=
Frame ID: 511FC5472EB606641CF774CF45DF4791
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 9A1202D7C712B604FEB696FDC3CB9B8D
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_cpCYKVwtEM1YfjcPjz4BBWjXenkFjXhKwXk_MJnWViRcD6M9s3MJws6Yt9vG-Gjxp7fjA-a4yuTtc74ycYfaulUQKocXYQW2xkR61eWuPf2_kaTQcGFSxed9Qzc5OimpPYzeg4U4u_lSK2zR7d3nCGEBCzDGTDZY-WSb4Nt_XKTDIyXX_Bms8dfjvlsbxH_FSIcOx_C-wucCMaR93YZzSt40Q4gRZPp0eDKKiw0JC9T4RbMRF2q8HybJt05SuIgQ-Mu9O-Az_1rRqa5kBfmOE5ry1Da0UKBs11xfKkoDjkJYbcnOdEyMGy4fOxsPpmlhKWxKCcM&sai=AMfl-YQTptMC2MY47H7pyffO235O-tef6bopHIkFyUip-j6ubZrA8XxWEY_WfyWHcKLfYPP_9bfTkhqxkzBzIPgMxbhCJfKKA4R2392-mhK1b8v5cp-hJ-9lSlwy-3wQWxY&sig=Cg0ArKJSzPQmX9L-XTMhEAE&urlfix=1&adurl=
Frame ID: 44D6CD0346CE10E69F771E8985F0ADC2
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Frame ID: AE572A7418B7AB16EA55D4479D97F936
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031639&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625569&bpp=80&bdt=795&idt=1687&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=1673349887.1614952627&ga_sid=1614952627&ga_hid=1232748318&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3946792256&scr_x=0&scr_y=0&eid=31060287%2C182982300%2C21068083%2C31060047&oid=3&pvsid=1683043660854593&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qz1ruu1cfigz&fsb=1&dtd=1717
Frame ID: 1A27B1987C2E033EE2AF62A68BAD3594
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625859&bpp=53&bdt=1058&idt=1465&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=414267711.1614952627&ga_sid=1614952627&ga_hid=1921186051&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1657&biw=1600&bih=1200&isw=728&ish=90&ifk=1023943532&scr_x=0&scr_y=0&eid=31060288%2C44736525%2C182982100&oid=3&pvsid=4239654129517219&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17rpqgauq2b0&btvi=1&fsb=1&dtd=1501
Frame ID: 703EF776680360C7683924F3B68ADED2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Frame ID: CA151291CD46A864CADED35E216A651B
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: F8161AC015F1A0BBB0BB5A5E118C1907
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: DC8DDDC9B89652393F04F612804D88A2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Frame ID: 46E48E7B58E0297F748F4D3F93650F1B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 942F1193167DE4964E07904F344CC253
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 4B630C99FC753C500F1D861A75FECDA0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: BCF491407E5D26ADCBCC07C02E612976
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 97349A23A7E5E7DA5A2EECC20B234923
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 65E985E616B67F4CCBE4A8309013EC08
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Frame ID: 3BF283252ADB3CA0D00CE954C392E187
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9670EDAAB7FDA498D458304D1C9CFCCE
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 9E4DCBB1274223B4090F6D109CC20870
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: 2B6EAAFCAE640AC664DC4294CAB68057
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1614952632026-930171782941-021298-001-000227&biddername=55&key=6504048128537441484
Frame ID: 6DD492B625CF55C3AC11FADFFD792520
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 6D3E33545617949B87B9B53D68C3F2EC
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 7456AFB56A52386CAB3ECAEEA57113EF
Requests: 33 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F15FFA4DB8A3E2CB0FAEF88C46C1AA97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: E759C390944DC175A5A2FDB31FC1B3B5
Requests: 3 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/playback?ns=yt&fexp=21061817%2C44729227&el=adunit&cpn=ZvBZ6RjEf52qyKEy&docid=pWrq3AtQD1Q&ver=2&cmt=0.211&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.070&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Frame ID: 7135D7FA6212E9DF14280473CAD58822
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.170&rtn=15.070&ns=yt&fexp=21061817%2C44729227&el=adunit&cpn=ZvBZ6RjEf52qyKEy&docid=pWrq3AtQD1Q&ver=2&cmt=10.170&fmt=18&rt=9.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.070&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Frame ID: 574E1D9B70A831936190E9CB1CB00BD4
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/delayplay?ns=yt&fexp=21061817%2C44729227&el=adunit&cpn=ZvBZ6RjEf52qyKEy&docid=pWrq3AtQD1Q&ver=2&cmt=13.170&fmt=18&rt=12.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.070&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13
Frame ID: 0544CDA90CF93E2E9D0F498DEB9F6D85
Requests: 1 HTTP requests in this frame

Frame: https://s.youtube.com/api/stats/watchtime?rti=20&st=10.170&et=15.070&final=1&ns=yt&fexp=21061817%2C44729227&el=adunit&cpn=ZvBZ6RjEf52qyKEy&docid=pWrq3AtQD1Q&ver=2&cmt=15.070&fmt=18&rt=14.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.070&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Frame ID: 414009919B6B87C8D947DEF25CB728A7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BDBCDA7C495244EDFA910B7B2FA51254
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 87F3A8F19417AFFFBE560CDEBB57E5BD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 110DD6132F2F016979192C077E4D15CB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: DDF7C1F03EC65BCF64957210D23CB2D2
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Frame ID: 627A1DA24A2F2A9C4B208687AD6F0AE8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6F125A89A6FFFE1F54EAC97AA4BD6741
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

443
Requests

100 %
HTTPS

60 %
IPv6

24
Domains

48
Subdomains

45
IPs

7
Countries

11963 kB
Transfer

19934 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6699034614.607413&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&dvis=visible HTTP 302
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6699034614.607413&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&dvis=visible&ip=82.102.20.235&cuidchk=1
Request Chain 128
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 224
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 275
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614952632026-930171782941-021298-001-000227%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1614952632026-930171782941-021298-001-000227%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1614952632026-930171782941-021298-001-000227&biddername=55&key=6504048128537441484
Request Chain 292
  • https://r4---sn-uqj-j2ik.googlevideo.com/videoplayback?expire=1614981433&ei=uThCYLjSH7LK0wXC2JOYAQ&ip=82.102.20.235&id=a56aeadc0b500f54&itag=22&source=youtube&requiressl=yes&mh=fn&mm=31&mn=sn-uqj-j2ik&ms=au&mv=m&mvi=4&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1613492252421843&mt=1614952143&txp=6316222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgWk3hsJDlT1A0H5xTowZp61NK4WEIYYHIkVPBuTeIwsoCIAu-_MqNoMcwgvuVdobFRGFgutmHOEn9Lmy-sX0LJNoB&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAKyp7E4sMwug7vzh2GhaRlq19FW-qL7NChXL81sIYe3BAiEA6FcbMuGta9qhOnzk5L4q_Cjnj-ShyT040wyutI1FnZY=&cpn=ZvBZ6RjEf52qyKEy HTTP 302
  • https://r4---sn-5goeen7k.googlevideo.com/videoplayback?expire=1614981433&ei=uThCYLjSH7LK0wXC2JOYAQ&ip=82.102.20.235&id=a56aeadc0b500f54&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1613492252421843&txp=6316222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgWk3hsJDlT1A0H5xTowZp61NK4WEIYYHIkVPBuTeIwsoCIAu-_MqNoMcwgvuVdobFRGFgutmHOEn9Lmy-sX0LJNoB&cpn=ZvBZ6RjEf52qyKEy&redirect_counter=1&rm=sn-uqj-j2ik7z&req_id=a31507d6f03b36e2&cms_redirect=yes&mh=fn&mm=29&mn=sn-5goeen7k&ms=rdu&mt=1614952388&mv=m&mvi=4&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgLPn8HSnvttY52CTleBzvEjhSUKUfpU7Ou5ws7D5p19UCIAZI3pY6k00_efjkeVQuwUwITpeNLvNHRSAvJABV0xts HTTP 302
  • https://r4---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1614981433&ei=uThCYLjSH7LK0wXC2JOYAQ&ip=82.102.20.235&id=a56aeadc0b500f54&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1613492252421843&txp=6316222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgWk3hsJDlT1A0H5xTowZp61NK4WEIYYHIkVPBuTeIwsoCIAu-_MqNoMcwgvuVdobFRGFgutmHOEn9Lmy-sX0LJNoB&cpn=ZvBZ6RjEf52qyKEy&rm=sn-uqj-j2ik7z,sn-5golz7z&req_id=a31507d6f03b36e2&redirect_counter=2&cms_redirect=yes&ipbypass=yes&mh=fn&mip=2a01:4f8:192:5414::2&mm=29&mn=sn-4g5e6nzz&ms=rdu&mt=1614952150&mv=m&mvi=4&pl=41&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAI6ZDt5_2m8ViJdE7nFwcyEa9OzTyIMTN2qzvxm5x2LfAiEAk0TYsjB9xiyjVcWxDu2S-MkAg2Hwe6jS1u_pQ-yblno%3D
Request Chain 388
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CwCwnuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSb0r-QsEJHBk_9b5uBAftzdtBPEKJ05GGk8wATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSxCXB_H5nsG9kZgAoDmAsByAsB0AsPuAwBsBO97_MK2BMC2BQBqBYB&ae=1&num=1&cid=CAASPeRojK4aPsQN_3I7Q4iANSSX94KPvmjiQZDQFkQIXTdRe_XO72ySbBKISxISbG1792sDViXpt0LzGaYlnac&sig=AOD64_1C7HS86pm5unF20rujdLle17Hx-Q&client=ca-pub-2958401851546457&adurl=https://www.calvinklein.dk&ctype=110&label=video_10s_engaged_view&ad_mt=10170&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D1199,1200,1424,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26tos%3D8865,407,217,0,739%26mtos%3D8865,9272,9489,9489,10228%26amtos%3D0,0,0,0,0%26mtos1%3D2616,624,739%26mtos2%3D3749,0,0%26mcvt%3D9489%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10228%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2304%26pst%3D476%26dur%3D15069%26vmtime%3D10169%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2500,2500,2500,2500,2500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D45,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147481601%26psv%3D2046%26psfv%3D2046%26psa%3D0%26ptlt%3D1614952644725%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10228%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1614952633893 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CAHBYuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSb0r-QsEJHBk_9b5uBAftzdtBPEKJ05GGk8wATY6d7QuwPgBAHABW6gBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSaCRpodHRwczovL3d3dy5jYWx2aW5rbGVpbi5ka7EJcH8fmewb2RmACgOYCwHICwHQCw-4DAGwE73v8wrYEwLYFAGoFgE&ae=1&num=1&cid=CAASPeRojK4aPsQN_3I7Q4iANSSX94KPvmjiQZDQFkQIXTdRe_XO72ySbBKISxISbG1792sDViXpt0LzGaYlnac&client=ca-pub-2958401851546457&ctype=110&label=video_10s_engaged_view&ad_mt=10170&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D1199,1200,1424,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26tos%3D8865,407,217,0,739%26mtos%3D8865,9272,9489,9489,10228%26amtos%3D0,0,0,0,0%26mtos1%3D2616,624,739%26mtos2%3D3749,0,0%26mcvt%3D9489%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10228%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2304%26pst%3D476%26dur%3D15069%26vmtime%3D10169%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2500,2500,2500,2500,2500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D45,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147481601%26psv%3D2046%26psfv%3D2046%26psa%3D0%26ptlt%3D1614952644725%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10228%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1614952633893&dblrd=1&uid=Ci0AZWm_UluOnEj4kvZm8HraTei3DPzGzwHfS1l0tXMcX3Pc3WdDmoa0Iv0EI6cQufGIggYYDw&sig=AOD64_2Z2U3-IFtsETTz1L8r2IRE1U3NVA&adurl=https://www.calvinklein.dk
Request Chain 423
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CwCwnuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSb0r-QsEJHBk_9b5uBAftzdtBPEKJ05GGk8wATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSxCXB_H5nsG9kZgAoDmAsByAsB0AsPuAwBsBO97_MK2BMC2BQBqBYB&ae=1&num=1&cid=CAASPeRojK4aPsQN_3I7Q4iANSSX94KPvmjiQZDQFkQIXTdRe_XO72ySbBKISxISbG1792sDViXpt0LzGaYlnac&sig=AOD64_1C7HS86pm5unF20rujdLle17Hx-Q&client=ca-pub-2958401851546457&adurl=https://www.calvinklein.dk&label=video_engaged_view&ctype=110 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CAHBYuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSb0r-QsEJHBk_9b5uBAftzdtBPEKJ05GGk8wATY6d7QuwPgBAHABW6gBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSaCRpodHRwczovL3d3dy5jYWx2aW5rbGVpbi5ka7EJcH8fmewb2RmACgOYCwHICwHQCw-4DAGwE73v8wrYEwLYFAGoFgE&ae=1&num=1&cid=CAASPeRojK4aPsQN_3I7Q4iANSSX94KPvmjiQZDQFkQIXTdRe_XO72ySbBKISxISbG1792sDViXpt0LzGaYlnac&client=ca-pub-2958401851546457&label=video_engaged_view&ctype=110&dblrd=1&uid=Ci0AZWm_UluOnEj4kvZm8HraTei3DPzGzwHfS1l0tXMcX3Pc3WdDmoa0Iv0EI6cQufGIggYYDw&sig=AOD64_2Z2U3-IFtsETTz1L8r2IRE1U3NVA&adurl=https://www.calvinklein.dk

443 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 03304221117548838576
www.123greetings.com/send/view/ 		33 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
585fa678e7f7b6bd2f8d3ec9fe05777fb682ef093a1bc522f0f83d8ec178f8ee
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.123greetings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Mar 2021 13:56:58 GMT
Server
Apache/2.2.15 (CentOS)
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Set-Cookie
SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
fcp_R1.css
c.123g.us/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/fcp_R1.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
30356f4ee7951ecbcb3b3581c7382375d9a6b3f7758387b159161f314b0dcf89

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Feb 2021 18:07:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Apr 2020 06:03:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
1626590
ETag
"2476a-362a-5a23472e28440"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3493
jake_test
Test_Pass
jquery.js
c.123g.us/js2/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Feb 2021 19:24:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1621934
ETag
"2c43b-16f3a-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33449
jake_test
Test_Pass
swfobject.js
c.123g.us/js2/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/swfobject.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Feb 2021 05:06:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1587004
ETag
"261f-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3868
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 05:21:57 GMT
123g_utils_v1.js
c.123g.us/js2/ 		123 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_utils_v1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0d78f0e275929c1a9f449acaf371294207f532a67d6fcf109cb4385664cec099

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 09:10:20 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 09:08:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
535601
ETag
"2c3d5-1ed68-5bc4dba7fe1c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30675
jake_test
Test_Pass
utilsopt.js
c.123g.us/js2/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/utilsopt.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Feb 2021 05:06:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 10:40:59 GMT
Server
Apache/2.2.15 (CentOS)
Age
1587004
ETag
"2c7c8-57b2-5b3459d6f84c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6801
jake_test
Test_Pass
123g_static.js
c.123g.us/js2/ 		137 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/123g_static.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5ae979dc3486bd2438cd22a479600fd57dd4041ed67e48b99f285584f9443efb

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 09:11:20 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Feb 2021 09:08:50 GMT
Server
Apache/2.2.15 (CentOS)
Age
535541
ETag
"22482-5bc4dbba1cc80"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25188
jake_test
Test_Pass
Expires
Sat, 27 Feb 2021 09:26:21 GMT
jquery.blockUI.js
c.123g.us/js2/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.blockUI.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 15 Feb 2021 06:56:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1580450
ETag
"1fe9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3052
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 07:11:11 GMT
rakpanel.js
c.123g.us/js2/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/rakpanel.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 08:19:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Aug 2018 13:50:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
1834645
ETag
"2c3eb-d4c-57300e738b200"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1626
jake_test
Test_Pass
addressbook.js
c.123g.us/js2/ 		400 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/addressbook.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8caeb1059ac2c4d2c9b19fca77f965680a7c875362e4321d0473e0ae02ca3a1f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 10:18:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 10:16:40 GMT
Server
Apache/2.2.15 (CentOS)
Age
185908
ETag
"2c7ca-63e50-5bc9f25969200"
Vary
Accept-Encoding
Content-Type
text/javascript
Transfer-Encoding
chunked
Connection
keep-alive
jake_test
Test_Pass
date.js
c.123g.us/js2/calendar/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/calendar/date.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 16:42:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2495686
ETag
"afa-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
974
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 16:57:16 GMT
jquery.datePicker.js
c.123g.us/js2/calendar/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/calendar/jquery.datePicker.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 19:28:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1103334
ETag
"3d65-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4593
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 15:47:38 GMT
jquery.ajax_autocomplete.js
c.123g.us/js2/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 04:36:43 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 08:18:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
1761618
ETag
"7f11-5b19d2e943540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9770
jake_test
Test_Pass
Expires
Sat, 13 Feb 2021 04:51:45 GMT
jquery.bxslider_new.js
c.123g.us/js2/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.bxslider_new.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Feb 2021 09:02:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1227246
ETag
"2c44c-50ba-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5210
jake_test
Test_Pass
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d251b42608e24ca5f5168a68d2c2136cb35e9e8ff5a9f56dc57573f7762cb579
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
aj76/E2wZSr2UqXqslJmsg==
cross-origin-resource-policy
cross-origin
expires
Fri, 05 Mar 2021 14:04:57 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
QIwvIHJqTYHx1pr3vgifceeFY9vLlAOzM35IyyUhwskUT2Tfc3QClc7wP3e8XAsCX2cJ1juodw+k+/yOVM6WVA==
x-fb-trip-id
1425083115
x-fb-content-md5
8b4832be3037d1778665cb0ff2141e00
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 05 Mar 2021 13:57:01 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag
"1d51dd75555057db418a91d6f226b70e"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3076315-1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3edfd3d24d2883356ea82abecf995f1db253cf8f98fa1ec15209a4385d63a20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39438
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Mar 2021 13:57:01 GMT
styleopt_R1.css
c.123g.us/css/ 		80 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/styleopt_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6fa7cc9128819e7ca7402c739772daba7df959fd0ff1e62cd39e6ad73a08f976

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 04 Mar 2021 13:14:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Mar 2021 13:14:14 GMT
Server
Apache/2.2.15 (CentOS)
Age
88942
ETag
"13f83-5bcb5be751580"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16152
jake_test
Test_Pass
Expires
Thu, 04 Mar 2021 13:32:01 GMT
modal_window_R1.css
c.123g.us/css/ 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/modal_window_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 12 Feb 2021 08:15:57 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 09:39:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
1834864
ETag
"8220-5a7b79d367980"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6727
jake_test
Test_Pass
Expires
Mon, 15 Feb 2021 14:02:51 GMT
print_card_R1.css
c.123g.us/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/print_card_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 07:58:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jul 2018 11:23:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
2527110
ETag
"af1-571586732da80"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
807
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 08:13:31 GMT
ajax-fileuploader.gif
c.123g.us/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/ajax-fileuploader.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 07:45:08 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
2009513
ETag
"2a43-54da7c7a66000"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10819
jake_test
Test_Pass
Expires
Wed, 10 Feb 2021 08:00:09 GMT
123g_master_bg.png
c.123g.us/images/ 		145 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/123g_master_bg.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Feb 2021 15:44:23 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
1894358
ETag
"91-54da7c7b5a240"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 09:14:02 GMT
master_img_menu.png
c.123g.us/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 06:50:31 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
1753590
ETag
"9d023-1861-54a227b81c940"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
icon_set_R1.png
c.123g.us/images/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:17:00 GMT
Last-Modified
Mon, 18 Nov 2019 12:30:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
1741202
ETag
"9d05a-230cb-5979e1b2b4200"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143563
jake_test
Test_Pass
big_img_sprite.png
c.123g.us/images/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 06:38:40 GMT
Last-Modified
Wed, 11 Sep 2019 08:42:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
1495101
ETag
"9cd35-21653-5924300b6d700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
master_icon_set_2.png
c.123g.us/images/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 07:17:29 GMT
Last-Modified
Tue, 16 Feb 2021 07:04:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
1492773
ETag
"15fce-5bb6eb70666c0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90062
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 07:32:44 GMT
sdk.js
connect.facebook.net/en_US/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e03479a6e307491bc0e608e55aebda27&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cf0dcbf96efa05bfe06183a6e3e6addebe98aba6e97c0478fa54bdf3aa9e485f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.123greetings.com
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
4Hr4LjVJ9t5EBebPgMbsgA==
cross-origin-resource-policy
cross-origin
expires
Sat, 05 Mar 2022 13:17:22 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60546
x-fb-rlafr
0
x-fb-debug
4krqP4IqOd8Si4eRlvLH953hTx6B+DskKFrWQA0gaIMtdZEIbWN/AFRvjPIU4KY3DpPCmEOmvZsDF8yJhd6UfA==
x-fb-trip-id
1425083115
x-fb-content-md5
84a30445bc243b265b1e7bd8b9a2001e
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 05 Mar 2021 13:57:01 GMT
x-frame-options
DENY
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag
"193063d995a47309fe741d221097c961"
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers
X-FB-Content-MD5
request.js
trkn.us/info/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6699034614.607413
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.180.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-180-26.compute-1.amazonaws.com
Software
Apache /
Resource Hash
bc4cf58009be573f4312f648163edd7b378e12548c42394516d11afbce18f2f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 13:57:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
732
Expires
Sun, 01 Jan 2014 00:00:00 GMT
connect_config.js
c.123g.us/js2/ 		201 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 12:07:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2512166
ETag
"c9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 12:22:36 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3076315-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
6866
date
Fri, 05 Mar 2021 12:02:36 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Fri, 05 Mar 2021 14:02:36 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=6268317308&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e03479a6e307491bc0e608e55aebda27&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
+QBz/Osz/NCZfoubh2rt+gvkEJmEhgf4GG0iQNHovqBTmDDIpLfknZsBxsxsYosHo9RxnsAVSEzvmnBLoXpLiw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 05 Mar 2021 13:57:02 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1542276463&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=230493971&gjid=1760281469&cid=1005860264.1614952622&tid=UA-3076315-1&_gid=1475996956.1614952622&_r=1&gtm=2ou2o0&z=879411658
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
trkn.us/info/
Redirect Chain
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6699034614.607413&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&dvis=visible
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6699034614.607413&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&dvis=visible&ip=82.102.20.235&cuidchk=1
42 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6699034614.607413&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&dvis=visible&ip=82.102.20.235&cuidchk=1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.180.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-180-26.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 13:57:02 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Fri, 05 Mar 2021 13:57:02 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=6699034614.607413&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&dvis=visible&ip=82.102.20.235&cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
342580_details.js
x.123g.us/json/ 		1 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/342580_details.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
937ad19c9571b4ce96910f0c95a707188899e31b5840480e79d85d75d340b815

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:28:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Mar 2021 13:21:52 GMT
Server
Apache/2.2.15 (CentOS)
Age
1690
ETag
"56d-5bcc9f798fc00"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
570
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 13:43:55 GMT
menu.js
x.123g.us/json/ 		70 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/menu.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
93533f6334c9685277992fd549005f0439b4630d67799b8a789f75f50a4f924b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:41:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Mar 2021 12:06:47 GMT
Server
Apache/2.2.15 (CentOS)
Age
943
ETag
"116cc-5bcc8eb1423c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13040
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 13:56:22 GMT
342580_bg.gif
i.123g.us/c/emar_employeeappreciation_day/bg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/bg/342580_bg.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ae5acef10e059a281ba3961f678cfdd7e35b6682c12f65dade4d1812b8c8a2e9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Feb 2021 22:50:56 GMT
Last-Modified
Fri, 06 Mar 2020 12:27:28 GMT
Server
Apache/2.2.15 (CentOS)
Age
486367
ETag
"abe-5a02ec6cfcc00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2750
jake_test
Test_Pass
Expires
Wed, 03 Mar 2021 05:58:08 GMT
like.php
www.facebook.com/v2.0/plugins/ Frame ECE9 		46 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d0535ec6487c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff12818b32f877d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Femployee_appreciation_day%2Fyoure_the_best_worker.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e03479a6e307491bc0e608e55aebda27&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c070b783735fd563e00e0b8a938cb11672a84c2a979667d95bb12b82d45763a7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d0535ec6487c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff12818b32f877d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Femployee_appreciation_day%2Fyoure_the_best_worker.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
/IP/5/+LRtBO+XKENslCDIHgT1RVkWxKL6pe3iPiDjypdLc93yNXgD2yxJn+S4+AaWrUz1n6TOpjA69xAsdYdA==
date
Fri, 05 Mar 2021 13:57:03 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
342580.gif
i.123g.us/c/emar_employeeappreciation_day/card/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/card/342580.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cf6cefd0feb7c82a61b3c028495e17f22c3deef2a2be4a0652bac5e6b2696705

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 14:11:19 GMT
Last-Modified
Fri, 06 Mar 2020 12:27:17 GMT
Server
Apache/2.2.15 (CentOS)
Age
2159144
ETag
"2da5c1-5a02ec627f340"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2991553
jake_test
Test_Pass
Expires
Thu, 18 Feb 2021 18:19:52 GMT
PinExt.png
assets.pinterest.com/images/ 		936 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pinterest.com/images/PinExt.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:9::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:03 GMT
x-cdn
fastly
etag
"61ed0472dfcbfaf25e7585f119adf76a"
vary
Origin
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-CDN
cache-control
max-age=86400
access-control-max-age
86400
content-length
936
master_img_menu.png
c.123g.us/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 06:50:31 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:45 GMT
Server
Apache/2.2.15 (CentOS)
Age
1753592
ETag
"9d023-1861-54a227b81c940"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
icon_set_R1.png
c.123g.us/images/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:17:00 GMT
Last-Modified
Mon, 18 Nov 2019 12:30:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
1741203
ETag
"9d05a-230cb-5979e1b2b4200"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143563
jake_test
Test_Pass
tagclouds_cards.js
x.123g.us/json/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/tagclouds_cards.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
dccec3e311238d5f40a83bdb4d88d835ad80a4312278cc2628a05d1d6a818788

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:35:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Mar 2021 13:31:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
1281
ETag
"b1e-5bcca1a95e4c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
669
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 13:52:06 GMT
check_js_file.pl
www.123greetings.com/usr-bin/ 		19 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/usr-bin/check_js_file.pl?card_number=342580
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6fa2000c7cfb5c2d58e97f4cabd11bb1c2f3eddf23847ad6adc1b4f4a6e9c1f7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.123greetings.com/send/view/03304221117548838576
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:57:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Content-Type
text/html; charset=UTF-8
connect_config.js
c.123g.us/js2/ 		201 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 12:07:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2512168
ETag
"c9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 12:22:36 GMT
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame ECE9 		400 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d0535ec6487c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff12818b32f877d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Femployee_appreciation_day%2Fyoure_the_best_worker.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d0535ec6487c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff12818b32f877d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Femployee_appreciation_day%2Fyoure_the_best_worker.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
RDjKqszkEtZXhNol63cldfXY3ZfijndUdRrJW4fdEVzYFMIsCdIrw0Lh9Hw/h6zYZMLwQGa2aaTOuE1jwQVx7A==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Thu, 04 Mar 2021 19:31:32 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
400
x-fb-rlafr
0
expires
Fri, 04 Mar 2022 19:31:32 GMT
MZ-zHhpXiYz.js
www.facebook.com/rsrc.php/v3iEpO4/yH/l/en_US/ Frame ECE9 		479 KB
124 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yH/l/en_US/MZ-zHhpXiYz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d0535ec6487c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff12818b32f877d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Femployee_appreciation_day%2Fyoure_the_best_worker.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c808e912a305db910fff01746895ac0284d93a98a701cad45890585b4e8f9b9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d0535ec6487c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff12818b32f877d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Femployee_appreciation_day%2Fyoure_the_best_worker.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
eBfbcJSjKlzBdtrH7jmBzoSHHjssQLgi0s3kBOHTcGQskdLyLvIc2HsREylQ88o8C0BlAlGow/oLzH/2ffJ5cA==
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
vDOLWijjWzWysJR3XvoDQA==
date
Fri, 05 Mar 2021 05:01:29 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
126314
x-fb-rlafr
0
expires
Sat, 05 Mar 2022 05:01:29 GMT
Cookie set summary
www.123greetings.com/send/fcp_track/2a2c5e6a7d66764564686b6c6c62/03304221117548838576/ Frame EAF7 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.123greetings.com/send/fcp_track/2a2c5e6a7d66764564686b6c6c62/03304221117548838576/summary
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.123greetings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/send/view/03304221117548838576
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
config_data=CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=1; _ga=GA1.2.1005860264.1614952622; _gid=GA1.2.1475996956.1614952622; _gat_gtag_UA_3076315_1=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/send/view/03304221117548838576

Response headers

Cache-control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Mar 2021 13:57:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Set-Cookie
SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
gpt.js
www.googletagservices.com/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68cd8c49a1f811e71f09edb9a1dde9f97651de3210b354be85453e8887fb714a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"802 / 614 of 1000 / last-modified: 1614946519"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19863
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:03 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame ECE9 		67 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1614952623394&t_start=1614952623394&t_domcontent=1614952623557&t_layout=1614952623704&t_onload=1614952623704&t_paint=1614952623704&t_creport=1614952623704&t_tti=1614952623557&lid=6936168701272157584-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f106:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df28d0535ec6487c%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff12818b32f877d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Femployee_appreciation_day%2Fyoure_the_best_worker.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
QwnOJZ6LVkz+lFF5eVH1lq3K9eJUqiaTBOnT1x05PQd66+vBtNfMbcuT2W2rfnq2ugDYWAm2tn0EaEzIsq8k7g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 05 Mar 2021 13:57:03 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2021030201.js
securepubads.g.doubleclick.net/gpt/ 		282 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 09:37:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101677
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:03 GMT
fcp_thankyou.js
x.123g.us/json/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/fcp_thankyou.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:44:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 May 2020 08:02:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
752
ETag
"f55-5a5bf5ae75580"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1026
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 13:59:58 GMT
thank_sendcard_v3.js
x.123g.us/json/ 		605 B
762 B 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/thank_sendcard_v3.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ef4d2ae93a2f0b286fd607d601ecb39ddd0f53b86ba5da33789f2289b67141f8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:38:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Mar 2021 13:01:48 GMT
Server
Apache/2.2.15 (CentOS)
Age
1086
ETag
"25d-5bcc9afd56700"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
323
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 13:53:58 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		174 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4452687281846236&correlator=2994726458958934&output=ldjh&impl=fifs&eid=31060111%2C31060336%2C21064368%2C21068111&vrg=2021030201&ptt=17&sc=1&sfv=1-0-37&ecs=20210305&iu_parts=46400095%2CDesktopWeb_Finalcard_LB%2CDesktopWeb_Finalcard_Sky%2CDesktopWeb_Finalcard_LowerLB%2CDesktopWeb_Finalcard_Preroll%2CDesktopWeb_Finalcard_FCPLarge1%2CDesktopWeb_Finalcard_FCPLarge2%2CDesktopWeb_Finalcard_FCPLarge3%2CDesktopWeb_Finalcard_Video&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=728x90%2C160x600%2C970x90%7C728x90%7C970x250%2C300x250%7C336x280%7C360x300%2C300x250%2C300x250%2C300x250%2C1x1&cust_params=site%3D123greetings.com%26section%3Demar_employeeappreciation_day%26page%3Dfinalcard&cookie_enabled=1&bc=31&abxe=1&lmt=1614952624&dt=1614952624134&dlt=1614952621069&idt=2967&frm=20&biw=1600&bih=1200&oid=3&adxs=560%2C1114%2C310%2C410%2C332%2C650%2C968%2C0&adys=47%2C236%2C1657%2C535%2C1090%2C1090%2C1090%2C1941&adks=3337616149%2C1542450727%2C4029745640%2C3714999025%2C3462125275%2C1838853332%2C2455301282%2C2411661447&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90%7C172x612%7C980x127%7C470x316%7C980x300%7C980x300%7C980x300%7C1600x1932&msz=728x90%7C160x600%7C980x90%7C470x270%7C314x264%7C314x264%7C314x264%7C1600x1&ga_vid=1005860264.1614952622&ga_sid=1614952624&ga_hid=1542276463&ga_fc=false&fws=4%2C4%2C0%2C0%2C0%2C0%2C0%2C0&ohw=728%2C160%2C0%2C0%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ed0ce81b44c3ff77f9063e5023b3ef9eae3cf9a5027345876cca337a399928c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26394
x-xss-protection
0
google-lineitem-id
5075419110,287186655,237051975,-1,-1,5339838610,-1,5501288042
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138271367694,113980516335,99278302815,-1,-1,138308197669,-1,138326033967
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0900d52e7942607e78205221c832f89a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://0900d52e7942607e78205221c832f89a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
connect_config.js
c.123g.us/js2/ 		201 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 12:07:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2512169
ETag
"c9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
jake_test
Test_Pass
Expires
Thu, 04 Feb 2021 12:22:36 GMT
thank_everyday.js
x.123g.us/json/ 		560 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/thank_everyday.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
7bc6a67d519f62c32208cbb11cad5748aa3cdff1d4aad2642bcc04c76160e151

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:41:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Mar 2021 03:37:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
955
ETag
"8c159-5bcc1cbf38f00"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70092
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 13:56:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B7AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrrhWVlyeTHeGuufBsux0_Q46bUJXw22z0y5ZwvbqNJ84HMrAmtWWLeRwGplTMdhhuFBUObXAuuGuyDWQgtpVbi4OLYE_NeVzDzkD1di-01QjHsh1qR3puz4hIquY4iYnSBp1XBhWryK-3ICGZ26Vj9JBX_0oCBr8n71Tv2DuDvpvOcpxP0qyHgHt3QHxm6u7tQYkiLvwJ8dmr6Z0IawUvmtJVNRY8YEb7AJHXgRVUVIwTEhFUS3pfdZE-2aK9SBbTcy3gFYH5-xCaD5l-bN-ecrlKjoaT7BVDCV4AmaspRVtDKSlwX3cLhma5LoYheqXdjw&sai=AMfl-YQsm6iyw7ZtMNhxJ4XXn00SB3gFeIdP1B5KDtVwXj5kc3wxpFopxr8rd0UHvuEOFwtxgOullgal6yx2Kg6-SzCWVEm8WKJ-s6gOju4hwYdNTN6GBL9wFNUL66NShh8&sig=Cg0ArKJSzLfaK50wNR4cEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:04 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B7AB 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
301d64a2e36e83c44987f3bb40e8add5ff8f161bf569934a31034f9b2c8e4c74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34992
x-xss-protection
0
server
cafe
etag
15071037659552845954
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 13:57:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B7AB 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7ED2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNI-m8yQFsZE6CZAYbLgrt0eVXAPthSHDjHWIY5uL-zYD93lU23OsaYxKB8QxB0rcFeiE9DT1iWl_3jR9VQQDFdPxyjl8JUYN1nLHf5PR796N5BA1Gb9hyDmaURqvwNMJBYfhITv_6UwIAAQNIIsqYbnCogG0_0BbpXXtA4r00aKisB9slA6mFgL1LBVNcAhH5eTTyK7-Y-p-Ta4TOhXCQw0sanGLSZYMAXRAUaNx1IhtPH1w0C91aQF06OvIHnzEA8n_3nKt6ZJ2rRg3wr5BzCLQlai3_d4kAWI9gkLK9j3HNfq2LuzUsZO-VY1-T52462LyK&sai=AMfl-YQZqm4zr3zs9sh_KqOCUjERljlBbAySsvA1YZyLIUIVvJFMP68o9xL_3UNB076RnDvM5fqLr2UhI75Ed-ZsJDFpPuUjn9FUGJaB6P-mA04K5OvsOowSdZeLG60FABc&sig=Cg0ArKJSzLOJmH2gw8FwEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:04 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7ED2 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
301d64a2e36e83c44987f3bb40e8add5ff8f161bf569934a31034f9b2c8e4c74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34992
x-xss-protection
0
server
cafe
etag
15071037659552845954
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 13:57:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7ED2 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E303 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss7UMKtGrhDmMmoCsb7TWcZPc6J-vmvJ7B6fMj6ODYqF2EvwjLV7LWldbUiahiUG9pln98bsyZD0moka4TFDnbi_oZjbdH2TDq4ZBBP5yrq_MHFaDGv9evF1X62sgeStM4S_Fa2REQLvpwsh3fhZE4tDRkPce6ue395VsK8FaE8adHqvv2Opl6-SclygQWCwFsbpAgUvhPqJ0U6Nx_kbtlr9-5cVXfg1QS9UZcweOz9eIJEasRK7SKn6kvEIFWfwgjlebB2jHGk1A3nMXlTcngmxTEWf2hR3_Ikw-q_mYsOq2L3fqaVztClEKuVJh2gNByzIjSgX2Y&sai=AMfl-YSbh03S5ovB35sQC1upeJMSIN5JtENPw6i_8UkpVGzXmWpp1WsfZQk1-u_knvryzoYka4d1AILwBqfNfM2QVXHPZXNArQQnBjVODfeORMfHGuGx2_ec7q1wC0Sz6ZQ&sig=Cg0ArKJSzPUZyvi1zrwwEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:04 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:04 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame E303 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
301d64a2e36e83c44987f3bb40e8add5ff8f161bf569934a31034f9b2c8e4c74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34992
x-xss-protection
0
server
cafe
etag
15071037659552845954
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 13:57:04 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E303 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:04 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame EC96 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266611
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame EC96 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266611
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame EC96 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266611
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame EC96 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266611
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame EC96 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266611
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
css
fonts.googleapis.com/ Frame EC96 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 13:25:46 GMT
server
ESF
date
Fri, 05 Mar 2021 13:57:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Mar 2021 13:57:04 GMT
truncated
/ Frame EC96 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1b0942a7d071bb49c923a0f72bcde6114441695e3f8ebfb16e0b8da15f7046d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC96 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
20047
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 06 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC96 		295 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
52333
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 05 Mar 2021 23:24:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EC96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CV6uusDhCYP7kDcmKjuwP7Ou0kAGi2fDEYI_Q66LHDKCgnpb1CRABIJyKsjBg0YG5gtAHoAH27PDeA8gBAeACAKgDAcgDCqoE5wFP0Du2nU1zM9OpfWXJH4qDuh1XaYzKHyDrA334FlZaLhLYdklYnRY6HyE7I06F8k44UQfZEk5VkI-mvAYumY-kT8UlYUdwOskULYGTX4tz2PqwjXEe4GPAv0QJ8k7PK9x-xaDeEsPr5rUK90JfQs9UaQwnXW32Wq0nMT09eDXwzGEqEvbNopr0tuBc70kN6Affmx1p6Zv4vo7iYSU6i2mWbhDckBrGCoZAHiDSEAbvIYrbEn_jrAk-vjs0kORovrGaDZVwyigGWk9V8feY550sElmlzbAzRabPUYGCDvCYnNLyqSQO_kPABPvhmrq9AeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZRgAfyko8hqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcFEIWRgQPSCAkIgOGAcBABGB2ACgHICwHYEwyyFxoKGAgAEhRwdWItMjYxNjcyOTM2Mzc0NjU2MA&sigh=PJMgzeZBloI&tpd=AGWhJmuW_tlUkDBKK59ZxSxdfkN0wSQ3xSMgJgS25LdCmDo9bg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:04 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EC96 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:27:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
329366
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:27:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame EC96 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
327918
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:51:47 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame B550 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266612
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame B550 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266612
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame B550 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266612
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame B550 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266612
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame B550 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266612
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
css
fonts.googleapis.com/ Frame B550 		6 KB
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf36c2a91f108e0eb00d5d2f09de162b72da38a46bca7e80eb13f53aabac4d70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 13:24:21 GMT
server
ESF
date
Fri, 05 Mar 2021 13:57:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Mar 2021 13:57:05 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B550 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
20048
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 06 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B550 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
52334
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 05 Mar 2021 23:24:51 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1563278568237365191/ Frame B550 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1563278568237365191/downsize_200k_v1?w=400&h=209
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94b41edf9d1c0f426b707e4b95c3cf1b60c52c552668a5326541cf87c01e1d55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 04:05:37 GMT
x-content-type-options
nosniff
age
35488
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26361
x-xss-protection
0
last-modified
Wed, 23 Dec 2020 15:50:18 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Mar 2022 04:05:37 GMT
truncated
/ Frame B550 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B550 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a3875202ddb0999b0caf097d4242cd8ad986c5d69cf275c56ae9603ed437fcd

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 511F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutWpB5gVyFLnGfBDPVcs1ukD7FqnEndE_b568o6RSFP8L5KUdR5QXO1EtGIN1HC3UXswRwDManeg9V6BcOQXiSnlCbai1RfyHXAo-mB2Z9RyoGGvPoznG_15J_iiwTojWZn_j9qcBw5T5odV1bdRxQQXFAxMbgK2hwNZyTRQXYA3ZwU4qWxoQnGDlm1A-MltesfduIzihF0QG9XaSrZ134EoqvOfUz6QYi3J_cH4aQCiZuZSrJWoX9TnchE8FCPXp2dz7wgWdV8jzCvTwmXybLoSY84_pJG5lqXMO_erdrvdDBned-8nSr-eIDD-3PSGS9bJhJsJL7b-LW&sai=AMfl-YSRBV6aF6mjYBZLnG9RMfuJ7RH9XEQTcqjeX-VRNQN9OFf3IS2o7br93W1MiJwSkzP5_n6zeOuZcyM3pdLdJHfn1xRwCrArBRvfneJgJPhw9OjW2M0f-buoRUPH4bM&sig=Cg0ArKJSzBPO9AD-h3XTEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:05 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 511F 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c47f237d1c8ad4453f1a6b3297f211c73406587e055b11010f464cce429ccdf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50151
x-xss-protection
0
server
cafe
etag
16592651781346407387
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 13:57:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 511F 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:05 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame 9A12 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266612
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9A12 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266612
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9A12 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266612
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9A12 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266612
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9A12 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
266612
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Tue, 02 Mar 2021 11:53:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Mar 2022 11:53:33 GMT
css
fonts.googleapis.com/ Frame 9A12 		6 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 13:27:13 GMT
server
ESF
date
Fri, 05 Mar 2021 13:57:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Mar 2021 13:57:05 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9A12 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
20048
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 06 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9A12 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
52334
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 05 Mar 2021 23:24:51 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/13167066663744657685/ Frame 9A12 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13167066663744657685/2076313506083323656
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ce32dd0505b7e1ae279bede121c8c7c05bdd0086bce3d99d5dcd1db830db1b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 28 Feb 2021 15:07:35 GMT
x-content-type-options
nosniff
age
427770
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 13:41:34 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Feb 2022 15:07:35 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/7022320320835361969/ Frame 9A12 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7022320320835361969/downsize_200k_v1?w=100&h=100
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f2e1d357e9969fae9cca6637719ed44194a22125c211c8bd64c7492ecb5bebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 10:10:26 GMT
x-content-type-options
nosniff
age
99999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8713
x-xss-protection
0
last-modified
Tue, 08 Dec 2020 12:25:08 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 10:10:26 GMT
truncated
/ Frame 9A12 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
510d99f13b8762e009e6988bde74f788474f70d079e8aece447018f7264c9116

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9A12 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2de381cbd9557ddb6bcf2e82826cd32590261c5d2de089c9ed87dcf5e989962f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 44D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_cpCYKVwtEM1YfjcPjz4BBWjXenkFjXhKwXk_MJnWViRcD6M9s3MJws6Yt9vG-Gjxp7fjA-a4yuTtc74ycYfaulUQKocXYQW2xkR61eWuPf2_kaTQcGFSxed9Qzc5OimpPYzeg4U4u_lSK2zR7d3nCGEBCzDGTDZY-WSb4Nt_XKTDIyXX_Bms8dfjvlsbxH_FSIcOx_C-wucCMaR93YZzSt40Q4gRZPp0eDKKiw0JC9T4RbMRF2q8HybJt05SuIgQ-Mu9O-Az_1rRqa5kBfmOE5ry1Da0UKBs11xfKkoDjkJYbcnOdEyMGy4fOxsPpmlhKWxKCcM&sai=AMfl-YQTptMC2MY47H7pyffO235O-tef6bopHIkFyUip-j6ubZrA8XxWEY_WfyWHcKLfYPP_9bfTkhqxkzBzIPgMxbhCJfKKA4R2392-mhK1b8v5cp-hJ-9lSlwy-3wQWxY&sig=Cg0ArKJSzPQmX9L-XTMhEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:05 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame 44D6 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d4390447cdbeb188fcda3f6593cbb3ebb1db6fe26ddf5589e00c5bce297ce38a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
JC1MZXnTlq5q1hwwM7uac4dOsQCTW8Fq
Content-Encoding
gzip
Last-Modified
Wed, 02 Dec 2020 10:42:18 GMT
Server
AmazonS3
x-amz-request-id
FCA6A97AFC345051
ETag
"68c180f02ff8411308f6cfc922d94aa4"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Fri, 05 Mar 2021 13:57:05 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
18189
x-amz-id-2
Zb2VnWcrV6E3u0TFsIsfPQ5haSKalx5Zs5A7MUG5vNkSsGuBtHdRsLxMSYrKmtAZ9tm9VzkGxa0=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 44D6 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B550 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfZHSsDhCYP7lDcmKjuwP7Ou0kAHorZCUYfDu55_MDd7ZHhABIO_2kCFg0YG5gtAHoAGXkOG_A8gBCeACAKgDAcgDCqoE6wFP0PJj4dq8a3eRMN47Cj8tizTFHLFtcVxmXzQIxzJV22siabOzjWRDniNkn5DHQT8fZvT-UzArWLrFHp_NUlQWcnWiiISL8t4IoiLpUokWxEJdEBeM-qZHtcE7_rGDxqOFHpHAORc7ufiC0rpXpD3iJyWJ7TUlfZPVTuFVfcJDJmgXbaQjz2TT52Bosjr23TBUrmqOHk5_FRB0ASdQxfVKI3kqnUP0xRqtXhAwJ9XD5X6hJ-FIJ6Mv7hZJpoLbbUXC3_cGy5mpxhe97WJuinWLfxfdXNmDxbAt2J-OR_xaBj3L0gkTLXFKKABFwASGqIO0rgPgBAGSBQQIBBgBkgUECAUYBKAGLoAH1tL7eKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCwlwbSCAkIgOGAcBABGB2ACgPICwHYEwyyFxoKGAgAEhRwdWItNDYyNzUxNzY4MDI0OTY3MA&sigh=SOw8cFJGkEw&template_id=5000&tpd=AGWhJmswngLRT4Ces1w3asAo98Yb_85GRDn6KIeNcaer4gNQRg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 9A12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXYjZsDhCYPXnDcmKjuwP7Ou0kAHfxI_CYM-h3bOFDYOChsvCARABIO_2kCFg0YG5gtAHoAHhyu_hAsgBCakC8rIekVcEtD7gAgCoAwHIAwqqBO8BT9DPvZuCJqnKJ-aZAXnkcKFZdqOxGFphr6MSZwOS6-rQefioNZFSgDjzBmbd5MBIL7N-9sckL2dk3ZCEQTmEhUuBK2RCtXcyYOCsve1nHHT1l7h_CY9seUOPWuouLHEStTIVD4TTYJmXg_vtMd6vCLFyT3GMwjZJE1gXZfISNZzOkfNEuNYmO3U_JQBEMH9fN51A7aTd-_jBEVPUXp_s4zKeU0UuAb1gx5AHZI526i7-HsxcVYOu0MLiyMn3a1znDguOmzkw33dYDnjSRLGMM2xHsXP8X3o97KVh4oskM7PqOmB0HjTMsK6OsrD59RLABL6khvymA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeHtZCeAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDtyATSCAkIgOGAcBABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItNDYyNzUxNzY4MDI0OTY3MA&sigh=A3fpaC-CIbM&template_id=484&tpd=AGWhJmu5wZClHeFDWaJwd4RFNLjaATJmkldQbL-lwQcVubFZWQ
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021030201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4acc1f3991e3a34a7a3b1180249a89402195613b46437fa08b1c13bf2b508008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6505
x-xss-protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ Frame B7AB 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
4389487008424739880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 13:57:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/ Frame AE57 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210303/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210303/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkIOSOv0WYceHEVBk9DbpqEtdQgs8eMOBZpi7iBgKCULk6cOXSwh3xCVzAN02c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 04 Mar 2021 20:37:42 GMT
expires
Thu, 18 Mar 2021 20:37:42 GMT
content-type
text/html; charset=UTF-8
etag
14371272352318978350
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
5136
x-xss-protection
0
age
62363
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B7AB 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6cef4504476e7ffd234496143729a73c652191f2a20478b26666eeb05a1f30f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ Frame 7ED2 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
4389487008424739880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 13:57:05 GMT
truncated
/ Frame 7ED2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c282840626fc1f941a7ca02f362e428674ee83aed5ba89ed611ed0d96616e36e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ Frame E303 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
4389487008424739880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 13:57:05 GMT
truncated
/ Frame E303 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d553965b4f127f715ed9613608acf48ed535927582968b43b2244a6a9d2165a7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B550 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:27:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
329367
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:27:39 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B550 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 12:56:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:55 GMT
server
sffe
age
90026
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15784
x-xss-protection
0
expires
Fri, 04 Mar 2022 12:56:40 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B550 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
327919
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 01 Mar 2022 18:51:47 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9A12 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
151475
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 03 Mar 2022 19:52:31 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9A12 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.123greetings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 12:56:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:55 GMT
server
sffe
age
90026
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15784
x-xss-protection
0
expires
Fri, 04 Mar 2022 12:56:40 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021030201.js?31060336
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:06 GMT
emar_employeeappreciation_day.js
x.123g.us/json/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/emar_employeeappreciation_day.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
92e6b7d01aaf2b0c7f141df98d074361a7c1034ebb8f300baabc9173996d60d2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:32:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 05 Mar 2021 12:36:56 GMT
Server
Apache/2.2.15 (CentOS)
Age
1457
ETag
"5a3b-5bcc956e74a00"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3317
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 13:47:50 GMT
truncated
/ Frame 511F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14d63aee3a6c66d67b67816622f792b33ffe33eda464ef13bae6b15a6f59c2e4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 44D6 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31f7e40a7404198ccf7b503084f06c031dc568e4cdd05a1b67e9ec98083cb949

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/ Frame 511F 		227 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87278
x-xss-protection
0
server
cafe
etag
4389487008424739880
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 05 Mar 2021 13:57:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EC96
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 05 Mar 2021 13:57:07 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
abc.txt
static.avantisvideo.com/data/ Frame 44D6 		29 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57ae4adb798e713d7343b958ed743e134e7d2195d3e6cf922bb305f5178249cc

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 05 Mar 2021 13:57:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Mar 2021 13:54:52 GMT
Server
AmazonS3
x-amz-request-id
19YS6V9YPWBGC7C8
ETag
"dfe94d8187ebbf6e7100f2ab92955823"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
6488
x-amz-id-2
VGKEJ5g6lrUwS8xsmcY1u1VEVC1GZcHKE+9kGnGW/IKhBYlnu2+nv8wkGwkpLtwgjYLa/p21zLM=
abc.txt
static.avantisvideo.com/data/ Frame 44D6 		29 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57ae4adb798e713d7343b958ed743e134e7d2195d3e6cf922bb305f5178249cc

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 05 Mar 2021 13:57:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 04 Mar 2021 13:54:52 GMT
Server
AmazonS3
x-amz-request-id
19YS6V9YPWBGC7C8
ETag
"dfe94d8187ebbf6e7100f2ab92955823"
Vary
Accept-Encoding
Content-Type
text/plain
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
6488
x-amz-id-2
VGKEJ5g6lrUwS8xsmcY1u1VEVC1GZcHKE+9kGnGW/IKhBYlnu2+nv8wkGwkpLtwgjYLa/p21zLM=
cookie.js
partner.googleadservices.com/gampad/ Frame B7AB 		12 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B7AB 		107 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B7AB 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1A27 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031639&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625569&bpp=80&bdt=795&idt=1687&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=1673349887.1614952627&ga_sid=1614952627&ga_hid=1232748318&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3946792256&scr_x=0&scr_y=0&eid=31060287%2C182982300%2C21068083%2C31060047&oid=3&pvsid=1683043660854593&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qz1ruu1cfigz&fsb=1&dtd=1717
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031639&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625569&bpp=80&bdt=795&idt=1687&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=1673349887.1614952627&ga_sid=1614952627&ga_hid=1232748318&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3946792256&scr_x=0&scr_y=0&eid=31060287%2C182982300%2C21068083%2C31060047&oid=3&pvsid=1683043660854593&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.qz1ruu1cfigz&fsb=1&dtd=1717
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkIOSOv0WYceHEVBk9DbpqEtdQgs8eMOBZpi7iBgKCULk6cOXSwh3xCVzAN02c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Mar 2021 13:57:07 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame B7AB 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC96 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
20050
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 06 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame EC96 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
52336
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 05 Mar 2021 23:24:51 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame E303 		12 B
97 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame E303 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E303 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 703E 		603 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625859&bpp=53&bdt=1058&idt=1465&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=414267711.1614952627&ga_sid=1614952627&ga_hid=1921186051&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1657&biw=1600&bih=1200&isw=728&ish=90&ifk=1023943532&scr_x=0&scr_y=0&eid=31060288%2C44736525%2C182982100&oid=3&pvsid=4239654129517219&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17rpqgauq2b0&btvi=1&fsb=1&dtd=1501
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625859&bpp=53&bdt=1058&idt=1465&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=414267711.1614952627&ga_sid=1614952627&ga_hid=1921186051&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1657&biw=1600&bih=1200&isw=728&ish=90&ifk=1023943532&scr_x=0&scr_y=0&eid=31060288%2C44736525%2C182982100&oid=3&pvsid=4239654129517219&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.17rpqgauq2b0&btvi=1&fsb=1&dtd=1501
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkIOSOv0WYceHEVBk9DbpqEtdQgs8eMOBZpi7iBgKCULk6cOXSwh3xCVzAN02c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Mar 2021 13:57:07 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame E303 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:07 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 7ED2 		12 B
97 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 7ED2 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7ED2 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CA15 		66 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17a0d3bdca2548ebe70691b8902f3d4da915c925e1961118cb28480533cd5e7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkIOSOv0WYceHEVBk9DbpqEtdQgs8eMOBZpi7iBgKCULk6cOXSwh3xCVzAN02c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Mar 2021 13:57:07 GMT
server
cafe
content-length
22319
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 7ED2 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:07 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B550 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
20050
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 06 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B550 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
52336
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 05 Mar 2021 23:24:51 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9A12 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
20050
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 06 Mar 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9A12 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 04 Mar 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
52336
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 05 Mar 2021 23:24:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 44D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWYdGlJJVYd3cMFOhtrnRhdjI_7JnhF4tDgTADqvSMV9g8alOEROzcy8NH7rJFm-0YBsHEEeOoKWu8XHCGru-DmIYcqu9mQPwq-iy9T_V-QH-Sh09T9jRtCBEOIhHaEqswrcYDDcyqLQdV_-LNPdR7GEd_ZKxl1cMUPrvXXPpDfT3juwNHg6GCH4YmjVnx90JjrUUYgA6rhKdqSIAAW1AKRsXNjHz7FSzh5LWSkJ7TUmQUGXm2ZCRKPEMNISMEff39ehZOelzPgL5y6WeCLIgqJW-QS59sKwUXFZJjeF9JuFfDWdaiGOOF5r9LaiQtuFlDheq6W6xMTA&sai=AMfl-YToOeXpJdQRYee8p4Pivy0hlutXaHUVato-96n34d42-9YpY4UPvbEtHTLhNCLQaLpcYdFUrVXUalU1R4FbAgyFC54ZcMKZnqmJKMqUAQI2q_EPfBlbXmpaYmFJaDU&sig=Cg0ArKJSzE3qeDcH2fVlEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:07 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame F816 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 05 Mar 2021 13:53:52 GMT
expires
Sat, 05 Mar 2022 13:53:52 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
195
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
u_d.html
cdn1.avantisvideo.com/connect/ Frame DC8D 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-43.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb

Request headers

Host
cdn1.avantisvideo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

x-amz-id-2
Iooa4w3PM3UBsxN2hz6MkG1HhLD4SIcDDSBumQho1ZI+rxld+gBT+3PBoxU4RyF+f6ERe2RubZ8=
x-amz-request-id
9R0G9G5X3YFV8Z9J
Last-Modified
Wed, 21 Oct 2020 12:02:12 GMT
ETag
"616cd2f36203ae3b124d70c803c7c7a7"
x-amz-version-id
aQTt0EDrJInn5h7oZRa4YKcA5m0mCAoF
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 05 Mar 2021 13:57:07 GMT
Content-Length
15090
Connection
keep-alive
X-Forward-Proto
http
CDN-Origin-Protocol
HTTP
cookie.js
partner.googleadservices.com/gampad/ Frame 511F 		12 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 511F 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 511F 		107 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 46E4 		56 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
417777ac4c3930da4b9895cd05d490e311d6c3ffbe67f8be6b52cbc3a80d88d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkIOSOv0WYceHEVBk9DbpqEtdQgs8eMOBZpi7iBgKCULk6cOXSwh3xCVzAN02c; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 05 Mar 2021 13:57:08 GMT
server
cafe
content-length
20913
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 511F 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774803212306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28399
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:08 GMT
big_img_sprite.png
c.123g.us/images/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 06:38:40 GMT
Last-Modified
Wed, 11 Sep 2019 08:42:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
1495108
ETag
"9cd35-21653-5924300b6d700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
icon_set_R1.png
c.123g.us/images/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:17:00 GMT
Last-Modified
Mon, 18 Nov 2019 12:30:00 GMT
Server
Apache/2.2.15 (CentOS)
Age
1741208
ETag
"9d05a-230cb-5979e1b2b4200"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143563
jake_test
Test_Pass
carousel_thank.json
x.123g.us/json/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.123g.us/json/carousel_thank.json
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.137.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5c2aa4417cb7917bdd64d953a47996f1fdb0d7a6f097ce534dfd75daab334e84

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:49:00 GMT
Last-Modified
Fri, 05 Mar 2021 13:37:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
488
ETag
"150d-5bcca2e5fcfc0"
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5389
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 14:04:01 GMT
328055_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328055_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f46be63e19d04817dee1c03f7961f270dcda6b0ebba3a28ce946351aa06ca5a6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 02:52:27 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1508681
ETag
"1f54-5494648e419c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8020
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 22:38:41 GMT
328054_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328054_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
da8424d67b738df701764a2af42e099d42f4000c7836bcbcd1f95f90a1754d13

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 15:39:02 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
2067486
ETag
"162a-5494648c59540"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5674
jake_test
Test_Pass
Expires
Tue, 09 Feb 2021 15:54:02 GMT
122871_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/122871_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a38da6c1fa5a3a99ee2125927f2040d5b0a5e1e24ed799ae8a4d5f1d68483c90

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 15:39:02 GMT
Last-Modified
Mon, 24 Feb 2014 09:51:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2067486
ETag
"1ff8-4f323e8cd0d80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8184
jake_test
Test_Pass
Expires
Tue, 09 Feb 2021 15:54:02 GMT
closeBtn_h.png
c.123g.us/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.123g.us/images/closeBtn_h.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 04 Feb 2021 15:20:42 GMT
Last-Modified
Tue, 07 Mar 2017 11:40:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
2500586
ETag
"9cf1d-42a-54a227b6344c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1066
jake_test
Test_Pass
334216_th.gif
i.123g.us/c/thank_everyday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/thank_everyday/th/334216_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0a99664ef5d0d0f8b3586574bb80cd5139a4bff6e5f12604d767e57dc5597912

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 12:25:35 GMT
Last-Modified
Tue, 22 May 2018 12:34:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1128693
ETag
"1ee0-56ccaa2518b80"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7904
jake_test
Test_Pass
Expires
Sat, 20 Feb 2021 12:40:35 GMT
343868_th.gif
i.123g.us/c/thank_everyday/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/thank_everyday/th/343868_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1db78caab4487db707ddf2dfa5a49c7c3be19ce73ac5a67e56d62a8cefe55c19

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Feb 2021 07:39:02 GMT
Last-Modified
Wed, 15 Jul 2020 09:02:49 GMT
Server
Apache/2.2.15 (CentOS)
Age
1923486
ETag
"1f5c-5aa7730234040"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8028
jake_test
Test_Pass
Expires
Sat, 20 Feb 2021 13:12:19 GMT
333231_th.jpg
i.123g.us/c/thank_everyday/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/thank_everyday/th/333231_th.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0cf6096d0c5a77299d32d92c53397e35f5320b519bbfcab430c04b401b15cf1f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 12:04:22 GMT
Last-Modified
Mon, 26 Feb 2018 08:08:27 GMT
Server
Apache/2.2.15 (CentOS)
Age
2166766
ETag
"1d48-5661903c4d4c0"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7496
jake_test
Test_Pass
Expires
Mon, 08 Feb 2021 12:20:34 GMT
css
fonts.googleapis.com/ Frame CA15 		3 KB
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 05 Mar 2021 13:19:13 GMT
server
ESF
date
Fri, 05 Mar 2021 13:57:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Mar 2021 13:57:08 GMT
328054_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328054_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
da8424d67b738df701764a2af42e099d42f4000c7836bcbcd1f95f90a1754d13

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 15:39:02 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
2067486
ETag
"162a-5494648c59540"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5674
jake_test
Test_Pass
Expires
Tue, 09 Feb 2021 15:54:02 GMT
328055_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328055_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f46be63e19d04817dee1c03f7961f270dcda6b0ebba3a28ce946351aa06ca5a6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 02:52:27 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1508681
ETag
"1f54-5494648e419c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8020
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 22:38:41 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 08:14:31 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2094157
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 11:24:32 GMT
107382_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/107382_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e264b483476d2f3077d91eaa27d016f350e940b675442a531b69bf8237f7de52

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 09:15:36 GMT
Last-Modified
Tue, 07 Mar 2017 10:29:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
1744892
ETag
"1be2-54a217cfec1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7138
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 07:14:56 GMT
333333_th.jpg
i.123g.us/c/emar_womensday_thanku/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_thanku/th/333333_th.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8df414f2f268a79b25df82608e4e2abbde269074c6ff336ab873ccca4bcf1038

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 06:27:59 GMT
Last-Modified
Mon, 05 Mar 2018 10:55:37 GMT
Server
Footprint Distributor V6.1.1162
Age
199749
ETag
"1594-566a82a7e1c40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5524
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 12:23:17 GMT
118216_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118216_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
21ddf440ef96c40871bd11a61be53b96279cefcacf93b6f600df100b115bf95b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 12:59:30 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1126658
ETag
"1fe4-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8164
jake_test
Test_Pass
Expires
Sat, 20 Feb 2021 14:16:35 GMT
114295_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/114295_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
57aab38315432942225c98700c66a07fb6cb8946389c9be0ecd7c587a0afeb3d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 09:40:14 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2002614
ETag
"1f5a-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8026
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 13:10:50 GMT
328217_th.jpg
i.123g.us/c/eaug_dreamday/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/328217_th.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b4544d214dcb52b999fd8aac26380a9a8bd1d363707ebf0faba5f00c23452bc9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 12:49:06 GMT
Last-Modified
Wed, 08 Mar 2017 06:20:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
781682
ETag
"1515-54a3220e12700"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5397
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 13:08:17 GMT
118266_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118266_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0a94bf6137c58f34fad3fd46b2b0614fedf63a26d4b797e99873224d4a449164

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:19:04 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1719484
ETag
"1fd9-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8153
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 10:13:51 GMT
118019_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/118019_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3687bda94db462359c1cabe3d16f8eecf1c4c060088c3de8d9de2bc5ae30e397

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 14:09:15 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
949673
ETag
"1fb5-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8117
Expires
Tue, 23 Feb 2021 18:28:44 GMT
110508_th.gif
i.123g.us/c/eaug_dreamday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/110508_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
498479fb35ad705beb2a644010f1b5650f82221bc615f14160f72eae71f8ea1b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 09:59:34 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
791854
ETag
"1ade-4f322afe06900"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6878
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 10:14:35 GMT
301739_th.gif
i.123g.us/c/emar_holi_happy/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_holi_happy/th/301739_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
33c1d47d641aead142009698235f311bdc2eacb0603adb1595df1cab9415e96c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 10:43:43 GMT
Last-Modified
Mon, 24 Feb 2014 09:42:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1134805
ETag
"1ccc-4f323c8da5780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7372
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 15:46:49 GMT
337982_th.gif
i.123g.us/c/eapr_daylight/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/337982_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cb311fbd77fe50849bcfe8cfb36faaaf660aa170a3aba8251275658a05209999

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:44:57 GMT
Last-Modified
Fri, 08 Mar 2019 06:34:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1739531
ETag
"1da6-5838f688a2840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7590
jake_test
Test_Pass
Expires
Thu, 04 Mar 2021 08:08:27 GMT
113493_th.gif
i.123g.us/c/eapr_daylight/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/113493_th.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67a5e375fd2f38c2f87173f6df32a16b162c15e3c89cae78f5a19cfd5bccfaea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:05:34 GMT
Last-Modified
Mon, 24 Feb 2014 09:34:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
579094
ETag
"14d8-4f323af29cdc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5336
jake_test
Test_Pass
Expires
Fri, 26 Feb 2021 21:20:34 GMT
fcp.css
c.123g.us/css/ Frame EAF7 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/fcp.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/2a2c5e6a7d66764564686b6c6c62/03304221117548838576/summary
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 12:28:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jul 2018 10:31:17 GMT
Server
Apache/2.2.15 (CentOS)
Age
2165346
ETag
"1b92-57234f6246740"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2003
jake_test
Test_Pass
Expires
Mon, 08 Feb 2021 12:43:02 GMT
jquery.js
c.123g.us/js2/ Frame EAF7 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/js2/jquery.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/2a2c5e6a7d66764564686b6c6c62/03304221117548838576/summary
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 14 Feb 2021 19:24:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1621941
ETag
"2c43b-16f3a-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33449
jake_test
Test_Pass
geoip
avm.avantisvideo.com/api/v1/ Frame DC8D 		111 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.156.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-156-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c515386abca709d09f31b5fb24d25f420a4eeac9ca27cdf1061c55fb3bf1e2c3
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
111
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Fri, 05 Mar 2021 13:57:09 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
54.212.156.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-156-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 05 Mar 2021 13:57:08 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame CA15 		2 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
896
x-xss-protection
0
server
cafe
etag
948078048762640732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 13:56:09 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame CA15 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 13:53:56 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame CA15 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:56:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 13:56:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA15 		110 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:08 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame CA15 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:56:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 13:56:57 GMT
l
www.google.com/ads/measurement/ Frame CA15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRII2TJdJNcyrItEIHSswJxFW6wp36_dI1E7mK-BFLFk-JcvPFLAkoaKxX8TELTfIOIhx1v
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1e8eaeef6431cb6de349a68674062a29.js
www.gstatic.com/mysidia/ Frame CA15 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 06:36:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Feb 2021 05:48:51 GMT
server
sffe
age
544852
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10971
x-xss-protection
0
expires
Fri, 28 May 2021 06:36:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E303 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlKxNKFkXRQy_CnDDdgqTF6_6h9nyYGoq__LJx7vHAi2Yj1HB8Mj7BZFxviEBe27DzFHFvEbQv516NCrFkg3Lfja8ZOZwf1DG17BWtrwDbV5yo-TEb7mjM0vSy5CLpTawsFImflvPnJZOItGe8k3w6Gc0lde1A6X8PFfPHV6Qcu9iheRqDplgeL3EzZ8nM0nazMFJCjpkNJrMNKhcYeHb7eBFBWtQ4PL9jJleidsahbd-jCGkcC1-cRDg7HoDT4W-9OVLEoGhPmkkgCEnUsrbvxZuhsPKuy81duaMIJcn3rVq7f5voTKh8MCqnOkJHg8B8wNzgBJUCAg&sai=AMfl-YQjrBQznr9Fv1YsJZCMFIU8Xjm1fl-QyDLYxR1JJUzXRnQhwaKawxrx_yDxI0gItZYTHkHKLaDx4dRQdtxrKKTmoEyIeNZQgfPecIPJqeUTRu7dv1Ql7f6c0L-b_Zk&sig=Cg0ArKJSzLkYDkTFuOjeEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E303 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9387759a65b685c689f8d57d9ebd4575baa0dc95ebf3a6a0ace868856444e434
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6535
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B7AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnj7rtST6vrrCvVepa99Qe7zB47yUmv4rR04nC4rqmYcsQONEEU1nPMJOgtrc6qvVUtkvTzVMd94eKxTEKNTW_kQjm9SiLdyN2gLA3qQMj2KGoIhMF145fSNUW9hXGzqCDXs1NGwhFcjCTU5MVjjwm0W9VY7T0FHzzdto-d5_jtwcTtyVFs_Ppuqqcvtgi07oIcpbx0gcL8tF4ZrG3ps92urxoIzjBnNoRytEPPlfhtSY-Io1mmTQki632JNceti-dx-i1VP4d6YvoEet9XRw9sLtCyTN6Ps1KYAZOKfgqpOKqhWt66kx1yvAiKAhtRHmwFaSU&sai=AMfl-YR0gaUDYyexuVW32GD4B4E54xWp79MjA8bOLY6lsxyn79ECek-Uz_y5oUFBaocHZINcnwDCMQDuuaR8o4Pz6IsIAJxEu4EQQ7fc1j4z81UQ3s8jQVKVuW45m9W_YIo&sig=Cg0ArKJSzGMG_msC5tlhEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:08 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B7AB 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d13bd413ed644911ab48a27e1c3a582118b1e93513ec1c9bf8a1f91222bffd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6353
x-xss-protection
0
styleopt_v2.css
c.123g.us/css/ Frame EAF7 		45 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/styleopt_v2.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9

Request headers

Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 28 Feb 2021 05:45:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 10:50:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
461526
ETag
"b2be-582511fdb9780"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8955
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 12:09:26 GMT
modal_window.css
c.123g.us/css/ Frame EAF7 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/modal_window.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de

Request headers

Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 02 Mar 2021 16:35:57 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:40:54 GMT
Server
Apache/2.2.15 (CentOS)
Age
249671
ETag
"2468c-746b-54a227c0b1d80"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6107
jake_test
Test_Pass
print_card.css
c.123g.us/css/ Frame EAF7 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.123g.us/css/print_card.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969

Request headers

Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 21 Feb 2021 15:15:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
1032075
ETag
"bbf-54da7c8112fc0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
824
jake_test
Test_Pass
Expires
Thu, 25 Feb 2021 13:03:52 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B7AB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:08 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 942F 		143 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 05 Mar 2021 13:41:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
945
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E303 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:09 GMT
truncated
/ Frame CA15 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba227aed32e88a52ef771e684728d5d81982af82c52fda7d0e3a2ed37ff29538

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame EC96 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrbPDfSB7mGgiXCz9K-J_PIPj72moyxQIAfLySwKEobUwSmi0Nj8ZyYMHgpcu0eYtoYOXYqWBhFed9oiUb4uwKAXWE9IdnOttButS9v19y_U-uMk7QJ_Zt46TFemQXvkNSx7yN6jW6QnztQiZKmEL3&sai=AMfl-YQwUFzke286GcUt9ff1f3T45BhhUykM5B26Zttgzdwp3RpZft_fK_uNnaIDNRJ5GsLx536Vt5OJR1WZ9-hWTpAzxUEFT7RbFAUM20HRMrpB_JjBm-xNkpZsPFB32hg&sig=Cg0ArKJSzBQsK5m7K5EMEAE&cid=CAASPeRo_V4wc6mGi-xp4-sUhi76ndSoUdrADccQkYHKQ2C3xvW2kIWxFkopacueNiAJnvoXAR7ydiqqxYSXk3c&id=ampim&o=495,535&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1212&mtos=0,0,1212,1212,1212&tos=0,0,1212,0,0&tfs=1027&tls=2239&g=100&h=100&tt=2240&r=v&avms=ampa&adk=3714999025
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CA15 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 01:58:20 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
129529
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 04 Mar 2022 01:58:20 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame CA15 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 16:18:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
164316
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Thu, 03 Mar 2022 16:18:33 GMT
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame F816 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
169725
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
13407141130664497199
tpc.googlesyndication.com/simgad/ Frame 46E4 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13407141130664497199
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a95876237ee634c719f2b2d6e5aadc5a40f2aa34d407446b2a98eabac190040
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 03:38:19 GMT
x-content-type-options
nosniff
age
123530
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113654
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 03:00:20 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Mar 2022 03:38:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/ Frame 46E4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:53:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7378
x-xss-protection
0
server
cafe
etag
2412555088240638002
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 13:53:56 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 46E4 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:56:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1546
x-xss-protection
0
server
cafe
etag
8852521427838746165
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 13:56:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 46E4 		110 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1614774766775808"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34192
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:09 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 46E4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:56:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6140
x-xss-protection
0
server
cafe
etag
17031075750977984330
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 13:56:57 GMT
l
www.google.com/ads/measurement/ Frame 46E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtVbS0bJ5eomRWNaDaQXssoz-hCtH8Qexor0n9znFVXad5aM6a4dJ6jWxTeEdHOkTK0wun
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/ Frame 46E4 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210303/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 12:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10963
x-xss-protection
0
server
cafe
etag
5048180228173261443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 12:32:45 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 46E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CmA5KtDhCYOQ9oJ7v9Q_Vn5zgBqjEspJh2Omk7pINxpqRjYwOEAEgheySAmCViriCyAegAbKGrvQCyAEDqAMByAPJBKoEzAFP0BIQ3TD9yzU-CXs_LceQWKMxUCNcb8kIOuklVEjLSi0B-j_mYt0O3awTRGw7AhgNncyOuFLV9vm1rPTLLfVSLhOR-6oRpeh-H4WPK886gLOVs2H5yYi8pckZFdFpZiGa8u32ThHIMScO8r7K82c-LoPn1fByVCUCJKnf2hgtQKovMNRQQVpT5Y1CGBMYTD9OfXN55F3VTUn02TR_JKTzVJtJGIlLJxu1k36VX_J9P7rI_Ayx-bn0jI2MFRqGWnRfVW-kGqN_umIiLovABPmJqsmtA5IFBAgEGAGSBQQIBRgEoAYDgAffyeuPAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBD1nAjSCAkIgOGAcBABGB-ACgHICwHYEwuyFxoKGAgAEhRwdWItODI3NTMwMjEwNzY5MzY2NA&sigh=ZcHFZhHtuzs&tpd=AGWhJmvvf4sVTwI0PWIa9c3kybNnQbazND9mYibt886IwnwLUw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 05 Mar 2021 13:57:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:09 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 4B63 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 05 Mar 2021 13:53:52 GMT
expires
Sat, 05 Mar 2022 13:53:52 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
197
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame BCF4 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 05 Mar 2021 13:53:52 GMT
expires
Sat, 05 Mar 2022 13:53:52 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
197
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 7ED2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjG7Fscq8L-n6iZi0sYMCZ-WRZZ3mI2u2vAky6FaqH0hEqFXVVc7pcvFl86YfXXqCIQnUD7EjBKmwHIgQjIunR2tmHvMy9dhdZ9cxQHeEkMX62TWTe1SHMBRetnP0r7DbZd1uGwaywXQ-eZe9OnCrdQV6XFPNr4mfCoyV9DthcVAgOSN3btPOG7FNy5q2qxvDNMpCCHzcsiyKz_V-MFsiy-yr6yzQptuLEcDrZP7PyJBJe0CCqa_2OGbYJWUmG1aX2xO8gn3nEzQyeYJrlJ-vGK3MDo0MHZ0USxMeJpQ7GyvEjVDiVJcMA4-GpPa_ENPJTn1vpMr8&sai=AMfl-YQD64XT6_I9KItXCTsIYKMFljJ21j477nKhz806meYHPkT2RECvLcz6osVYX8PwTRbRoN76kNLLCseecZI6Z3SAkQI3XyOVNl056V3NfzpvHH_d0A_9n_Jcj-sI4E8&sig=Cg0ArKJSzLX3lSrbGZWREAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7ED2 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e40a69db66d0d31929c2af959cc741bcfbd639bf8c889525ba7d51bad318ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6548
x-xss-protection
0
truncated
/ Frame 46E4 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
758be80699f9477ea2805a8c3271a1b9098fd08326edacecbf198e136d93c2f7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 942F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Mar 2021 13:57:09 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 05-Mar-2021 14:57:09 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 05 Mar 2021 13:57:09 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 05 Mar 2021 13:57:09 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 9734 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952625749&bpp=30&bdt=956&idt=1625&shv=r20210303&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=1&ga_vid=1562518743.1614952627&ga_sid=1614952627&ga_hid=596808412&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1157456817&scr_x=0&scr_y=0&eid=42530671%2C21068495%2C31060030&oid=3&pvsid=3070570513181349&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5zcc5y3j2e1o&fsb=1&dtd=1635
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
169725
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7ED2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:09 GMT
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ Frame 44D6 		121 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d98822c2ee45aa95f7c98f9ab5bf7eb3fb37dffb0332d7caf0fc7afe5805f506

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
92.w0NWO5QWL66xPwRzoCeHePbfL3lNJ
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:22:24 GMT
Server
AmazonS3
x-amz-request-id
B3E55BD13ADA0E40
ETag
"bcd489500971fc4c1d7c8613079b0104"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Fri, 05 Mar 2021 13:57:09 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
36131
x-amz-id-2
LWSgZstGevh/d9v56S5LvO9vcaWV26Yv/dNRoEmyK6wTjChcnneylh90yYony0dHfZZZM1bmL+c=
view
securepubads.g.doubleclick.net/pcs/ Frame 511F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu85thphvzHf8801nfe0BGVUG4gnaOJnAYmZSn9UnrzQ50P6baBSOvFXvPsEfrPQyfCJ-oxX9D21Q7B21D19KyNcdbqwbNlDePqlTwkL9dQk7QaHOfgOm5PjUTK-6LziD7Ju23qCmdAjOreYWhih-25Md_7G-6eXE6uiuY15UAN17peWuMallu7LPp_VhU-BCaaKHsMgEgkrVsGM_8puMWq2RSPLigTctwFTNTBNvHfRZxyCGKDmEH2lPUdWDo6a9lnVPj1Z4E8c0jbRLc0q1EcgaTa3xAfBLZvJUbviYNAI2NyJB9MtLuKvsC5XV4Ojw_pTF6CuMKzq6jRX8A&sai=AMfl-YR1tZJn7yJu-EzvSJ5a5wBnNYI0ilkRU09Ck6UfvftfEtIO9hUGCazO2G5McViic1qvnJ8oDrnszECjiUHDjQGiYGowED6-sVCq7y9jUaZXxR2xiFBy6hRLqu1-MgM&sig=Cg0ArKJSzB7YIBTqfhDTEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:09 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:09 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 511F 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210303&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e8a52030d7af4979308e537072f8890682dc050bc751595d05adf63add9122a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
video-loader2-cr.js
cdn.avantisvideo.com/js/ Frame 44D6 		121 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
af4acfc4586c2d5c11514ef08681ca1cc7f69db15e61443a7e6347226f82633d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uZ3IAR1ILqd3gCJAaZ9PBtO2GfcxtaML
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2021 08:43:15 GMT
Server
AmazonS3
x-amz-request-id
2FC0C1E0D9BC1DC1
ETag
"605f5c9fee2a9f0e3b4711ec43352b49"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Fri, 05 Mar 2021 13:57:09 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
36129
x-amz-id-2
wK2S7kJDO4q+avXwm3ChRbBWMXmDJ6lIlkJ4LR+4olAIQeohvTpc6epUKpT4THH/01j7oY2axcY=
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 65E9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 05 Mar 2021 13:53:52 GMT
expires
Sat, 05 Mar 2022 13:53:52 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
197
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 3BF2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&ea=0&flash=0&wgl=1&dt=1614952627173&bpp=8&bdt=1986&idt=768&shv=r20210303&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D5d4c93f844bd1d7f-2215377cb3ba00b4%3AT%3D1614952624%3AS%3DALNI_MZ-MKUbhg3S-Y1yqtiFo10C6raidg&correlator=1829511443606&frm=23&ife=4&pv=2&ga_vid=738282284.1614952628&ga_sid=1614952628&ga_hid=581081924&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1090&biw=1600&bih=1200&isw=300&ish=250&ifk=4015003798&scr_x=0&scr_y=0&eid=44736525&oid=3&pvsid=1285668534040318&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.k44lata9n55g&fsb=1&dtd=803
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
169725
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 511F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210303/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:09 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B7AB 		42 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1M19USc5ekntXXLwB7W5cGajn_gOYHqfEJFLP6yulKm5I1H0cE72Ww_zDXVVI3ivyn-erKoysjFuwsUSZkKk1AtFmplCc738ZsUHyftc&sig=Cg0ArKJSzHm1SdSrBxLeEAE&id=osdim&mcvt=1190&p=47,560,137,1288&mtos=1190,1190,1190,1190,1190&tos=1190,0,0,0,0&v=20210303&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3337616149&rs=4&met=ie&la=0&cr=0&osd=0&vs=4&r=v&uup=0&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		121 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d98822c2ee45aa95f7c98f9ab5bf7eb3fb37dffb0332d7caf0fc7afe5805f506

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
92.w0NWO5QWL66xPwRzoCeHePbfL3lNJ
Content-Encoding
gzip
Last-Modified
Tue, 09 Feb 2021 10:22:24 GMT
Server
AmazonS3
x-amz-request-id
B3E55BD13ADA0E40
ETag
"bcd489500971fc4c1d7c8613079b0104"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Fri, 05 Mar 2021 13:57:10 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
36131
x-amz-id-2
LWSgZstGevh/d9v56S5LvO9vcaWV26Yv/dNRoEmyK6wTjChcnneylh90yYony0dHfZZZM1bmL+c=
video-loader2-cr.js
cdn.avantisvideo.com/js/ 		121 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-18.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
af4acfc4586c2d5c11514ef08681ca1cc7f69db15e61443a7e6347226f82633d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uZ3IAR1ILqd3gCJAaZ9PBtO2GfcxtaML
Content-Encoding
gzip
Last-Modified
Wed, 10 Feb 2021 08:43:15 GMT
Server
AmazonS3
x-amz-request-id
2FC0C1E0D9BC1DC1
ETag
"605f5c9fee2a9f0e3b4711ec43352b49"
Vary
Accept-Encoding
Content-Type
application/javascript
CDN-Origin-Protocol
HTTP
Date
Fri, 05 Mar 2021 13:57:10 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
36129
x-amz-id-2
wK2S7kJDO4q+avXwm3ChRbBWMXmDJ6lIlkJ4LR+4olAIQeohvTpc6epUKpT4THH/01j7oY2axcY=
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9670 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 05 Mar 2021 13:53:52 GMT
expires
Sat, 05 Mar 2022 13:53:52 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
198
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 4B63 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
169726
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame BCF4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
169726
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame 9E4D 		42 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.107.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-107-43.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb

Request headers

Host
cdn1.avantisvideo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

x-amz-id-2
Iooa4w3PM3UBsxN2hz6MkG1HhLD4SIcDDSBumQho1ZI+rxld+gBT+3PBoxU4RyF+f6ERe2RubZ8=
x-amz-request-id
9R0G9G5X3YFV8Z9J
Last-Modified
Wed, 21 Oct 2020 12:02:12 GMT
ETag
"616cd2f36203ae3b124d70c803c7c7a7"
x-amz-version-id
aQTt0EDrJInn5h7oZRa4YKcA5m0mCAoF
Accept-Ranges
bytes
Content-Type
text/html
Server
AmazonS3
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 05 Mar 2021 13:57:10 GMT
Content-Length
15090
Connection
keep-alive
X-Forward-Proto
http
CDN-Origin-Protocol
HTTP
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 65E9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
169726
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CA15 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOwsSzvIWtA07G26bJdNPorGcdFulP0jhkRR5TS-lspA2zWzSp5ybj7AmcNGu2Kb84Z_R6pMEvX7sC3IHqI5UrP-d6C7HWjbWXpGLi4DIML-fI2O_DpipHeI_qAie1NqRYHQrvQ_2MQwYmOjgz9lyU&sai=AMfl-YTzfprdVtC6NDpLZmgTPPlVjY-7yJB-XOv_0HyQftdVMgM4AhrzO2igHfzwIcKs6LkIX5bra46eXxr8PHO-AMAQammvVwJSGqnh15ZZME-JgujC8INhkfsPSYk&sig=Cg0ArKJSzI91-kGvz6FhEAE&cid=CAASPeRoEHlygcjBGp2UuRYB2ZjWyYItBznv1uFMa3QZG6Hros-soGVFt0c0rscoc-Sc0kvifQQ-M077nWpQKKY&id=osdim&mcvt=1032&p=0,0,600,160&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3196990230&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614952627389&dlt=501&rpt=1738&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7ED2 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveDnJ0DHbyGt72Da8W8Q8v-NdR29llc-ECD1WRhVDtZIFjEasMODuCxaHCvRUV0cs4JL1t4FjBNkv-X-DNb1LSVxIaGYkTEavdhvNl9rw&sig=Cg0ArKJSzOcZVfINg9j8EAE&id=osdim&mcvt=1034&p=236,1114,836,1274&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20210303&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1542450727&rs=4&met=ie&la=0&cr=0&osd=0&vs=4&r=v&uup=0&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame 9E4D 		111 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.156.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-156-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c515386abca709d09f31b5fb24d25f420a4eeac9ca27cdf1061c55fb3bf1e2c3
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
111
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Fri, 05 Mar 2021 13:57:10 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
54.212.156.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-156-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 05 Mar 2021 13:57:10 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame 9670 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
169726
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021030201&jk=4452687281846236&bg=!UVKlUhHNAAWsVXnBrDsAKQB2-DxaWllMECJjCm07uvDyQEuHZnseW97iyCeHmsfBTt719sU6KidtAgAABBtSAAAAcmgBBwoAE3GZBqmFG7AYX7OWM8T8vXJfznuZAhoXPe5_kdiI0kAkwhxCvIxnOHOEIYahp3CTcwZyUUJKE2c7B-icfaCdrs_5wvnIvlvaTAoYeDXbM0NuzOQUWNY_pwxRcoKcMNMqug0YBPC3IQLUYSBm0RUsbfB0qFi85y9UZlzNIaUU35WWLLrCY92FvEQgq45wHy_wOqP-ml0UUYGuh1uY72LnFGcW2FqiGI0DaWK0hta4X0daiAYR-Sg7hIQ764zJahJJkPCXP_s7VOjjnqNH67fQyUNDZwWqBsKnrqjKhjbjvLzAGaCGocXHUb8mSjU9lri4KfUxX3xjwx7rX0knJVnIWnwIvY5n8vMPxc9dU5CfSPv_vxsuBaMFXgqQ3wP-vvkFTPYkuG6zmNWhhmiHhor3e4JmsL4wI5BBQlwpepf9GV0ks9K_VrPqI3WxXnFKOHqwoHBF0m1kOBm6YQnYJyN1J7R_QiD0pCQVuYZDsyuq-ocyr4mQhiGwSVqpZF4aBY09x4xOtTnSniCpGKFmvuuYR69JYTxC_jouU_WrfS_ACm5yshyscayO5MmbXDa3rPf6D1LweSVW2jJNXSQHCD7paNa5XmbDCMtkv1pX5NWndQ8IMw1caNTE9BVfnVUY3Uy3QtsUxOsBgbzwKiSEOzqKd0HTeOogj7br43E07FBPRCTCgQZKo-SlM0a6KFfVkPMCvp_Eo7zUjYz1APRUUNkEMLWskE1Hyinpqqh2x1WdsGGG
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
desktop
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop
Protocol
H2
Server
54.212.156.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-156-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.123greetings.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 05 Mar 2021 13:57:11 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
/
events.avantisvideo.com/ 		2 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:11 GMT
content-length
2
content-type
text/plain
desktop
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.212.156.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-156-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b7ed87eb3e2363cb3f400e1c0632629b585889681393b452766dce53d5f23f2b
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
vary
Origin
content-length
1947
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Fri, 05 Mar 2021 13:57:11 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame B7AB 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=1683043660854593&bg=!cnGlcTLNAAWsVXnBrDsAKQB2-Dxa_DhbIT9CPc0SnMALK1t77Gh7BRifox1g6iS8K39IP32rgFyAAgAAAoxSAAAAQmgBBwoAT6McOa_yvxftuzWh2ST6FH58Der5G7LseejjMWtLiXqMllqABpexx0cD_SEF2ELDMvhToKhyFaONLCvJSpuCB9ofzEP4EkRwSyyucmTbUGyZAjEUsCpxhPubWE2y9m-8fABsSYWLnOpDPn6ttDj3o7oiLSpz33xjSKXXOSn3teEooVncoVbNKKOsXQKfI2u055ecRqzv0pDXR_Modku7k8U72vIrkRWt-Z0dFd8hndg4FBj-gBy8XLpzxUwveIYE6DzgWKS1LCaMmkSSOvT8N1ePjPg6dDRQlF2fE9yzhfmY1A8Teze_OmOtn1WNikSfJq8IpXMmoo-o19tFDERjb0R3ZHRkQ79HvPpTsvy30B4xSJEf9BQ2ZR2PHQbc8wOBJuTE-JmG_HoqJ2OlL8IfBmG5uQ41cwjgIFcAlc98lft6sCbehVbdFb6sYXUO-SgK324Ky_j5ugKuCoTwQ_MSm2mpUazIZgscV_qassVGx0a4X_uTW03_VGNj1VXzSYOZcLB9fOSz5eSL_I-lFpSC_mbY8wvjd3ECSGSjg87R0ale7EtSz1mqjYbuBYL6jPBojLezsbcBhEtf0CP11FicXmpqB0iSTL2l2mnlD3ehuYLo67AmPpdFuVVLCTdvtmOyT72m0uYIV5XpYjBRMclKlmLMfaDU-SbEZF2bv5z6vm8iX8Ajp9flce1DYHv5eQpJZ1lQqTf5ndxF5G3bC6SfXbUAUAcu1-YISmib6LiMQz7g-COYIsdgPmyi8CAa3a5_HgLigIC-r_W9UqK4SaDUE-uqshs1taqo8Xh4WNJcXtZm3DfMU48JOhwU3m7KcsqNjP4KAZPSwa6FFk9FCbgZnV__Q4w
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E303 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=4239654129517219&bg=!NTalNnXNAAWsVXnBrDsAKQB2-Dxa_rC2CAF2WVQ0xNDd6HdmUKh25wByrZ380cS9pJghrAEU2DXHAgAAArNSAAAAT2gBBwoAHmVmdcm1qtpMHrJ4h7V1BLQljzpRmn0U0kXgJ7lRsZkCMkkom4lHuxYhvwZpyT2pgACyU_cPkhHBWB1p-lGY7sMX2k0EA9Y9feabQXgadYS282I65RYGRMIW04UBYZT8w0v7eY9sjoL8lTrAI0hntTTby-5hbxAWkCzOJliuiBpz5Z71mhN1iwQJIC_CS5NuWCZGElhfmQFHcg9jgRYgtIaLDJfmRyT5hRM494MHGjGQYKsUe3upWIeAgceSuAt_9VGbu2zI1o97FKywOtPdRysOL3o0ze8gkxS-7eEO_p1DEMfeP-pLReI30dlnwn-51hT_dYgI62oHC7cTzWoOitcuv8IX7MLaBNCm6TExUzz2DKGyqX1vPSWJLLQRQeJ2e5wWPBtDe96QZIBBLyXzubiZ0XGO70nN8Fw860zT4Xt8osbB52fizfuy01JeoumPLBsbZuCbYcwGfGTC7qK5s1P9YJQlnGQF9jPdUaSlPfawmQcjrwsu1dEXyUkHjxDcNr1j-Tvwd-8j4oaoPS2Ql6Ee51mCCbR-iyDoxMjYhLAnzsLt_tATzIKFoFcvGtmV37prrtrUbm-FXEte_NLzE5Xmb7S41jWWxHSonSLQ34-kjhaiIFyGmzvx-OlMPWPY5F0sorhVMuVyQ1-4m0m84gyCDwzDm9QG3DjNfPatUBMSHpHU5Tr_loddhDRdrD5FGAOWdsZlUPhJrId0xsusNxfantFjMKMh4eqF_9mf0x866wRVYo11FGS3OuH_KPCsb5nZwjHwD7oPNlgdlpx4X5oW9KY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ED2 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=3070570513181349&bg=!ICOlI2DNAAWsVXnBrDsAKQB2-DxaLG4XhvVVu2S7jr2CXjcGOjXyuwRAJu0avEFu3iMtFZVBW2XxAgAAAnZSAAAAXGgBBwoARxU0rfn2vaguJuWDGrmHjzebOfya5N9WvyYawI9YuSr6E8M5Ee01TnD5TBoqnvlulE-9aWlvA9iwTSAROhY0LOvTUXhzq5QqmQI9k7zORkT71HP4yiYag5fYEkWKTizdjCflKNhKIVyNl8GwJu4SwOHQIcS62PyxX0PI8v08LNAxnoaRxK9uQJLoHdrJiU88g3qxCvziERdd7q-DIJslLpPWBeVB5G5G6j9U7VNTZuKZTGeQcgsc7DqPUfRhWyuNsUSj5rF9QRiTwR6Y92Ld-idOkvGxoU2KX-B2MUuBWG3YZAwQQN2h2nmitYVQZxsi20tmAPJAQAlirybGyiQbSDBzeit9HsFu7k5NXeSl9jRlJCFiY7-DwdQ-MrVthqZ3Nf5i8rOwuYT_H_46TETkvoQxy-FMKXnkjTjWVoIPGzCwj44DD0AR9TOPh00t2aJ3l4iEBD2nLc2KNInrhz80Fd4ZMdzhG5MYyc2hBi5iTpl-mR8Y6NxU_T-d2TV7s9wn6NT9YblH4lJDVigBV9UkKS6-wk4imoTXh3m6E5nQkN3xJjyO6y-SKlc-YaTDufZCKFhugcV6t8BreT7VIJ2x5K5KkqssA4XpfRpEecarc9ByXc4x6xo40A4k-Q8QetRU9ul5t6D2kkqAFbgAh8BPTP8VEgGPpu_dUigDZZm8_uv_-v13SFtA9KTcDNh2dCX7fbhmePnUnnZAPhquTAnt7T1uYETNL3IvgPBiL0qR6lV5ZNAoqOmrSZsSoMB3RJcF7aqXkPvmhuCITdqW1eHSUqDVPeAL3KM-Id31FlicDHpb6p5ZR3Cnkx1hJS3RoIiukuU4IxRWImfBFrVDcSOSWSTaj1X7hsa0
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:59a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:11 GMT
x-guploader-uploadid
AAANsUnyY4Ob7W6ECVLGnDNw9FKfVQuutK-Z0xt4ngLi7aWmhJOGTd-_bOSDycSt3GZu4Pgxi2DOjCfhIEq2YQJRXtJhgFiRmQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
2
last-modified
Thu, 14 May 2020 13:22:36 GMT
server
UploadServer
etag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=1800
x-goog-stored-content-length
2
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 05 Mar 2021 14:27:11 GMT
328217_th.jpg
i.123g.us/c/eaug_dreamday/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/328217_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b4544d214dcb52b999fd8aac26380a9a8bd1d363707ebf0faba5f00c23452bc9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 12:49:06 GMT
Last-Modified
Wed, 08 Mar 2017 06:20:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
781685
ETag
"1515-54a3220e12700"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5397
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 13:08:17 GMT
328054_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328054_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
da8424d67b738df701764a2af42e099d42f4000c7836bcbcd1f95f90a1754d13

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 15:39:02 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
2067489
ETag
"162a-5494648c59540"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5674
jake_test
Test_Pass
Expires
Tue, 09 Feb 2021 15:54:02 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 08:14:31 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2094160
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 11:24:32 GMT
107382_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/107382_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e264b483476d2f3077d91eaa27d016f350e940b675442a531b69bf8237f7de52

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 09:15:36 GMT
Last-Modified
Tue, 07 Mar 2017 10:29:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
1744895
ETag
"1be2-54a217cfec1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7138
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 07:14:56 GMT
328055_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328055_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f46be63e19d04817dee1c03f7961f270dcda6b0ebba3a28ce946351aa06ca5a6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 02:52:27 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1508684
ETag
"1f54-5494648e419c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8020
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 22:38:41 GMT
333333_th.jpg
i.123g.us/c/emar_womensday_thanku/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_thanku/th/333333_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8df414f2f268a79b25df82608e4e2abbde269074c6ff336ab873ccca4bcf1038

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 06:27:59 GMT
Last-Modified
Mon, 05 Mar 2018 10:55:37 GMT
Server
Footprint Distributor V6.1.1162
Age
199752
ETag
"1594-566a82a7e1c40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5524
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 12:23:17 GMT
118216_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118216_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
21ddf440ef96c40871bd11a61be53b96279cefcacf93b6f600df100b115bf95b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 12:59:30 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1126661
ETag
"1fe4-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8164
jake_test
Test_Pass
Expires
Sat, 20 Feb 2021 14:16:35 GMT
114295_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/114295_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
57aab38315432942225c98700c66a07fb6cb8946389c9be0ecd7c587a0afeb3d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 09:40:14 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2002617
ETag
"1f5a-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8026
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 13:10:50 GMT
113493_th.gif
i.123g.us/c/eapr_daylight/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/113493_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67a5e375fd2f38c2f87173f6df32a16b162c15e3c89cae78f5a19cfd5bccfaea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:05:34 GMT
Last-Modified
Mon, 24 Feb 2014 09:34:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
579097
ETag
"14d8-4f323af29cdc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5336
jake_test
Test_Pass
Expires
Fri, 26 Feb 2021 21:20:34 GMT
337982_th.gif
i.123g.us/c/eapr_daylight/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/337982_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cb311fbd77fe50849bcfe8cfb36faaaf660aa170a3aba8251275658a05209999

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:44:57 GMT
Last-Modified
Fri, 08 Mar 2019 06:34:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1739534
ETag
"1da6-5838f688a2840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7590
jake_test
Test_Pass
Expires
Thu, 04 Mar 2021 08:08:27 GMT
301739_th.gif
i.123g.us/c/emar_holi_happy/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_holi_happy/th/301739_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
33c1d47d641aead142009698235f311bdc2eacb0603adb1595df1cab9415e96c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 10:43:43 GMT
Last-Modified
Mon, 24 Feb 2014 09:42:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1134808
ETag
"1ccc-4f323c8da5780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7372
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 15:46:49 GMT
110508_th.gif
i.123g.us/c/eaug_dreamday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/110508_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
498479fb35ad705beb2a644010f1b5650f82221bc615f14160f72eae71f8ea1b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 09:59:34 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
791857
ETag
"1ade-4f322afe06900"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6878
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 10:14:35 GMT
118019_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/118019_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3687bda94db462359c1cabe3d16f8eecf1c4c060088c3de8d9de2bc5ae30e397

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 14:09:15 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
949676
ETag
"1fb5-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8117
Expires
Tue, 23 Feb 2021 18:28:44 GMT
118266_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118266_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0a94bf6137c58f34fad3fd46b2b0614fedf63a26d4b797e99873224d4a449164

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:19:04 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1719487
ETag
"1fd9-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8153
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 10:13:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 511F 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210303&jk=1285668534040318&bg=!p6SlpOfNAAWsVXnBrDsAKQB2-DxawnmOrnBOwPgEMaKObkQGvXP0gEpWxFSwkj9-dN2hdmHVFJB8AgAAAkxSAAAADGgBBwoAVenj23XBkXMrOIIV27HzcPPd6JkvZ62j4x3HAd5AAK-gY0fPp7lrg2jhM0tGmz-W15WJg_ch-eNdx5owVWMaignP9Pa06JD6XWDNM4i4q6mYWq0ZhDSZAj97O9O7ZMxqmXBadlcqxVBcNY9zbJTtgOOBBr_9alzqi9TrAfsrIiN1CdD-KfHjouPArOOCZBdgOyz8H0kjsrBcftbj53SAJiKcXdXUIVCOTPn6cFyL_2TMwYEPGVoTx39kyFIfwi30WoNtx5T70q2N69HFzmSdJrzFtGnTc0qa6-rNOTUU6cPaHaIYMIpbPeVD3DM8e6Fqbz-sMcrbiqc-fSpEeCtDdcr85I9POq662BV7nCmHQLij1rBmoxIVUVcUTStnOQPkWyDo8C7AIXngkwQj0Ky0asw_WxDXxSCMKyEXjo7rWF-ERGoElFGmJMBadOgDIrsAlx_tmLAm-Xl4GRGS9fSNfIrYhtM03kNkIptSzwhKnP3VmgDY8WsJg3Mk41jWJFadlkrSjZcWh1d1yfgOijbyAMW2WfJBzys7Nx_hTlZ3nxi-ZhujADKleoYkPcWSLlJtGjnfAB0tyy_jbl974xJGqVBMaLiVGsJkZaOtgg2MW1vGMiPpTehzW85OwwhuEwYfdF8a_MoDTKszfcQzymdzKiRnRUMfbt58QUbvy-adTzW1aSeKwkWJeQcV-IEComcF2AD5lQEjR5K4AMZvK1u507Ljnp0t0_Pnz-qQlIm-yoZVN-w1j5I6X1lSUjpn3wnBocTN1t7dGhVIPwbBX3cyLQ155Q8SqhsLM6lVP-e4avDNLWBPJMlUIRQfXHauUPMt8XDn6vyIyMLTfbYMEb3dB17s5zs2ItYp9puENnRySdGaJBfhQIOukQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aniview.js
player.aniview.com/script/6.1/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:59a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4b6f2e21fdd573246166e25e88c0693f269ad5eb974fb517d6dee5f765bd65d2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:11 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzMZGl6HzLxL4DzdDBB3kEjgOceS2HPrqXI6S5iAmBU1ZP6FyCxmzQr8TiaI-811P5NFkvA6LKdiTJAGj9UjTfUPSxLeQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9025
last-modified
Wed, 03 Feb 2021 11:37:22 GMT
server
UploadServer
etag
"b07b626603dc9e6121e6bea0651d4d48"
vary
Accept-Encoding
x-goog-hash
crc32c=BpGuWw==, md5=sHtiZgPcnmEh5r6gZR1NSA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1612352242886279
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9025
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 05 Mar 2021 14:02:11 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 2B6E 		331 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:59a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:11 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UzUaSPhANsryb_rbI1PkUu-Ius70zssgT8xaYez98wiXn3nIRQKiGmhH6n-KkTskj32WeAn2eKbsG_MRp0NiDs
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
95778
last-modified
Wed, 24 Feb 2021 08:53:38 GMT
server
UploadServer
etag
"06ac451dcb93e2560f9563c8286b920c"
vary
Accept-Encoding
x-goog-hash
crc32c=8jEwgw==, md5=BqxFHcuT4lYPlWPIKGuSDA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156818658566
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
95778
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 05 Mar 2021 14:02:11 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5e5bd1f528a0610dd725f7d8&e=inventory&vi=100&cb=1614952631926
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=631925&AV_WIDTH=400&AV_HEIGHT=225&cb=1614952631965
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
c24e425fe705a25739dfe5325bab60ddcb16c3c7bf2f1dc4c4ebef8c1a07d89a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:12 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 22 Feb 2021 00:10:32 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:12 GMT
content-length
2
content-type
text/plain
cookiesyncendpoint
sync.aniview.com/ Frame 6DD4
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1614952632026-930171782941-021298-001-000227%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1614952632026-930171782941-021298-001-000227%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1614952632026-930171782941-021298-001-000227&biddername=55&key=6504048128537441484
0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1614952632026-930171782941-021298-001-000227&biddername=55&key=6504048128537441484
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.70.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-70-106.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1614952632026-930171782941-021298-001-000227&biddername=55&key=6504048128537441484
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

date
Fri, 05 Mar 2021 13:57:12 GMT
content-length
0
set-cookie
aniC=1614952632026-930171782941-021298-001-000227; Path=/; Domain=aniview.com; Expires=Fri, 12 Mar 2021 13:57:12 GMT; Secure; SameSite=None 2_C_55=6504048128537441484; Path=/; Domain=aniview.com; Expires=Fri, 12 Mar 2021 13:57:12 GMT; Secure; SameSite=None 2_C_55=6504048128537441484; Path=/; Expires=Fri, 12 Mar 2021 13:57:12 GMT; Secure; SameSite=None

Redirect headers

Server
nginx/1.17.9
Date
Fri, 05 Mar 2021 13:57:12 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1614952632026-930171782941-021298-001-000227&biddername=55&key=6504048128537441484
AN-X-Request-Uuid
d34842cb-2395-4d13-9514-0741696a1199
Set-Cookie
uuid2=6504048128537441484; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 03-Jun-2021 13:57:12 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.17:80
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&us_privacy=1---&cbb=4952632346&imp_id=e33caafb-e216-4626-bcd7-a9e7fdd7c42a
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 13:57:12 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.86:80
AN-X-Request-Uuid
d7505506-670c-467e-aea5-9fdc8a33cef6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 2B6E 		261 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:1700:59a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:12 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Uxo_USxqPpxAQGelmQbWsoWIAWQ3iErcidk15nSImRqSOBCcAfFRsLSCvfLsiiVeQN6Ejal2E644HKroopGP9TLrnzSlA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
84286
last-modified
Wed, 24 Feb 2021 08:53:00 GMT
server
UploadServer
etag
"4b0d193eafdda7f38974bf68ea2e62a6"
vary
Accept-Encoding
x-goog-hash
crc32c=LGMRCg==, md5=Sw0ZPq/dp/OJdL9o6i5ipg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1614156780497939
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
84286
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 05 Mar 2021 14:02:12 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:12 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1614952632351&asid=6012e07d2dbaf03bbd1c0d08%2C5e9030afdc817965520eb855%2C5f3500a41c87da63396619f7&ofpr=%2C%2C0.22&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 05 Mar 2021 13:57:12 GMT
X-SpotX-Timing-Transform
0.000925
X-SpotX-Timing-SpotMarket
0.006141
X-SpotX-Timing-Page-Mux
0.001382
X-SpotX-Timing-Page-Require
0.000288
X-fe
073
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000030
X-SpotX-Timing-Page
0.011717
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000344
Last-Modified
Fri, 05 Mar 2021 13:57:12 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006141
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.002594
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1614952632612&asid=6012e07d2dbaf03bbd1c0d08&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:12 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 6D3E 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:12 GMT
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame 7456 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
242446
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 6D3E 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:12 GMT
integrator.js
adservice.google.com/adsid/ Frame 6D3E 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F15F 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:27:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1789
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 05 Mar 2021 14:27:23 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 7456 		72 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FOutstream_123greetings_Desktop_Slider_T2_Avantis_Google&description_url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1656163263914482&nofb=0&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3292969052&sdk_apis=2%2C8&sid=1999C0A7-A454-4637-B84D-246B9146430B&eid=21061817%2C44729227&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&dt=1614952633267&cookie_enabled=1&scor=2856871543087299&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
0396694e05d98303c8cd2b5053e2b0c47f44a7d89237261731a3db680ceae64a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16316
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 7456 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~klwd3muo&c=1829511443606&slotId=914755721803&qqid=CJaKp7Cnme8CFUKBhQodpewPdw&gqid=uThCYNeQEoeG9fgPs8ilqAM&fb=ima-html5&sdkv=h.3.445.1&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=21061817%2C44729227&met.4=ghmsh_s.klwd3n6i~ghmsh_s.klwd3n6j&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=ZvBZ6RjEf52qyKEy
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 7456 		42 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CwCwnuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSb0r-QsEJHBk_9b5uBAftzdtBPEKJ05GGk8wATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSxCXB_H5nsG9kZgAoDmAsByAsB0AsPuAwBsBO97_MK2BMC2BQBqBYB&sigh=Pqa1Lr5Ubvw&label=show_ad&acvw=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:13 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 7456 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CO1YluThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtwJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw5QvZGTb2DV-7DJsy60qzJF8tJqKr16HwyWdpXdJ9X2BxUnne3b2EeqOtMNPGWLC2l2SeD-40sbNrIFxPzR592kM5bqFHWFVMJCtS50y9Ygjb6RTFKvSgBHDVS39eHlHUouBmJLoNbtT7BM6wxGw_6r0zD6BxIHMS74azu5Rmj3MK-L-LW9vjuPnFgYUbxxAfyhDcpjgLqkSUGYGHTRcpbkYOw0nYU05cB7XuZNHa72L1r1wThDAy8ySmRg8dG9e4SslRb8xrsX-SsvwIcWxTsAE2One0LsD4AQBoAZUgAfDpMGdAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUb2AcB8gcFEOCmkgGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgPICwGwE73v8wrCEwYYpdu-4gLYEwLYFAGoFgGyFxoKGAgAEhRwdWItMjAyNDY5MDgxMDM4MTY1NA&sigh=V1Ke_GpaMOk&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&vt=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 6D3E 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~klwd3mj9&c=1829511443606&slotId=914755721803&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:13 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r4---sn-4g5e6nzz.googlevideo.com/
Redirect Chain
  • https://r4---sn-uqj-j2ik.googlevideo.com/videoplayback?expire=1614981433&ei=uThCYLjSH7LK0wXC2JOYAQ&ip=82.102.20.235&id=a56aeadc0b500f54&itag=22&source=youtube&requiressl=yes&mh=fn&mm=31&mn=sn-uqj-j...
  • https://r4---sn-5goeen7k.googlevideo.com/videoplayback?expire=1614981433&ei=uThCYLjSH7LK0wXC2JOYAQ&ip=82.102.20.235&id=a56aeadc0b500f54&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...
  • https://r4---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1614981433&ei=uThCYLjSH7LK0wXC2JOYAQ&ip=82.102.20.235&id=a56aeadc0b500f54&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier...
3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1614981433&ei=uThCYLjSH7LK0wXC2JOYAQ&ip=82.102.20.235&id=a56aeadc0b500f54&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1613492252421843&txp=6316222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgWk3hsJDlT1A0H5xTowZp61NK4WEIYYHIkVPBuTeIwsoCIAu-_MqNoMcwgvuVdobFRGFgutmHOEn9Lmy-sX0LJNoB&cpn=ZvBZ6RjEf52qyKEy&rm=sn-uqj-j2ik7z,sn-5golz7z&req_id=a31507d6f03b36e2&redirect_counter=2&cms_redirect=yes&ipbypass=yes&mh=fn&mip=2a01:4f8:192:5414::2&mm=29&mn=sn-4g5e6nzz&ms=rdu&mt=1614952150&mv=m&mvi=4&pl=41&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAI6ZDt5_2m8ViJdE7nFwcyEa9OzTyIMTN2qzvxm5x2LfAiEAk0TYsjB9xiyjVcWxDu2S-MkAg2Hwe6jS1u_pQ-yblno%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:1::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
8e67a4155de898528ba6ece7f2fab40999f40198d0ab2f4100590b65dbc7cc3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:57:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 16 Feb 2021 16:17:32 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-3419792/3419793
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3419793
Expires
Fri, 05 Mar 2021 13:57:14 GMT

Redirect headers

Date
Fri, 05 Mar 2021 13:57:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://r4---sn-4g5e6nzz.googlevideo.com/videoplayback?expire=1614981433&ei=uThCYLjSH7LK0wXC2JOYAQ&ip=82.102.20.235&id=a56aeadc0b500f54&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.116&lmt=1613492252421843&txp=6316222&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgWk3hsJDlT1A0H5xTowZp61NK4WEIYYHIkVPBuTeIwsoCIAu-_MqNoMcwgvuVdobFRGFgutmHOEn9Lmy-sX0LJNoB&cpn=ZvBZ6RjEf52qyKEy&rm=sn-uqj-j2ik7z,sn-5golz7z&req_id=a31507d6f03b36e2&redirect_counter=2&cms_redirect=yes&ipbypass=yes&mh=fn&mip=2a01:4f8:192:5414::2&mm=29&mn=sn-4g5e6nzz&ms=rdu&mt=1614952150&mv=m&mvi=4&pl=41&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAI6ZDt5_2m8ViJdE7nFwcyEa9OzTyIMTN2qzvxm5x2LfAiEAk0TYsjB9xiyjVcWxDu2S-MkAg2Hwe6jS1u_pQ-yblno%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Fri, 05 Mar 2021 13:57:14 GMT
csi
csi.gstatic.com/ Frame 7456 		0
44 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~klwd3n94&c=1829511443606&slotId=914755721803&qqid=CJaKp7Cnme8CFUKBhQodpewPdw&gqid=uThCYNeQEoeG9fgPs8ilqAM&fb=ima-html5&sdkv=h.3.445.1&mrd=4&aab=1&itv=1&meta_vast=1&met.4=ghmsh_s.klwd3n96~vss_tr.pm
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4009:817::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
118266_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118266_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0a94bf6137c58f34fad3fd46b2b0614fedf63a26d4b797e99873224d4a449164

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:19:04 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1719490
ETag
"1fd9-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8153
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 10:13:51 GMT
328217_th.jpg
i.123g.us/c/eaug_dreamday/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/328217_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b4544d214dcb52b999fd8aac26380a9a8bd1d363707ebf0faba5f00c23452bc9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 12:49:06 GMT
Last-Modified
Wed, 08 Mar 2017 06:20:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
781688
ETag
"1515-54a3220e12700"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5397
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 13:08:17 GMT
328054_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328054_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
da8424d67b738df701764a2af42e099d42f4000c7836bcbcd1f95f90a1754d13

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 15:39:02 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
2067492
ETag
"162a-5494648c59540"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5674
jake_test
Test_Pass
Expires
Tue, 09 Feb 2021 15:54:02 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 08:14:31 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2094163
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 11:24:32 GMT
107382_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/107382_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e264b483476d2f3077d91eaa27d016f350e940b675442a531b69bf8237f7de52

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 09:15:36 GMT
Last-Modified
Tue, 07 Mar 2017 10:29:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
1744898
ETag
"1be2-54a217cfec1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7138
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 07:14:56 GMT
328055_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328055_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f46be63e19d04817dee1c03f7961f270dcda6b0ebba3a28ce946351aa06ca5a6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 02:52:27 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1508687
ETag
"1f54-5494648e419c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8020
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 22:38:41 GMT
333333_th.jpg
i.123g.us/c/emar_womensday_thanku/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_thanku/th/333333_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8df414f2f268a79b25df82608e4e2abbde269074c6ff336ab873ccca4bcf1038

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 06:27:59 GMT
Last-Modified
Mon, 05 Mar 2018 10:55:37 GMT
Server
Footprint Distributor V6.1.1162
Age
199755
ETag
"1594-566a82a7e1c40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5524
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 12:23:17 GMT
118216_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118216_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
21ddf440ef96c40871bd11a61be53b96279cefcacf93b6f600df100b115bf95b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 12:59:30 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1126664
ETag
"1fe4-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8164
jake_test
Test_Pass
Expires
Sat, 20 Feb 2021 14:16:35 GMT
114295_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/114295_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
57aab38315432942225c98700c66a07fb6cb8946389c9be0ecd7c587a0afeb3d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 09:40:14 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2002620
ETag
"1f5a-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8026
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 13:10:50 GMT
113493_th.gif
i.123g.us/c/eapr_daylight/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/113493_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67a5e375fd2f38c2f87173f6df32a16b162c15e3c89cae78f5a19cfd5bccfaea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:05:34 GMT
Last-Modified
Mon, 24 Feb 2014 09:34:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
579100
ETag
"14d8-4f323af29cdc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5336
jake_test
Test_Pass
Expires
Fri, 26 Feb 2021 21:20:34 GMT
337982_th.gif
i.123g.us/c/eapr_daylight/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/337982_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cb311fbd77fe50849bcfe8cfb36faaaf660aa170a3aba8251275658a05209999

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:44:57 GMT
Last-Modified
Fri, 08 Mar 2019 06:34:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1739537
ETag
"1da6-5838f688a2840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7590
jake_test
Test_Pass
Expires
Thu, 04 Mar 2021 08:08:27 GMT
301739_th.gif
i.123g.us/c/emar_holi_happy/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_holi_happy/th/301739_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
33c1d47d641aead142009698235f311bdc2eacb0603adb1595df1cab9415e96c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 10:43:43 GMT
Last-Modified
Mon, 24 Feb 2014 09:42:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1134811
ETag
"1ccc-4f323c8da5780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7372
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 15:46:49 GMT
110508_th.gif
i.123g.us/c/eaug_dreamday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/110508_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
498479fb35ad705beb2a644010f1b5650f82221bc615f14160f72eae71f8ea1b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 09:59:34 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
791860
ETag
"1ade-4f322afe06900"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6878
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 10:14:35 GMT
118019_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/118019_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3687bda94db462359c1cabe3d16f8eecf1c4c060088c3de8d9de2bc5ae30e397

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 14:09:15 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
949679
ETag
"1fb5-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8117
Expires
Tue, 23 Feb 2021 18:28:44 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 7456 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CwCwnuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSb0r-QsEJHBk_9b5uBAftzdtBPEKJ05GGk8wATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSxCXB_H5nsG9kZgAoDmAsByAsB0AsPuAwBsBO97_MK2BMC2BQBqBYB&sigh=Pqa1Lr5Ubvw&label=video_ad_loaded&acvw=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 7456 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Feb 2021 15:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513503
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Feb 2022 15:18:51 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame 7456 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CO1YluThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtwJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw5QvZGTb2DV-7DJsy60qzJF8tJqKr16HwyWdpXdJ9X2BxUnne3b2EeqOtMNPGWLC2l2SeD-40sbNrIFxPzR592kM5bqFHWFVMJCtS50y9Ygjb6RTFKvSgBHDVS39eHlHUouBmJLoNbtT7BM6wxGw_6r0zD6BxIHMS74azu5Rmj3MK-L-LW9vjuPnFgYUbxxAfyhDcpjgLqkSUGYGHTRcpbkYOw0nYU05cB7XuZNHa72L1r1wThDAy8ySmRg8dG9e4SslRb8xrsX-SsvwIcWxTsAE2One0LsD4AQBoAZUgAfDpMGdAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAec3BuoB-6WsQKoB6a-G6gH7NUb2AcB8gcFEOCmkgGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgPICwGwE73v8wrCEwYYpdu-4gLYEwLYFAGoFgGyFxoKGAgAEhRwdWItMjAyNDY5MDgxMDM4MTY1NA&sigh=V1Ke_GpaMOk&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&tpd=AGWhJmsMc8p6xR0Sa4TmncEvnve2GSO7Urn6TlbSsCtYQV2akQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
B25441652.297209738;dc_trk_aid=490517008;dc_trk_cid=147020763;dc_dbm_token=AD1EzRQAAAA5CjIKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhIInYGyui6oApGtjwKwAqH85whAOxD00O8BUwaK6E9hUmAtmcgL5fx5uQ==;ord=30155...
ad.doubleclick.net/ddm/trackimp/N1033118.279382INVITEMEDIAINC.D3/ Frame 7456 		42 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1033118.279382INVITEMEDIAINC.D3/B25441652.297209738;dc_trk_aid=490517008;dc_trk_cid=147020763;dc_dbm_token=AD1EzRQAAAA5CjIKDAgAFQAAAAAdAAAAABIMCAAVAAAAAB0AAAAAIhIInYGyui6oApGtjwKwAqH85whAOxD00O8BUwaK6E9hUmAtmcgL5fx5uQ==;ord=3015572256;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=;dc_exteid=17411236002950945799;dc_av=536;dc_sk=1;dc_ctype=84;dc_pubid=3;dc_btype=23?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 7456 		42 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C5ofXuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEswJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSasrmbRgxuzATbyc9306_wrOh05jsEhwATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgPICwGwE73v8wrYEwLYFAGoFgE&sigh=tujPJXVbhRU&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26is%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,3%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614952634509%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1614952633893
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7456 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNiQKbSQPkpz7bDxOBe3y9e-TtDdqvhvzRdCwxGCmokGcIt7fU5opPZPvcNwObVZwcXLQbNIOJ7Z0_RrN_gVCFjGs8jx1oGEu7k0OC5BwjW3bwMnAOdIwlx4-USw&sai=AMfl-YRr7TtIBAS2jcXSh9HziUv0n7snssMYAOPv3hNJTwl7xgNFs7JNhD9osr_ExgXScAwaVIV6RkPxFiXtLekimAQ3T5fjX4z3pWKzO09bi-9Bnc7krqeW6f25LaFzHo0&sig=Cg0ArKJSzMSb8_ucqUFtEAE&cid=CAASPeRojK4aPsQN_3I7Q4iANSSX94KPvmjiQZDQFkQIXTdRe_XO72ySbBKISxISbG1792sDViXpt0LzGaYlnac&id=lidarv&acvw=sv%3D889%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,3%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614952634513%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1614952633893&avm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame 7456 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&avm=1&dc_pubid=3&dc_exteid=17411236002950945799&acvw=sv%3D889%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,3%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614952634513%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1614952633893?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D889%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7456 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=200101;acvw=sv%3D889%26cb%3Dj%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26ic%3D274%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,3%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614952634513%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1614952633893?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 7456 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C5ofXuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEswJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSasrmbRgxuzATbyc9306_wrOh05jsEhwATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgPICwGwE73v8wrYEwLYFAGoFgE&sigh=tujPJXVbhRU&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,3%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614952634518%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1614952633893
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D889%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7456 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=11;acvw=sv%3D889%26cb%3Dj%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D274%26i0%3D274%26ic%3D0%26cs%3D274%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,3%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614952634518%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1614952633893?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 7456 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C5ofXuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEswJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSasrmbRgxuzATbyc9306_wrOh05jsEhwATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgPICwGwE73v8wrYEwLYFAGoFgE&sigh=tujPJXVbhRU&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&label=admute&ad_mt=0&acvw=sv%3D889%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,28%26mtos%3D0,0,0,0,28%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D28%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D28%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D28%26is%3D274%26i0%3D274%26ic%3D4096%26cs%3D4370%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,3%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614952634525%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,28&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1614952633893
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D889%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,28%26mtos%3D0,0,0,0,28%26amtos%3D...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7456 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=16;acvw=sv%3D889%26cb%3Dj%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D1199,1200,1424,1600%26tos%3D0,0,0,0,28%26mtos%3D0,0,0,0,28%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D28%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D28%26pst%3D-1%26dur%3D15069%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D28%26is%3D274%26i0%3D274%26ic%3D4096%26cs%3D4370%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,3%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1614952634525%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,28;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1614952633893?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:14 GMT
content-length
2
content-type
text/plain
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:14 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=8ddd4bb57a182a7ff995830c7f96763d36148a23&d9=1000&ad=16&vi=0&ofpr=2&imid=781a875c49bc1db5cb371b82e999265b_1723156241_5590208&e=impression&cb=1614952632339&ad=16&vi=0&d1=vpaid&fv=3&cb=1614952632353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=8ddd4bb57a182a7ff995830c7f96763d36148a23&d9=1000&ad=[AV_ADDURATION]&vi=[AV_VIEWABILITY]&ofpr=2&imid=781a875c49bc1db5cb371b82e999265b_1723156241_5590208&e=start&d1=vpaid&fv=3&cb=1614952632353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
av.png
static.avantisvideo.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.avantisvideo.com/images/av.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/03304221117548838576
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 05 Mar 2021 13:57:14 GMT
Last-Modified
Mon, 25 Jan 2021 10:20:27 GMT
Server
AmazonS3
x-amz-request-id
V58NBT9W3D8WR5VM
ETag
"b8ce0fbf2e3e2f4f74cffe16c3b65adf"
Content-Type
image/png
Access-Control-Allow-Origin
*
CDN-Origin-Protocol
HTTP
Connection
keep-alive
Accept-Ranges
bytes
X-Forward-Proto
http
Content-Length
1986
x-amz-id-2
TtRC2RP44U+Gl2/qUyhRoENlxJs5wMYUtnROBADENKrjwAaWbDdFz1yMMk99cevOgLO4bJhlbxY=
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame E759 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/hhrtBw21.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://imasdk.googleapis.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imasdk.googleapis.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8727
date
Sun, 28 Feb 2021 14:59:48 GMT
expires
Mon, 28 Feb 2022 14:59:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
428246
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
pagead2.googlesyndication.com/bg/ Frame E759 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 14:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 10:45:00 GMT
server
sffe
age
169730
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5643
x-xss-protection
0
expires
Thu, 03 Mar 2022 14:48:24 GMT
playback
s.youtube.com/api/stats/ Frame 7135 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=21061817%2C44729227&el=adunit&cpn=ZvBZ6RjEf52qyKEy&docid=pWrq3AtQD1Q&ver=2&cmt=0.211&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.070&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13&rtn=10
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::8b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame E759 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.445.1&bgai=B6oPJuThCYNbJE8KClgSl2b-4BwAAAAA4AboFEwiX0aWwp5nvAhUHQx0JHTNkCTU&bg=!EBOlE1DNAAWsVXnBrDsAKQB2-Dxa_DufUlaJgFrNkdKKYG6QKucEg8dDy-x3e-NcHg88xbjvvw7NAgAAAjVSAAAARmgBBwoAgds_4sJ9LuFH4iDFZUqwlXq5sZCIsGaw1izX0rTdY98jhFxgl1hKx1FB5iXY1HNvOFB2ZWxa-Nvlovda2UVwzKmAnKPvbropGitLTkkZZDCrtMWDA4F-zqaOGPaEOu_qu9yiTBPWuEJm-5yceiLa7OKMo-epBrFbDWi5XpZxZMKJeZkCQ7QmEAiKetTjd9rwvG6_uHeRIZer4wBmy5_R6ocE4LoXSseE476gGypRi9YtRcrh9WKIxIh1zYrAraY7GleorB59erJil5EzPJazoyLwdgl75nWTicorXcoJVv1B5fee0kkW395oSfiwBZ4yyI8Y9ZZi-Cxy8Ew4MGa2NeXbKY4Nt-M8N9Mp7vRUP2v_-cvLQvXam-FR5iLjUavjtEK1j8ZKgLCbhYo4ePhqmibXP1SEM7-j0n1-siK10ZbWjNC4IyZTqxKICjT3PhPTC-13I_647P7waHbDCB2VXcyc75TutktjNAXPH9CJHly-mpZslnKfEHDQE3pKVbvJ7n6Ucg3otIqfg00yiOrW19vvFuocNMjEEh3jkIRNHrVbdRwiz1Nn4JQfP3befcX9ekKFpDNrnqSI40x0BG54YUmpXKJZayBSPmSyEQlKpU2x_3UenwRgjsz4J3vkOPuWtO-rwjv5v0tj49_949r3Q19iZgEg0N9Bo2EqFlDkw2QH6_kCrpLrNBMCFmH63WFc8vNX0iIf0ntw19FhK6McWkxEZjCdybd5wB8EEubnOHMxRja1ODzvO_4GcQrcFy2f7wvM0DdHaLZbV0IW4xP-A9Mm5MQFE9-LqE7w-he6xR8i3uzf5xPO8w6-8hXMuDmkFKm87JzshCFImZTtCcm-X-9svJqW1AvlWP5a6Bzo25Z5JF-R9AJ6ovxUifp0GppnETzhPLzoTA80PQu-46_Y1_9koFBDU_iXgRxzMHHcLBrLgnHzCnWsfQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=8ddd4bb57a182a7ff995830c7f96763d36148a23&d9=1000&ad=16&vi=100&ofpr=2&imid=781a875c49bc1db5cb371b82e999265b_1723156241_5590208&e=adViImpression&vit=2&vi=100&d1=vpaid&fv=3&cb=1614952632353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7456 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNiQKbSQPkpz7bDxOBe3y9e-TtDdqvhvzRdCwxGCmokGcIt7fU5opPZPvcNwObVZwcXLQbNIOJ7Z0_RrN_gVCFjGs8jx1oGEu7k0OC5BwjW3bwMnAOdIwlx4-USw&sai=AMfl-YRr7TtIBAS2jcXSh9HziUv0n7snssMYAOPv3hNJTwl7xgNFs7JNhD9osr_ExgXScAwaVIV6RkPxFiXtLekimAQ3T5fjX4z3pWKzO09bi-9Bnc7krqeW6f25LaFzHo0&sig=Cg0ArKJSzMSb8_ucqUFtEAE&cid=CAASPeRojK4aPsQN_3I7Q4iANSSX94KPvmjiQZDQFkQIXTdRe_XO72ySbBKISxISbG1792sDViXpt0LzGaYlnac&id=lidarv&acvw=sv%3D889%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1424,407,217,0,739%26mtos%3D1424,1831,2048,2048,2787%26amtos%3D0,0,0,0,0%26mcvt%3D2048%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2787%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D496%26pst%3D476%26dur%3D15069%26vmtime%3D2669%26dtos%3D2048%26dtoss%3D1%26dvs%3D2048%26dfvs%3D1424%26dvpt%3D2759%26is%3D275%26i0%3D274%26ic%3D1%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D16%26emuc%3D0%26emb%3D8,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D1614952637284%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2787&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview_ext
pagead2.googlesyndication.com/ Frame 7456 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/activeview_ext?id=lidarv&dc_pubid=3&dc_exteid=17411236002950945799&acvw=sv%3D889%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1424,407,217,0,739%26mtos%3D1424,1831,2048,2048,2787%26amtos%3D0,0,0,0,0%26mcvt%3D2048%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2787%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D496%26pst%3D476%26dur%3D15069%26vmtime%3D2669%26dtos%3D2048%26dtoss%3D1%26dvs%3D2048%26dfvs%3D1424%26dvpt%3D2759%26is%3D275%26i0%3D274%26ic%3D1%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D16%26emuc%3D0%26emb%3D8,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D1614952637284%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2787&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D889%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1424,407,217,0,739%26mtos%3D1424,1831,2...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7456 		42 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=200000;acvw=sv%3D889%26cb%3Dj%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D1424,407,217,0,739%26mtos%3D1424,1831,2048,2048,2787%26amtos%3D0,0,0,0,0%26mcvt%3D2048%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2787%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D496%26pst%3D476%26dur%3D15069%26vmtime%3D2669%26dtos%3D2048%26dtoss%3D1%26dvs%3D2048%26dfvs%3D1424%26dvpt%3D2759%26is%3D275%26i0%3D274%26ic%3D1%26cs%3D4371%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D16%26emuc%3D0%26emb%3D8,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483641%26psv%3D6%26psfv%3D6%26psa%3D0%26ptlt%3D1614952637284%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2787;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
118019_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/118019_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3687bda94db462359c1cabe3d16f8eecf1c4c060088c3de8d9de2bc5ae30e397

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 14:09:15 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
949682
ETag
"1fb5-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8117
Expires
Tue, 23 Feb 2021 18:28:44 GMT
118266_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118266_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0a94bf6137c58f34fad3fd46b2b0614fedf63a26d4b797e99873224d4a449164

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:19:04 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1719493
ETag
"1fd9-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8153
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 10:13:51 GMT
328217_th.jpg
i.123g.us/c/eaug_dreamday/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/328217_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b4544d214dcb52b999fd8aac26380a9a8bd1d363707ebf0faba5f00c23452bc9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 12:49:06 GMT
Last-Modified
Wed, 08 Mar 2017 06:20:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
781691
ETag
"1515-54a3220e12700"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5397
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 13:08:17 GMT
328054_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328054_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
da8424d67b738df701764a2af42e099d42f4000c7836bcbcd1f95f90a1754d13

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 15:39:02 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
2067495
ETag
"162a-5494648c59540"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5674
jake_test
Test_Pass
Expires
Tue, 09 Feb 2021 15:54:02 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 08:14:31 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2094166
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 11:24:32 GMT
107382_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/107382_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e264b483476d2f3077d91eaa27d016f350e940b675442a531b69bf8237f7de52

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 09:15:36 GMT
Last-Modified
Tue, 07 Mar 2017 10:29:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
1744901
ETag
"1be2-54a217cfec1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7138
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 07:14:56 GMT
328055_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328055_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f46be63e19d04817dee1c03f7961f270dcda6b0ebba3a28ce946351aa06ca5a6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 02:52:27 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1508690
ETag
"1f54-5494648e419c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8020
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 22:38:41 GMT
333333_th.jpg
i.123g.us/c/emar_womensday_thanku/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_thanku/th/333333_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8df414f2f268a79b25df82608e4e2abbde269074c6ff336ab873ccca4bcf1038

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 06:27:59 GMT
Last-Modified
Mon, 05 Mar 2018 10:55:37 GMT
Server
Footprint Distributor V6.1.1162
Age
199758
ETag
"1594-566a82a7e1c40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5524
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 12:23:17 GMT
118216_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118216_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
21ddf440ef96c40871bd11a61be53b96279cefcacf93b6f600df100b115bf95b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 12:59:30 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1126667
ETag
"1fe4-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8164
jake_test
Test_Pass
Expires
Sat, 20 Feb 2021 14:16:35 GMT
114295_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/114295_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
57aab38315432942225c98700c66a07fb6cb8946389c9be0ecd7c587a0afeb3d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 09:40:14 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2002623
ETag
"1f5a-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8026
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 13:10:50 GMT
113493_th.gif
i.123g.us/c/eapr_daylight/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/113493_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67a5e375fd2f38c2f87173f6df32a16b162c15e3c89cae78f5a19cfd5bccfaea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:05:34 GMT
Last-Modified
Mon, 24 Feb 2014 09:34:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
579103
ETag
"14d8-4f323af29cdc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5336
jake_test
Test_Pass
Expires
Fri, 26 Feb 2021 21:20:34 GMT
337982_th.gif
i.123g.us/c/eapr_daylight/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/337982_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cb311fbd77fe50849bcfe8cfb36faaaf660aa170a3aba8251275658a05209999

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:44:57 GMT
Last-Modified
Fri, 08 Mar 2019 06:34:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1739540
ETag
"1da6-5838f688a2840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7590
jake_test
Test_Pass
Expires
Thu, 04 Mar 2021 08:08:27 GMT
301739_th.gif
i.123g.us/c/emar_holi_happy/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_holi_happy/th/301739_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
33c1d47d641aead142009698235f311bdc2eacb0603adb1595df1cab9415e96c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 10:43:43 GMT
Last-Modified
Mon, 24 Feb 2014 09:42:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1134814
ETag
"1ccc-4f323c8da5780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7372
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 15:46:49 GMT
110508_th.gif
i.123g.us/c/eaug_dreamday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/110508_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
498479fb35ad705beb2a644010f1b5650f82221bc615f14160f72eae71f8ea1b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 09:59:34 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
791863
ETag
"1ade-4f322afe06900"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6878
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 10:14:35 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=8ddd4bb57a182a7ff995830c7f96763d36148a23&d9=1000&ad=16&vi=100&ofpr=2&imid=781a875c49bc1db5cb371b82e999265b_1723156241_5590208&e=sec3&vi=100&d1=vpaid&fv=3&cb=1614952632353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 7456 		42 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C5ofXuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEswJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSasrmbRgxuzATbyc9306_wrOh05jsEhwATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgPICwGwE73v8wrYEwLYFAGoFgE&sigh=tujPJXVbhRU&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&label=videoplaytime25&ad_mt=3920&acvw=sv%3D889%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2616,407,217,0,739%26mtos%3D2616,3023,3240,3240,3979%26amtos%3D0,0,0,0,0%26mcvt%3D3240%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3979%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D697%26pst%3D476%26dur%3D15069%26vmtime%3D3920%26dtos%3D1192%26dtoss%3D2%26dvs%3D1192%26dfvs%3D1192%26dvpt%3D1192%26is%3D275%26i0%3D274%26i1%3D275%26ic%3D16777216%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2616,3023,3240,3240,3979%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D14,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483633%26psv%3D14%26psfv%3D14%26psa%3D0%26ptlt%3D1614952638475%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3979&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:18 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D889%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2616,407,217,0,739%26mtos%3D2616,3023,3...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7456 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=960584;acvw=sv%3D889%26cb%3Dj%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D2616,407,217,0,739%26mtos%3D2616,3023,3240,3240,3979%26amtos%3D0,0,0,0,0%26mcvt%3D3240%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3979%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D697%26pst%3D476%26dur%3D15069%26vmtime%3D3920%26dtos%3D1192%26dtoss%3D2%26dvs%3D1192%26dfvs%3D1192%26dvpt%3D1192%26is%3D275%26i0%3D274%26i1%3D275%26ic%3D16777216%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2616,3023,3240,3240,3979%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D22%26emuc%3D0%26emb%3D14,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483633%26psv%3D14%26psfv%3D14%26psa%3D0%26ptlt%3D1614952638475%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,3979;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:18 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=8ddd4bb57a182a7ff995830c7f96763d36148a23&d9=1000&ad=16&vi=100&ofpr=2&imid=781a875c49bc1db5cb371b82e999265b_1723156241_5590208&e=firstQuartile&ad=16&vi=100&d1=vpaid&fv=3&cb=1614952632353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:18 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 7456 		42 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C5ofXuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEswJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSasrmbRgxuzATbyc9306_wrOh05jsEhwATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgPICwGwE73v8wrYEwLYFAGoFgE&sigh=tujPJXVbhRU&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&label=video_skip_shown&ad_mt=5170&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D1199,1200,1424,1600%26p1%3D975,1200,1200,1600%26tos%3D3865,407,217,0,739%26mtos%3D3865,4272,4489,4489,5228%26amtos%3D0,0,0,0,0%26mtos1%3D2616,624,739%26mcvt%3D4489%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5228%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1098%26pst%3D476%26dur%3D15069%26vmtime%3D5170%26is%3D275%26i0%3D274%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D0%26c1%3D0,1,1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D1249,1249,1249,1249,1249%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D29%26emuc%3D0%26emb%3D21,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483585%26psv%3D62%26psfv%3D62%26psa%3D0%26ptlt%3D1614952639724%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5228%26ss0%3D0%26ss1%3D0,0.04,0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1614952633893
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:19 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
110508_th.gif
i.123g.us/c/eaug_dreamday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/110508_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
498479fb35ad705beb2a644010f1b5650f82221bc615f14160f72eae71f8ea1b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 09:59:34 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
791866
ETag
"1ade-4f322afe06900"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6878
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 10:14:35 GMT
118019_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/118019_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3687bda94db462359c1cabe3d16f8eecf1c4c060088c3de8d9de2bc5ae30e397

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 14:09:15 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
949685
ETag
"1fb5-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8117
Expires
Tue, 23 Feb 2021 18:28:44 GMT
118266_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118266_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0a94bf6137c58f34fad3fd46b2b0614fedf63a26d4b797e99873224d4a449164

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:19:04 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1719496
ETag
"1fd9-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8153
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 10:13:51 GMT
328217_th.jpg
i.123g.us/c/eaug_dreamday/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/328217_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b4544d214dcb52b999fd8aac26380a9a8bd1d363707ebf0faba5f00c23452bc9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 12:49:06 GMT
Last-Modified
Wed, 08 Mar 2017 06:20:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
781694
ETag
"1515-54a3220e12700"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5397
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 13:08:17 GMT
328054_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328054_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
da8424d67b738df701764a2af42e099d42f4000c7836bcbcd1f95f90a1754d13

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 15:39:02 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
2067498
ETag
"162a-5494648c59540"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5674
jake_test
Test_Pass
Expires
Tue, 09 Feb 2021 15:54:02 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 08:14:31 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2094169
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 11:24:32 GMT
107382_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/107382_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e264b483476d2f3077d91eaa27d016f350e940b675442a531b69bf8237f7de52

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 09:15:36 GMT
Last-Modified
Tue, 07 Mar 2017 10:29:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
1744904
ETag
"1be2-54a217cfec1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7138
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 07:14:56 GMT
328055_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328055_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f46be63e19d04817dee1c03f7961f270dcda6b0ebba3a28ce946351aa06ca5a6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 02:52:27 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1508693
ETag
"1f54-5494648e419c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8020
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 22:38:41 GMT
333333_th.jpg
i.123g.us/c/emar_womensday_thanku/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_thanku/th/333333_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8df414f2f268a79b25df82608e4e2abbde269074c6ff336ab873ccca4bcf1038

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 06:27:59 GMT
Last-Modified
Mon, 05 Mar 2018 10:55:37 GMT
Server
Footprint Distributor V6.1.1162
Age
199761
ETag
"1594-566a82a7e1c40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5524
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 12:23:17 GMT
118216_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118216_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
21ddf440ef96c40871bd11a61be53b96279cefcacf93b6f600df100b115bf95b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 12:59:30 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1126670
ETag
"1fe4-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8164
jake_test
Test_Pass
Expires
Sat, 20 Feb 2021 14:16:35 GMT
114295_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/114295_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
57aab38315432942225c98700c66a07fb6cb8946389c9be0ecd7c587a0afeb3d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 09:40:14 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2002626
ETag
"1f5a-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8026
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 13:10:50 GMT
113493_th.gif
i.123g.us/c/eapr_daylight/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/113493_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67a5e375fd2f38c2f87173f6df32a16b162c15e3c89cae78f5a19cfd5bccfaea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:05:34 GMT
Last-Modified
Mon, 24 Feb 2014 09:34:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
579106
ETag
"14d8-4f323af29cdc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5336
jake_test
Test_Pass
Expires
Fri, 26 Feb 2021 21:20:34 GMT
337982_th.gif
i.123g.us/c/eapr_daylight/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/337982_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cb311fbd77fe50849bcfe8cfb36faaaf660aa170a3aba8251275658a05209999

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:44:57 GMT
Last-Modified
Fri, 08 Mar 2019 06:34:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1739543
ETag
"1da6-5838f688a2840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7590
jake_test
Test_Pass
Expires
Thu, 04 Mar 2021 08:08:27 GMT
301739_th.gif
i.123g.us/c/emar_holi_happy/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_holi_happy/th/301739_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
33c1d47d641aead142009698235f311bdc2eacb0603adb1595df1cab9415e96c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 10:43:43 GMT
Last-Modified
Mon, 24 Feb 2014 09:42:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1134817
ETag
"1ccc-4f323c8da5780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7372
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 15:46:49 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 7456 		42 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C5ofXuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEswJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSasrmbRgxuzATbyc9306_wrOh05jsEhwATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgPICwGwE73v8wrYEwLYFAGoFgE&sigh=tujPJXVbhRU&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&label=videoplaytime50&ad_mt=7670&acvw=sv%3D889%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D6365,407,217,0,739%26mtos%3D6365,6772,6989,6989,7728%26amtos%3D0,0,0,0,0%26mcvt%3D6989%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7728%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1699%26pst%3D476%26dur%3D15069%26vmtime%3D7670%26dtos%3D3749%26dtoss%3D3%26dvs%3D3749%26dfvs%3D3749%26dvpt%3D3749%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3749,3749,3749,3749,3749%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D41%26emuc%3D0%26emb%3D33,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483393%26psv%3D254%26psfv%3D254%26psa%3D0%26ptlt%3D1614952642225%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7728&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:22 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D889%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D6365,407,217,0,739%26mtos%3D6365,6772,6989,...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7456 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=18;acvw=sv%3D889%26cb%3Dj%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D6365,407,217,0,739%26mtos%3D6365,6772,6989,6989,7728%26amtos%3D0,0,0,0,0%26mcvt%3D6989%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7728%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1699%26pst%3D476%26dur%3D15069%26vmtime%3D7670%26dtos%3D3749%26dtoss%3D3%26dvs%3D3749%26dfvs%3D3749%26dvpt%3D3749%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3749,3749,3749,3749,3749%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D41%26emuc%3D0%26emb%3D33,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147483393%26psv%3D254%26psfv%3D254%26psa%3D0%26ptlt%3D1614952642225%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,7728;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:22 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=8ddd4bb57a182a7ff995830c7f96763d36148a23&d9=1000&ad=16&vi=100&ofpr=2&imid=781a875c49bc1db5cb371b82e999265b_1723156241_5590208&e=midpoint&ad=16&vi=100&d1=vpaid&fv=3&cb=1614952632353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:22 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
301739_th.gif
i.123g.us/c/emar_holi_happy/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_holi_happy/th/301739_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
33c1d47d641aead142009698235f311bdc2eacb0603adb1595df1cab9415e96c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 10:43:43 GMT
Last-Modified
Mon, 24 Feb 2014 09:42:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1134820
ETag
"1ccc-4f323c8da5780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7372
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 15:46:49 GMT
110508_th.gif
i.123g.us/c/eaug_dreamday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/110508_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
498479fb35ad705beb2a644010f1b5650f82221bc615f14160f72eae71f8ea1b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 09:59:34 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
791869
ETag
"1ade-4f322afe06900"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6878
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 10:14:35 GMT
118019_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/118019_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3687bda94db462359c1cabe3d16f8eecf1c4c060088c3de8d9de2bc5ae30e397

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 14:09:15 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
949688
ETag
"1fb5-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8117
Expires
Tue, 23 Feb 2021 18:28:44 GMT
118266_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118266_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0a94bf6137c58f34fad3fd46b2b0614fedf63a26d4b797e99873224d4a449164

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:19:04 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1719499
ETag
"1fd9-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8153
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 10:13:51 GMT
328217_th.jpg
i.123g.us/c/eaug_dreamday/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/328217_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b4544d214dcb52b999fd8aac26380a9a8bd1d363707ebf0faba5f00c23452bc9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 12:49:06 GMT
Last-Modified
Wed, 08 Mar 2017 06:20:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
781697
ETag
"1515-54a3220e12700"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5397
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 13:08:17 GMT
328054_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328054_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
da8424d67b738df701764a2af42e099d42f4000c7836bcbcd1f95f90a1754d13

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 15:39:02 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
2067501
ETag
"162a-5494648c59540"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5674
jake_test
Test_Pass
Expires
Tue, 09 Feb 2021 15:54:02 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 08:14:31 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2094172
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 11:24:32 GMT
107382_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/107382_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e264b483476d2f3077d91eaa27d016f350e940b675442a531b69bf8237f7de52

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 09:15:36 GMT
Last-Modified
Tue, 07 Mar 2017 10:29:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
1744907
ETag
"1be2-54a217cfec1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7138
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 07:14:56 GMT
328055_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328055_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f46be63e19d04817dee1c03f7961f270dcda6b0ebba3a28ce946351aa06ca5a6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 02:52:27 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1508696
ETag
"1f54-5494648e419c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8020
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 22:38:41 GMT
333333_th.jpg
i.123g.us/c/emar_womensday_thanku/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_thanku/th/333333_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8df414f2f268a79b25df82608e4e2abbde269074c6ff336ab873ccca4bcf1038

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 06:27:59 GMT
Last-Modified
Mon, 05 Mar 2018 10:55:37 GMT
Server
Footprint Distributor V6.1.1162
Age
199764
ETag
"1594-566a82a7e1c40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5524
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 12:23:17 GMT
118216_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118216_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
21ddf440ef96c40871bd11a61be53b96279cefcacf93b6f600df100b115bf95b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 12:59:30 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1126673
ETag
"1fe4-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8164
jake_test
Test_Pass
Expires
Sat, 20 Feb 2021 14:16:35 GMT
114295_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/114295_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
57aab38315432942225c98700c66a07fb6cb8946389c9be0ecd7c587a0afeb3d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 09:40:14 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2002629
ETag
"1f5a-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8026
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 13:10:50 GMT
113493_th.gif
i.123g.us/c/eapr_daylight/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/113493_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67a5e375fd2f38c2f87173f6df32a16b162c15e3c89cae78f5a19cfd5bccfaea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:05:34 GMT
Last-Modified
Mon, 24 Feb 2014 09:34:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
579109
ETag
"14d8-4f323af29cdc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5336
jake_test
Test_Pass
Expires
Fri, 26 Feb 2021 21:20:34 GMT
337982_th.gif
i.123g.us/c/eapr_daylight/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/337982_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cb311fbd77fe50849bcfe8cfb36faaaf660aa170a3aba8251275658a05209999

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:44:57 GMT
Last-Modified
Fri, 08 Mar 2019 06:34:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1739546
ETag
"1da6-5838f688a2840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7590
jake_test
Test_Pass
Expires
Thu, 04 Mar 2021 08:08:27 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=8ddd4bb57a182a7ff995830c7f96763d36148a23&d9=1000&ad=16&vi=100&ofpr=2&imid=781a875c49bc1db5cb371b82e999265b_1723156241_5590208&e=sec10&vi=100&d1=vpaid&fv=3&cb=1614952632353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
aclk
www.googleadservices.com/pagead/ Frame 7456
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CwCwnuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CAHBYuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DI...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CAHBYuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSb0r-QsEJHBk_9b5uBAftzdtBPEKJ05GGk8wATY6d7QuwPgBAHABW6gBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSaCRpodHRwczovL3d3dy5jYWx2aW5rbGVpbi5ka7EJcH8fmewb2RmACgOYCwHICwHQCw-4DAGwE73v8wrYEwLYFAGoFgE&ae=1&num=1&cid=CAASPeRojK4aPsQN_3I7Q4iANSSX94KPvmjiQZDQFkQIXTdRe_XO72ySbBKISxISbG1792sDViXpt0LzGaYlnac&client=ca-pub-2958401851546457&ctype=110&label=video_10s_engaged_view&ad_mt=10170&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D1199,1200,1424,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26tos%3D8865,407,217,0,739%26mtos%3D8865,9272,9489,9489,10228%26amtos%3D0,0,0,0,0%26mtos1%3D2616,624,739%26mtos2%3D3749,0,0%26mcvt%3D9489%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10228%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2304%26pst%3D476%26dur%3D15069%26vmtime%3D10169%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2500,2500,2500,2500,2500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D45,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147481601%26psv%3D2046%26psfv%3D2046%26psa%3D0%26ptlt%3D1614952644725%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10228%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1614952633893&dblrd=1&uid=Ci0AZWm_UluOnEj4kvZm8HraTei3DPzGzwHfS1l0tXMcX3Pc3WdDmoa0Iv0EI6cQufGIggYYDw&sig=AOD64_2Z2U3-IFtsETTz1L8r2IRE1U3NVA&adurl=https://www.calvinklein.dk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:24 GMT
x-content-type-options
nosniff
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CAHBYuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSb0r-QsEJHBk_9b5uBAftzdtBPEKJ05GGk8wATY6d7QuwPgBAHABW6gBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSaCRpodHRwczovL3d3dy5jYWx2aW5rbGVpbi5ka7EJcH8fmewb2RmACgOYCwHICwHQCw-4DAGwE73v8wrYEwLYFAGoFgE&ae=1&num=1&cid=CAASPeRojK4aPsQN_3I7Q4iANSSX94KPvmjiQZDQFkQIXTdRe_XO72ySbBKISxISbG1792sDViXpt0LzGaYlnac&client=ca-pub-2958401851546457&ctype=110&label=video_10s_engaged_view&ad_mt=10170&acvw=sv%3D889%26cb%3Dj%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D1199,1200,1424,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26tos%3D8865,407,217,0,739%26mtos%3D8865,9272,9489,9489,10228%26amtos%3D0,0,0,0,0%26mtos1%3D2616,624,739%26mtos2%3D3749,0,0%26mcvt%3D9489%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10228%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2304%26pst%3D476%26dur%3D15069%26vmtime%3D10169%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26cs%3D16782099%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D2500,2500,2500,2500,2500%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D53%26emuc%3D0%26emb%3D45,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147481601%26psv%3D2046%26psfv%3D2046%26psa%3D0%26ptlt%3D1614952644725%26pngs%3D9s,14,15s%26veid%3Dxdi:0,amp:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,10228%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.04%26t%3D1614952633893&dblrd=1&uid=Ci0AZWm_UluOnEj4kvZm8HraTei3DPzGzwHfS1l0tXMcX3Pc3WdDmoa0Iv0EI6cQufGIggYYDw&sig=AOD64_2Z2U3-IFtsETTz1L8r2IRE1U3NVA&adurl=https://www.calvinklein.dk
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
s.youtube.com/api/stats/ Frame 574E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=10&st=0.000&et=10.170&rtn=15.070&ns=yt&fexp=21061817%2C44729227&el=adunit&cpn=ZvBZ6RjEf52qyKEy&docid=pWrq3AtQD1Q&ver=2&cmt=10.170&fmt=18&rt=9.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.070&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::8b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 7456 		42 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C5ofXuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEswJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSasrmbRgxuzATbyc9306_wrOh05jsEhwATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgPICwGwE73v8wrYEwLYFAGoFgE&sigh=tujPJXVbhRU&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&label=videoplaytime75&ad_mt=11420&acvw=sv%3D889%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D10115,407,217,0,739%26mtos%3D10115,10522,10739,10739,11478%26amtos%3D0,0,0,0,0%26mcvt%3D10739%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11478%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2705%26pst%3D476%26dur%3D15069%26vmtime%3D11420%26dtos%3D3750%26dtoss%3D4%26dvs%3D3750%26dfvs%3D3750%26dvpt%3D3750%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3750,3750,3750,3750,3750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D60%26emuc%3D0%26emb%3D52,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147479553%26psv%3D4094%26psfv%3D4094%26psa%3D0%26ptlt%3D1614952645975%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11478&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:26 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D889%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D10115,407,217,0,739%26mtos%3D10115,1052...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7456 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=960585;acvw=sv%3D889%26cb%3Dj%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26tos%3D10115,407,217,0,739%26mtos%3D10115,10522,10739,10739,11478%26amtos%3D0,0,0,0,0%26mcvt%3D10739%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D11478%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2705%26pst%3D476%26dur%3D15069%26vmtime%3D11420%26dtos%3D3750%26dtoss%3D4%26dvs%3D3750%26dfvs%3D3750%26dvpt%3D3750%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3750,3750,3750,3750,3750%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D60%26emuc%3D0%26emb%3D52,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147479553%26psv%3D4094%26psfv%3D4094%26psa%3D0%26ptlt%3D1614952645975%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,11478;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:26 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=8ddd4bb57a182a7ff995830c7f96763d36148a23&d9=1000&ad=16&vi=100&ofpr=2&imid=781a875c49bc1db5cb371b82e999265b_1723156241_5590208&e=thirdQuartile&ad=16&vi=100&d1=vpaid&fv=3&cb=1614952632353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
337982_th.gif
i.123g.us/c/eapr_daylight/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/337982_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cb311fbd77fe50849bcfe8cfb36faaaf660aa170a3aba8251275658a05209999

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:44:57 GMT
Last-Modified
Fri, 08 Mar 2019 06:34:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1739549
ETag
"1da6-5838f688a2840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7590
jake_test
Test_Pass
Expires
Thu, 04 Mar 2021 08:08:27 GMT
301739_th.gif
i.123g.us/c/emar_holi_happy/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_holi_happy/th/301739_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
33c1d47d641aead142009698235f311bdc2eacb0603adb1595df1cab9415e96c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 10:43:43 GMT
Last-Modified
Mon, 24 Feb 2014 09:42:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1134823
ETag
"1ccc-4f323c8da5780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7372
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 15:46:49 GMT
110508_th.gif
i.123g.us/c/eaug_dreamday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/110508_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
498479fb35ad705beb2a644010f1b5650f82221bc615f14160f72eae71f8ea1b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 09:59:34 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
791872
ETag
"1ade-4f322afe06900"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6878
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 10:14:35 GMT
118019_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/118019_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3687bda94db462359c1cabe3d16f8eecf1c4c060088c3de8d9de2bc5ae30e397

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 14:09:15 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
949691
ETag
"1fb5-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8117
Expires
Tue, 23 Feb 2021 18:28:44 GMT
118266_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118266_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0a94bf6137c58f34fad3fd46b2b0614fedf63a26d4b797e99873224d4a449164

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:19:04 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1719502
ETag
"1fd9-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8153
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 10:13:51 GMT
328217_th.jpg
i.123g.us/c/eaug_dreamday/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/328217_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b4544d214dcb52b999fd8aac26380a9a8bd1d363707ebf0faba5f00c23452bc9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 12:49:06 GMT
Last-Modified
Wed, 08 Mar 2017 06:20:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
781700
ETag
"1515-54a3220e12700"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5397
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 13:08:17 GMT
328054_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328054_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
da8424d67b738df701764a2af42e099d42f4000c7836bcbcd1f95f90a1754d13

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 15:39:02 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
2067504
ETag
"162a-5494648c59540"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5674
jake_test
Test_Pass
Expires
Tue, 09 Feb 2021 15:54:02 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 08:14:31 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2094175
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 11:24:32 GMT
107382_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/107382_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e264b483476d2f3077d91eaa27d016f350e940b675442a531b69bf8237f7de52

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 09:15:36 GMT
Last-Modified
Tue, 07 Mar 2017 10:29:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
1744910
ETag
"1be2-54a217cfec1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7138
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 07:14:56 GMT
328055_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328055_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f46be63e19d04817dee1c03f7961f270dcda6b0ebba3a28ce946351aa06ca5a6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 02:52:27 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1508699
ETag
"1f54-5494648e419c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8020
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 22:38:41 GMT
333333_th.jpg
i.123g.us/c/emar_womensday_thanku/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_thanku/th/333333_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8df414f2f268a79b25df82608e4e2abbde269074c6ff336ab873ccca4bcf1038

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 06:27:59 GMT
Last-Modified
Mon, 05 Mar 2018 10:55:37 GMT
Server
Footprint Distributor V6.1.1162
Age
199767
ETag
"1594-566a82a7e1c40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5524
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 12:23:17 GMT
118216_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118216_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
21ddf440ef96c40871bd11a61be53b96279cefcacf93b6f600df100b115bf95b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 12:59:30 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1126676
ETag
"1fe4-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8164
jake_test
Test_Pass
Expires
Sat, 20 Feb 2021 14:16:35 GMT
114295_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/114295_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
57aab38315432942225c98700c66a07fb6cb8946389c9be0ecd7c587a0afeb3d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 09:40:14 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2002632
ETag
"1f5a-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8026
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 13:10:50 GMT
113493_th.gif
i.123g.us/c/eapr_daylight/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/113493_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67a5e375fd2f38c2f87173f6df32a16b162c15e3c89cae78f5a19cfd5bccfaea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:05:34 GMT
Last-Modified
Mon, 24 Feb 2014 09:34:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
579112
ETag
"14d8-4f323af29cdc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5336
jake_test
Test_Pass
Expires
Fri, 26 Feb 2021 21:20:34 GMT
delayplay
s.youtube.com/api/stats/ Frame 0544 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/delayplay?ns=yt&fexp=21061817%2C44729227&el=adunit&cpn=ZvBZ6RjEf52qyKEy&docid=pWrq3AtQD1Q&ver=2&cmt=13.170&fmt=18&rt=12.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.070&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=13
Requested by
Host: blank
URL: about:blank
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::8b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
113493_th.gif
i.123g.us/c/eapr_daylight/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/113493_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
67a5e375fd2f38c2f87173f6df32a16b162c15e3c89cae78f5a19cfd5bccfaea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 26 Feb 2021 21:05:34 GMT
Last-Modified
Mon, 24 Feb 2014 09:34:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
579115
ETag
"14d8-4f323af29cdc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5336
jake_test
Test_Pass
Expires
Fri, 26 Feb 2021 21:20:34 GMT
337982_th.gif
i.123g.us/c/eapr_daylight/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eapr_daylight/th/337982_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cb311fbd77fe50849bcfe8cfb36faaaf660aa170a3aba8251275658a05209999

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 10:44:57 GMT
Last-Modified
Fri, 08 Mar 2019 06:34:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1739552
ETag
"1da6-5838f688a2840"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7590
jake_test
Test_Pass
Expires
Thu, 04 Mar 2021 08:08:27 GMT
301739_th.gif
i.123g.us/c/emar_holi_happy/th/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_holi_happy/th/301739_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
33c1d47d641aead142009698235f311bdc2eacb0603adb1595df1cab9415e96c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 10:43:43 GMT
Last-Modified
Mon, 24 Feb 2014 09:42:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
1134826
ETag
"1ccc-4f323c8da5780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7372
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 15:46:49 GMT
110508_th.gif
i.123g.us/c/eaug_dreamday/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/110508_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
498479fb35ad705beb2a644010f1b5650f82221bc615f14160f72eae71f8ea1b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 09:59:34 GMT
Last-Modified
Mon, 24 Feb 2014 08:23:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
791875
ETag
"1ade-4f322afe06900"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6878
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 10:14:35 GMT
118019_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/118019_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3687bda94db462359c1cabe3d16f8eecf1c4c060088c3de8d9de2bc5ae30e397

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 22 Feb 2021 14:09:15 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
949694
ETag
"1fb5-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8117
Expires
Tue, 23 Feb 2021 18:28:44 GMT
118266_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118266_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0a94bf6137c58f34fad3fd46b2b0614fedf63a26d4b797e99873224d4a449164

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 16:19:04 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1719505
ETag
"1fd9-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8153
jake_test
Test_Pass
Expires
Tue, 16 Feb 2021 10:13:51 GMT
328217_th.jpg
i.123g.us/c/eaug_dreamday/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/eaug_dreamday/th/328217_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b4544d214dcb52b999fd8aac26380a9a8bd1d363707ebf0faba5f00c23452bc9

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 24 Feb 2021 12:49:06 GMT
Last-Modified
Wed, 08 Mar 2017 06:20:44 GMT
Server
Apache/2.2.15 (CentOS)
Age
781703
ETag
"1515-54a3220e12700"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5397
jake_test
Test_Pass
Expires
Wed, 24 Feb 2021 13:08:17 GMT
328054_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328054_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
da8424d67b738df701764a2af42e099d42f4000c7836bcbcd1f95f90a1754d13

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 15:39:02 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:21 GMT
Server
Apache/2.2.15 (CentOS)
Age
2067507
ETag
"162a-5494648c59540"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5674
jake_test
Test_Pass
Expires
Tue, 09 Feb 2021 15:54:02 GMT
122718_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/122718_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Feb 2021 08:14:31 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2094178
ETag
"1fcc-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8140
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 11:24:32 GMT
107382_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/107382_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e264b483476d2f3077d91eaa27d016f350e940b675442a531b69bf8237f7de52

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 13 Feb 2021 09:15:36 GMT
Last-Modified
Tue, 07 Mar 2017 10:29:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
1744913
ETag
"1be2-54a217cfec1c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7138
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 07:14:56 GMT
328055_th.gif
i.123g.us/c/emar_employeeappreciation_day/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_employeeappreciation_day/th/328055_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f46be63e19d04817dee1c03f7961f270dcda6b0ebba3a28ce946351aa06ca5a6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Feb 2021 02:52:27 GMT
Last-Modified
Fri, 24 Feb 2017 12:58:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
1508702
ETag
"1f54-5494648e419c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8020
jake_test
Test_Pass
Expires
Sun, 21 Feb 2021 22:38:41 GMT
333333_th.jpg
i.123g.us/c/emar_womensday_thanku/th/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_thanku/th/333333_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
8df414f2f268a79b25df82608e4e2abbde269074c6ff336ab873ccca4bcf1038

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 Mar 2021 06:27:59 GMT
Last-Modified
Mon, 05 Mar 2018 10:55:37 GMT
Server
Footprint Distributor V6.1.1162
Age
199770
ETag
"1594-566a82a7e1c40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5524
jake_test
Test_Pass
Expires
Fri, 05 Mar 2021 12:23:17 GMT
118216_th.gif
i.123g.us/c/emar_patrick_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_patrick_wishes/th/118216_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
21ddf440ef96c40871bd11a61be53b96279cefcacf93b6f600df100b115bf95b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 20 Feb 2021 12:59:30 GMT
Last-Modified
Mon, 24 Feb 2014 09:48:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
1126679
ETag
"1fe4-4f323e13b2fc0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8164
jake_test
Test_Pass
Expires
Sat, 20 Feb 2021 14:16:35 GMT
114295_th.gif
i.123g.us/c/emar_womensday_wishes/th/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.123g.us/c/emar_womensday_wishes/th/114295_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.26.83.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
57aab38315432942225c98700c66a07fb6cb8946389c9be0ecd7c587a0afeb3d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 09:40:14 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
2002635
ETag
"1f5a-4f323c63af480"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8026
jake_test
Test_Pass
Expires
Mon, 22 Feb 2021 13:10:50 GMT
aclk
www.googleadservices.com/pagead/ Frame 7456
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=CwCwnuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CAHBYuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DI...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CAHBYuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSb0r-QsEJHBk_9b5uBAftzdtBPEKJ05GGk8wATY6d7QuwPgBAHABW6gBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSaCRpodHRwczovL3d3dy5jYWx2aW5rbGVpbi5ka7EJcH8fmewb2RmACgOYCwHICwHQCw-4DAGwE73v8wrYEwLYFAGoFgE&ae=1&num=1&cid=CAASPeRojK4aPsQN_3I7Q4iANSSX94KPvmjiQZDQFkQIXTdRe_XO72ySbBKISxISbG1792sDViXpt0LzGaYlnac&client=ca-pub-2958401851546457&label=video_engaged_view&ctype=110&dblrd=1&uid=Ci0AZWm_UluOnEj4kvZm8HraTei3DPzGzwHfS1l0tXMcX3Pc3WdDmoa0Iv0EI6cQufGIggYYDw&sig=AOD64_2Z2U3-IFtsETTz1L8r2IRE1U3NVA&adurl=https://www.calvinklein.dk
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:29 GMT
x-content-type-options
nosniff
server
adclick_server
p3p
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CAHBYuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEtgJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSb0r-QsEJHBk_9b5uBAftzdtBPEKJ05GGk8wATY6d7QuwPgBAHABW6gBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSaCRpodHRwczovL3d3dy5jYWx2aW5rbGVpbi5ka7EJcH8fmewb2RmACgOYCwHICwHQCw-4DAGwE73v8wrYEwLYFAGoFgE&ae=1&num=1&cid=CAASPeRojK4aPsQN_3I7Q4iANSSX94KPvmjiQZDQFkQIXTdRe_XO72ySbBKISxISbG1792sDViXpt0LzGaYlnac&client=ca-pub-2958401851546457&label=video_engaged_view&ctype=110&dblrd=1&uid=Ci0AZWm_UluOnEj4kvZm8HraTei3DPzGzwHfS1l0tXMcX3Pc3WdDmoa0Iv0EI6cQufGIggYYDw&sig=AOD64_2Z2U3-IFtsETTz1L8r2IRE1U3NVA&adurl=https://www.calvinklein.dk
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=200034;
ade.googlesyndication.com/ddm/activity_ext/ Frame 7456 		42 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=200034;?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 7456 		42 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C5ofXuThCYNbJE8KClgSl2b-4B8-g0tthx936-70NsJAfEAEg3NzOe2DRgbmC0AegAaXbvuICyAEFqQI8dEDUpQS0PuACAKgDAZgEAKoEswJP0JM6dyquqThMunAbqE_D9FHl88az_M4r9DIxiKK21VyGwKJm-n9hdW5RJClPowRdkEIBwHrkPL2G4NOP8t2K79Pa7BhqZ2G95bibsh-myGfeZYVV91wk37SUpdGKaLoY2OVIjPSyw7Qv4rBh3vG8C-QHNEkSbS1Sa6_8t1OAwSGK2jcOqUaG1Fv-ViKlT9LN45VcAmnA3Wu4ej-M4szOmKZyJg9P6V88spebPzJkBY-_eq406bAIZVs39MjagDnGJS09jpJEdn6CbdFoNU5SmRA6QeSzCin0zMmCMYLPS0sZOu1TksjP3On-LZpue-DnFPMXmh9Bf91Au5zh_GQUQbTxGi8eXrQTaQcHwUJ6WV7OK2F58G61AMwdqSasrmbRgxuzATbyc9306_wrOh05jsEhwATY6d7QuwPgBAGgBlSAB8OkwZ0BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB5zcG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwGoCAHSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTQzNDE0OTgwNTExMDU3ODSACgPICwGwE73v8wrYEwLYFAGoFgE&sigh=tujPJXVbhRU&cmd=Ch1jYS12aWRlby1wdWItMjAyNDY5MDgxMDM4MTY1NBAAGAI&label=videoplaytime100&ad_mt=15070&acvw=sv%3D889%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D1199,1200,1424,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26p3%3D975,1200,1200,1600%26tos%3D13782,407,217,0,739%26mtos%3D13782,14189,14406,14406,15145%26amtos%3D0,0,0,0,0%26mtos1%3D2616,624,739%26mtos2%3D3749,0,0%26mtos3%3D3750,0,0%26mcvt%3D14406%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15145%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3507%26pst%3D476%26dur%3D15069%26vmtime%3D15069%26dtos%3D3667%26dtoss%3D5%26dvs%3D3667%26dfvs%3D3667%26dvpt%3D3667%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3667,3667,3667,3667,3667%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D78%26emuc%3D0%26emb%3D70,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147418113%26psv%3D65534%26psfv%3D65534%26psa%3D0%26ptlt%3D1614952649641%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,15145%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04%26ss3%3D0.04&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:29 GMT
x-content-type-options
nosniff
server
ltt
timing-allow-origin
*
x-frame-options
SAMEORIGIN
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=13;acvw=sv%3D889%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D1199,1200,1424,1600%26p1%3D975,1200,1200,160...
ade.googlesyndication.com/ddm/activity_ext/ Frame 7456 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity_ext/dc_pubid=3;dc_exteid=17411236002950945799;met=1;ecn1=1;etm1=0;eid1=13;acvw=sv%3D889%26cb%3Dj%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D975,1200,1200,1600%26p0%3D1199,1200,1424,1600%26p1%3D975,1200,1200,1600%26p2%3D975,1200,1200,1600%26p3%3D975,1200,1200,1600%26tos%3D13782,407,217,0,739%26mtos%3D13782,14189,14406,14406,15145%26amtos%3D0,0,0,0,0%26mtos1%3D2616,624,739%26mtos2%3D3749,0,0%26mtos3%3D3750,0,0%26mcvt%3D14406%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D15145%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D3507%26pst%3D476%26dur%3D15069%26vmtime%3D15069%26dtos%3D3667%26dtoss%3D5%26dvs%3D3667%26dfvs%3D3667%26dvpt%3D3667%26is%3D275%26i0%3D274%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D16782099%26c%3D1%26c0%3D0%26c1%3D0,1,1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3667,3667,3667,3667,3667%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D699%26femvt%3D0%26emc%3D78%26emuc%3D0%26emb%3D70,2,1,0,5%26avms%3Dexc%26qi%3D157679201%26psm%3D-2147418113%26psv%3D65534%26psfv%3D65534%26psa%3D0%26ptlt%3D1614952649641%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,15145%26ss0%3D0%26ss1%3D0,0.04,0.04%26ss2%3D0.04%26ss3%3D0.04;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.04%26t%3D1614952633893?
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Mar 2021 13:57:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:29 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=95080&t=1614952632&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952632026-930171782941-021298-001-000227&cha=0.05&cb=56665232172&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&asid=5e8b42ae145a8138e61d4a85%7C6012e07d2dbaf03bbd1c0d08&pid=5e5bd02728a06124e30d85c3%7C59918a0e073ef4782e4e347f&cid=5e5bd1f528a0610dd725f7d8%7C5e8b3e740cd6ad6132403f66&h=8ddd4bb57a182a7ff995830c7f96763d36148a23&d9=1000&ad=16&vi=100&ofpr=2&imid=781a875c49bc1db5cb371b82e999265b_1723156241_5590208&e=complete&ad=16&vi=100&d1=vpaid&fv=3&cb=1614952632353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
watchtime
s.youtube.com/api/stats/ Frame 4140 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/watchtime?rti=20&st=10.170&et=15.070&final=1&ns=yt&fexp=21061817%2C44729227&el=adunit&cpn=ZvBZ6RjEf52qyKEy&docid=pWrq3AtQD1Q&ver=2&cmt=15.070&fmt=18&rt=14.000&adformat=2_2_1&euri=https%3A%2F%2Fwww.123greetings.com%2F&len=15.070&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=89.0.4389.72&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop
Requested by
Host: blank
URL: about:blank
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::8b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
go1.aniview.com/api/adserver/tag/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=631925&AV_WIDTH=400&AV_HEIGHT=225&cb=1614952649662
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.145.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b084565a7082098014368944e759ded39cd0035e41d7ccaa7bfe5f91288ffd99

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 22 Feb 2021 00:10:49 GMT
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&us_privacy=1---&cbb=4952649776&imp_id=6f324cf8-833e-4258-9bdc-db1c0a265024
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 13:57:29 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.248:80
AN-X-Request-Uuid
cec0d011-756b-4c89-87e3-2f13f9591cb8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:29 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=48820&t=1614952649&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952649715-958808782341-031912-007-003986&cha=0.7&cb=53181803545&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1614952649776&asid=6012e07d2dbaf03bbd1c0d08%2C5e9030afdc817965520eb855%2C5f3500a41c87da63396619f7&ofpr=%2C%2C0.22&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 05 Mar 2021 13:57:29 GMT
X-SpotX-Timing-Transform
0.000351
X-SpotX-Timing-SpotMarket
0.006986
X-SpotX-Timing-Page-Mux
0.001122
X-SpotX-Timing-Page-Require
0.000319
X-fe
078
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000040
X-SpotX-Timing-Page
0.012491
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000456
Last-Modified
Fri, 05 Mar 2021 13:57:29 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006986
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.003201
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=48820&t=1614952649&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952649715-958808782341-031912-007-003986&cha=0.7&cb=53181803545&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1614952649917&asid=6012e07d2dbaf03bbd1c0d08&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame BDBC 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:29 GMT
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame 87F3 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
242463
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame BDBC 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:29 GMT
integrator.js
adservice.google.com/adsid/ Frame BDBC 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 110D 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:36:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1286
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 05 Mar 2021 14:36:04 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 87F3 		156 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FOutstream_123greetings_Desktop_Slider_T2_Avantis_Google&description_url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3005136126619854&nofb=0&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=1342874342&sdk_apis=2%2C8&sid=03151417-85FA-4B49-B019-CF9C178BE5BD&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&dt=1614952650077&cookie_enabled=1&scor=2090900383646180&ged=ve4_td0_tt0_pd0_la0_er1133.1200.1285.1500_vi0.0.1200.1600_vp44_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:30 GMT
content-length
2
content-type
text/plain
ptv
ib.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&us_privacy=1---&cbb=4952650417&imp_id=2d0b2988-2308-49f7-9ad2-a105e6fa815a
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 05 Mar 2021 13:57:30 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.251:80
AN-X-Request-Uuid
88515b8f-e75e-49b9-91e6-3823c3280aea
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
events.avantisvideo.com/ 		2 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.244.32.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-244-32-41.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 05 Mar 2021 13:57:30 GMT
content-length
2
content-type
text/plain
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=48820&t=1614952649&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952649715-958808782341-031912-007-003986&cha=0.7&cb=53181803545&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1614952650417&asid=6012e07d2dbaf03bbd1c0d08%2C5e9030afdc817965520eb855%2C5f3500a41c87da63396619f7&ofpr=%2C%2C0.22&fpo=%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
287573
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 05 Mar 2021 13:57:30 GMT
X-SpotX-Timing-Transform
0.000409
X-SpotX-Timing-SpotMarket
0.006913
X-SpotX-Timing-Page-Mux
0.001240
X-SpotX-Timing-Page-Require
0.000512
X-fe
073
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000036
X-SpotX-Timing-Page
0.012518
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000336
Last-Modified
Fri, 05 Mar 2021 13:57:30 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006913
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.003051
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000020
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DK&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=48820&t=1614952649&cip=82.102.20.235&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1614952649715-958808782341-031912-007-003986&cha=0.7&cb=53181803545&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1614952650481&asid=6012e07d2dbaf03bbd1c0d08&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.134.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-134-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame DDF7 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115081
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:30 GMT
bridge3.445.1_en.html
imasdk.googleapis.com/js/core/ Frame 627A 		577 KB
189 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.445.1_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
193133
date
Tue, 02 Mar 2021 18:36:26 GMT
expires
Wed, 02 Mar 2022 18:36:26 GMT
last-modified
Tue, 02 Mar 2021 18:31:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
242464
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame DDF7 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:57:30 GMT
integrator.js
adservice.google.com/adsid/ Frame DDF7 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 05 Mar 2021 13:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6F12 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:27:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1807
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Fri, 05 Mar 2021 14:27:23 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 627A 		156 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F57778053%2FOutstream_123greetings_Desktop_Slider_T2_Avantis_Google&description_url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&tfcd=0&npa=0&sz=400x225&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2633950638296658&nofb=0&sdkv=h.3.445.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2515005153&sdk_apis=2%2C8&sid=EDE30924-8235-4D48-9205-5235AE2104EA&eid=21061824%2C44729227&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F03304221117548838576&dt=1614952650636&cookie_enabled=1&scor=4465014670037148&ged=ve4_td1_tt0_pd1_la1000_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.445.1_en.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 13:57:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.avantisvideo.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
events.avantisvideo.com
URL
https://events.avantisvideo.com/

Verdicts & Comments Add Verdict or Comment

471 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| swfobject number| showmore_time number| showmore_time1 object| pos_arr number| start_x string| user_server_IP object| aImages string| base_url string| base_url_new string| loginpop_url boolean| tellafrnd_flag string| cardcustommusic object| extraopts string| studio_mus string| logged_in_id string| logged_in_email string| logged_in_name function| checkEmail_site function| setCookie function| getCookie function| setSessCokieNew function| getSessCokieNew function| getCardType function| isIE function| detectIE object| googletag function| NewDFPADCode function| PreRollAd function| embed_flash function| load_json function| loadTopNav function| showMore function| closeMore function| clearCloseMore function| showMore1 function| closeMore1 function| clearCloseMore1 object| CardRating function| showViews function| showSent object| CardRelevency object| CardTags function| Tab123 function| blankOnFocus number| nl_timer object| nl_vars function| nl_email_validate function| nl_setTypo function| preload function| addthis_click function| showSearchTagClouds_New function| showSearchTagClouds function| showCardsTagClouds function| showCardsTagClouds_new function| showYouTubeCard function| embedswf_swfobject function| show_embed function| makeCopy function| setCookie_new function| showPreview_new function| showQuickSend function| quick_send function| LoadMusic_New function| changeAudioMusic undefined| v_api undefined| a_api function| Load_Video_Card function| video_callback function| Remove_Video_Card function| Remove_Audio_Card function| changeMusic boolean| mopTipFlag boolean| openMopTip undefined| mopTipW undefined| mopTipH string| mopTipID object| mopTipFunc undefined| mopTipPin undefined| mopTipContent number| mopTipTime object| contact_arr object| contact_email_arr number| is_photocard function| showHideComments function| sendFeedback function| unescapeHtml function| get_evcal function| set_evcal function| setUserPref function| getUserPref function| setSessCokie function| getSessCokie function| addCommas function| selectMusic string| mus_vol function| PlayMusic function| StopMusic function| SetMusic function| GetMusic function| showcard_takeover function| shareFriends_init function| showFriendsAddr function| showLoginBar function| showLoginSignupPopup function| loadConfigData function| SetAsBookmark function| showHPCustomBlocks function| getUsrCountry function| loadCustomMusic_Studio function| LoadHeaderMenu function| socialMediaShowHide function| ShowMantle function| getCookieConsent function| showSpecialExitAd function| CheckAD_Blocker function| Show_Animation function| ShowSearchAutoCom function| getInternetExplorerVersion number| start_y number| startx number| starty string| scroller_html function| callOnPageLoad function| showBookmark function| clearCloseMore_new1 function| closeMore_new1 function| showMore_new1 function| clearCloseMore_new function| closeMore_new function| showMore_new function| showNavPanel function| showMoreCardsHP function| Tab123_New object| timer function| NLSubscribe function| HP_scroller function| QuickSendHP string| sort_op function| FAQ_validate function| showCardno function| showPaging function| showResults function| sortMembers function| printCard function| print_init function| FCP_Sender_Block function| showThankBlock function| showThankBlock_Popup function| showSendAnotherCard function| showSendAnotherCard_Popup function| DoAfterVideo function| buildFullFCP function| ShowFCPThankCard function| ThumbCarousel function| buildThankPage function| Track_Thank_Scroller function| Thank_Scroller function| Show_Thumbs function| Show_Icons function| showFCPQuickSend function| showFCPQuickSend_New function| getPlugins function| v function| w function| smus function| tmus function| play function| LoadMusic function| LoadMultipleMusic object| a object| b object| c object| d object| f object| g object| h number| player string| defaultmus string| agt boolean| ie boolean| win object| mt string| nse string| p string| n object| email_uid function| showBoxContent function| getHappyBirthdaySubCat function| getAnniversarySubCatNew function| getHappyBirthdaySubCatNew function| showCardData function| showPreviewCardData function| showFbUserData function| checkDate function| fillDay function| fillMonth function| fillYear function| fillFullDay function| fillFullMonth function| getStatusCodes function| Show_Contact function| Add_Contact function| Edit_Contact function| Delete_Contact function| Import_Contact function| Do_Signup function| Do_Login function| Do_Logout function| Do_ForgotPwd function| Check_Login function| Validate_Login function| SetTypoVal function| Validate_Signup function| Validate_Newpwd object| allcontacts_arr object| allfriends_arr object| allpendingfrnd object| allmutualfriends object| all_imcontacts object| all_friendsactivity object| all_myactivity object| all_artists object| connect_data function| Show_Allcontacts function| Show_Allfriends function| Show_Pending_Frnd function| Show_MyFriends function| Show_MutualFriends function| Show_MyActivity_New function| Show_FriendsActivity_New function| Add_NewContact function| Edit_NewContact function| Edit_RemiderContact function| Delete_NewContact function| Delete_ContactNew function| Pending_FrndReq function| Pending_FrndReq1 function| Get_MutualFrnd function| Confirm_Email function| Confirm_Email_MyPage function| ChangePic function| ChangePicMyPage function| ImportContact object| filterArr function| Filter_Contact object| all_birthdays function| Show_Birthdays function| getFullDate object| all_reminders function| ShowReminder function| ShowReminderPrint function| SaveBdayReminder function| SaveAnnivReminder function| getSelectionText function| selectElementText function| copySelectionText function| AddtoSendCard object| eventids object| allevents_arr object| addevents_ids object| delevents_ids object| delidsarr boolean| isMyEventsCalled function| events_init function| events_init_mypage function| getMyEvents function| Show_MyEvents function| Filter_Event function| Add_Event function| Delete_Event function| SaveEventReminder function| Show_Artists function| Delete_Artist function| Follow_Artist function| Follow_Artist_Mypage function| Show_FollowArtist function| ChangeTemplate function| SetPreview function| ShowFriendList function| AddFriendManually function| fillTime function| fillHours function| fillMinutes function| SetHiddenVars function| AddCalendar function| ShowInviteeInfo function| DeleteInvite function| SetJoiningOpt function| SaveRespond function| SaveInvite function| Validate_AcctSettings function| Validate_AcctSettings_MyPage function| AddNewFamilyMemberRow function| Validate_FamilyMember_MyPage function| SetTypoValFamilyMemberMyPage function| Validate_MarriedFamilyMember_MyPage function| SetTypoValMarriedFamilyMemberMyPage function| AddNewFriend function| Validate_NewFriend_MyPage function| Validate_Event_Reminder function| Validate_ProfileSettings function| AddNewFamilyMemberRowSettings function| AddNewMarriedFamilyMemberRowSettings function| Validate_FamilyMember_SettingPage function| SetTypoValMarriedFamilyMemberSettingsPage function| Validate_AddReminder_Manually function| Add_New_Reminder function| Validate_Manual_Contact function| SetTypoValManualContact function| init_scheduled_card function| Validate_AddReminder_Logout function| Validate_AddReminder_Login function| Validate_AddFriendsReminder_Logout function| Validate_AddFriendsReminder_Login function| Validate_ChangeMindReminder_Logout function| scrollToAnchor function| dropDownMonthDayChanged object| track_dataarr_received function| callAjaxMyPage function| SaveNewPassword function| SaveBdaySettings function| SaveAnniversarySettings function| SaveEventSettings function| SaveFollowUpdatesSettings function| SavePrivacySettings function| SaveNewEmailAddress function| ResendEmailVerification function| RemoveSecondaryEmail function| UpdatePrimaryCommEmail function| SaveFBConnectSettings function| Do_Blockuser function| Show_Paging function| Show_Paging_New function| DoExtra function| ConnectBlocks_in123g function| CallPlugin_api function| connect_blocks function| Show_ImportfrmCookie function| Show_EmptyAddrBook function| Show_PendingFrndReq function| TimestamptoDays function| showDateTxt function| Show_Thank_DeliveryDtl function| showContactsInvites object| bubble_data function| getServPath function| getCrossDomainMsgPost function| showNotificationCounts function| connectNotification_init object| sendCardData object| recvCardData undefined| sendCardDataCount undefined| recvCardDataCount function| showRecvdCards function| showSntCards function| showMyecardsSuggessions function| showUpBdays function| showBdayReminder function| showUpEvents function| showEventReminder function| showSuggessions function| ShowEventsCards function| connectWithFacebook function| LinkAuthed function| DelinkFB function| InviteFrnd function| InviteFB_Friends object| jQuery18206447263486461945 object| card_contents string| affId string| cardId string| user_card_no string| cat_q1 string| sub_cat_q1 string| receiver_email_enc object| isPhotoCard object| qs_params string| q1_thank number| left object| others_cards string| is_sender function| unblockCallFunc object| FB function| publish function| publish_pint function| getpdf function| addCalendar string| site_rtn_overlay function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| config_data object| gaplugins object| gaGlobal object| gaData number| c2 number| c1 object| card_details boolean| isopen boolean| flag object| boxFunc object| top_menu object| tagclouds_cards function| loadQ1Json object| ggeac object| google_js_reporting_queue object| list function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| details object| more object| generated_time object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| google_reactive_ads_global_state object| GoogleGcLKhOms object| cards object| q1_dtl object| music_dtl number| int_more_cards object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner object| avntsWebpackJsonp number| avnts_player object| google_image_requests function| avPlayer object| storageAni object| closure_lm_54003

4 Cookies

Domain/Path Name / Value
.123greetings.com/ Name: _gat_gtag_UA_3076315_1
Value: 1
.123greetings.com/ Name: _gid
Value: GA1.2.1475996956.1614952622
.123greetings.com/ Name: _ga
Value: GA1.2.1005860264.1614952622
www.123greetings.com/ Name: config_data
Value: CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=1

3 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.123greetings.com/send/view/03304221117548838576
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.123greetings.com/send/view/03304221117548838576
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://www.123greetings.com/send/view/03304221117548838576

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0900d52e7942607e78205221c832f89a.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
assets.pinterest.com
avm.avantisvideo.com
c.123g.us
cdn.ampproject.org
cdn.avantisvideo.com
cdn1.avantisvideo.com
connect.facebook.net
csi.gstatic.com
events.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
i.123g.us
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
play.aniview.com
player.aniview.com
pubads.g.doubleclick.net
r4---sn-4g5e6nzz.googlevideo.com
r4---sn-5goeen7k.googlevideo.com
r4---sn-uqj-j2ik.googlevideo.com
s.youtube.com
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.avantisvideo.com
sync.aniview.com
tpc.googlesyndication.com
track1.aniview.com
trkn.us
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.123g.us
events.avantisvideo.com
142.250.185.130
142.250.185.194
142.250.185.70
142.250.186.162
142.250.186.34
184.72.244.154
185.33.220.243
185.33.221.14
185.94.180.124
2.16.107.18
2.16.107.43
2001:6c8:180:5::11
2a00:1450:4001:1::9
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2006
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4009:817::2003
2a00:1450:400c:c07::8b
2a00:1450:400f:10::a
2a02:26f0:1700:59a::2c79
2a02:26f0:6c00::210:ba12
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f106:83:face:b00c:0:25de
2a04:4e42:9::84
34.202.70.106
35.171.145.49
52.200.134.48
54.204.180.26
54.212.156.141
54.244.32.41
67.26.137.252
67.26.83.252
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0396694e05d98303c8cd2b5053e2b0c47f44a7d89237261731a3db680ceae64a
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0a94bf6137c58f34fad3fd46b2b0614fedf63a26d4b797e99873224d4a449164
0a99664ef5d0d0f8b3586574bb80cd5139a4bff6e5f12604d767e57dc5597912
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0cf6096d0c5a77299d32d92c53397e35f5320b519bbfcab430c04b401b15cf1f
0d13bd413ed644911ab48a27e1c3a582118b1e93513ec1c9bf8a1f91222bffd6
0d78f0e275929c1a9f449acaf371294207f532a67d6fcf109cb4385664cec099
0e40a69db66d0d31929c2af959cc741bcfbd639bf8c889525ba7d51bad318ae5
0f2e1d357e9969fae9cca6637719ed44194a22125c211c8bd64c7492ecb5bebf
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
14d63aee3a6c66d67b67816622f792b33ffe33eda464ef13bae6b15a6f59c2e4
173d5f3d3b09f62a9a6e5ccf6c35fca457b6d68c0bd03e04171c41719e402ca2
17a0d3bdca2548ebe70691b8902f3d4da915c925e1961118cb28480533cd5e7d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1a95876237ee634c719f2b2d6e5aadc5a40f2aa34d407446b2a98eabac190040
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1db78caab4487db707ddf2dfa5a49c7c3be19ce73ac5a67e56d62a8cefe55c19
1e2496941c02b94bf6b19438b27abdbc71635f3fa79774f0210c36930d860b73
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
21ddf440ef96c40871bd11a61be53b96279cefcacf93b6f600df100b115bf95b
22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2de381cbd9557ddb6bcf2e82826cd32590261c5d2de089c9ed87dcf5e989962f
301d64a2e36e83c44987f3bb40e8add5ff8f161bf569934a31034f9b2c8e4c74
30356f4ee7951ecbcb3b3581c7382375d9a6b3f7758387b159161f314b0dcf89
30c568e71b003ddba094b29a8dd6aa2189de0e4e67c7eb63f94f05edd65968b1
31f7e40a7404198ccf7b503084f06c031dc568e4cdd05a1b67e9ec98083cb949
33c1d47d641aead142009698235f311bdc2eacb0603adb1595df1cab9415e96c
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3687bda94db462359c1cabe3d16f8eecf1c4c060088c3de8d9de2bc5ae30e397
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3edfd3d24d2883356ea82abecf995f1db253cf8f98fa1ec15209a4385d63a20f
3f551652d669051d3d7b813a876dee6c9bb023cf6b4a30f7fcaf5023a666aba2
417777ac4c3930da4b9895cd05d490e311d6c3ffbe67f8be6b52cbc3a80d88d7
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
498479fb35ad705beb2a644010f1b5650f82221bc615f14160f72eae71f8ea1b
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4acc1f3991e3a34a7a3b1180249a89402195613b46437fa08b1c13bf2b508008
4b6f2e21fdd573246166e25e88c0693f269ad5eb974fb517d6dee5f765bd65d2
510d99f13b8762e009e6988bde74f788474f70d079e8aece447018f7264c9116
523f846901bad5ce921ac4ca7c5fb06d39658428a641c7ea496f8560b4cb517f
56b6c683af43ba8e6ffe99d52fb35f9932c9a409493ed46eb40fd6e696fa24f0
57aab38315432942225c98700c66a07fb6cb8946389c9be0ecd7c587a0afeb3d
57ae4adb798e713d7343b958ed743e134e7d2195d3e6cf922bb305f5178249cc
585fa678e7f7b6bd2f8d3ec9fe05777fb682ef093a1bc522f0f83d8ec178f8ee
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5ae979dc3486bd2438cd22a479600fd57dd4041ed67e48b99f285584f9443efb
5c2aa4417cb7917bdd64d953a47996f1fdb0d7a6f097ce534dfd75daab334e84
67a5e375fd2f38c2f87173f6df32a16b162c15e3c89cae78f5a19cfd5bccfaea
68cd8c49a1f811e71f09edb9a1dde9f97651de3210b354be85453e8887fb714a
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8a9ed52b515c2cdd14f5bd78730aff0dd2d4e0b00c348135ad5e6133495e0a
6fa2000c7cfb5c2d58e97f4cabd11bb1c2f3eddf23847ad6adc1b4f4a6e9c1f7
6fa7cc9128819e7ca7402c739772daba7df959fd0ff1e62cd39e6ad73a08f976
758608abf5c456ea8cb5515828cabb68f082df67c04d350d0519241841cbf9d4
758be80699f9477ea2805a8c3271a1b9098fd08326edacecbf198e136d93c2f7
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7bc6a67d519f62c32208cbb11cad5748aa3cdff1d4aad2642bcc04c76160e151
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8418203f6ad21d8aa71baba1b849f312a50e38580bccfbbb7d6f7f7eec16cbdb
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
8a3875202ddb0999b0caf097d4242cd8ad986c5d69cf275c56ae9603ed437fcd
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4
8caeb1059ac2c4d2c9b19fca77f965680a7c875362e4321d0473e0ae02ca3a1f
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8df414f2f268a79b25df82608e4e2abbde269074c6ff336ab873ccca4bcf1038
8e67a4155de898528ba6ece7f2fab40999f40198d0ab2f4100590b65dbc7cc3d
8e8a52030d7af4979308e537072f8890682dc050bc751595d05adf63add9122a
92e6b7d01aaf2b0c7f141df98d074361a7c1034ebb8f300baabc9173996d60d2
93533f6334c9685277992fd549005f0439b4630d67799b8a789f75f50a4f924b
937ad19c9571b4ce96910f0c95a707188899e31b5840480e79d85d75d340b815
9387759a65b685c689f8d57d9ebd4575baa0dc95ebf3a6a0ace868856444e434
94b41edf9d1c0f426b707e4b95c3cf1b60c52c552668a5326541cf87c01e1d55
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
9ce32dd0505b7e1ae279bede121c8c7c05bdd0086bce3d99d5dcd1db830db1b8
a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1b0942a7d071bb49c923a0f72bcde6114441695e3f8ebfb16e0b8da15f7046d
a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969
a38da6c1fa5a3a99ee2125927f2040d5b0a5e1e24ed799ae8a4d5f1d68483c90
a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ae5acef10e059a281ba3961f678cfdd7e35b6682c12f65dade4d1812b8c8a2e9
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848
af4acfc4586c2d5c11514ef08681ca1cc7f69db15e61443a7e6347226f82633d
b084565a7082098014368944e759ded39cd0035e41d7ccaa7bfe5f91288ffd99
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b4544d214dcb52b999fd8aac26380a9a8bd1d363707ebf0faba5f00c23452bc9
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b7ed87eb3e2363cb3f400e1c0632629b585889681393b452766dce53d5f23f2b
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01
ba227aed32e88a52ef771e684728d5d81982af82c52fda7d0e3a2ed37ff29538
bc4cf58009be573f4312f648163edd7b378e12548c42394516d11afbce18f2f3
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c070b783735fd563e00e0b8a938cb11672a84c2a979667d95bb12b82d45763a7
c1f6f1027092d281d624e67f9f83460ed291ae367b558c16cd6afad7af5eba1e
c24e425fe705a25739dfe5325bab60ddcb16c3c7bf2f1dc4c4ebef8c1a07d89a
c282840626fc1f941a7ca02f362e428674ee83aed5ba89ed611ed0d96616e36e
c3b18cc0a385c6d5e81af3d1739aa9565f88e7d6b9a00d2e3b6d732e3b9ba3e9
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c47f237d1c8ad4453f1a6b3297f211c73406587e055b11010f464cce429ccdf7
c515386abca709d09f31b5fb24d25f420a4eeac9ca27cdf1061c55fb3bf1e2c3
c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c808e912a305db910fff01746895ac0284d93a98a701cad45890585b4e8f9b9e
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cb311fbd77fe50849bcfe8cfb36faaaf660aa170a3aba8251275658a05209999
cd482357c0415690fe23972a4b6c62f0cdeebaa29f66bf2851bbeaed4450b982
cf0dcbf96efa05bfe06183a6e3e6addebe98aba6e97c0478fa54bdf3aa9e485f
cf36c2a91f108e0eb00d5d2f09de162b72da38a46bca7e80eb13f53aabac4d70
cf6cefd0feb7c82a61b3c028495e17f22c3deef2a2be4a0652bac5e6b2696705
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d251b42608e24ca5f5168a68d2c2136cb35e9e8ff5a9f56dc57573f7762cb579
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d4390447cdbeb188fcda3f6593cbb3ebb1db6fe26ddf5589e00c5bce297ce38a
d553965b4f127f715ed9613608acf48ed535927582968b43b2244a6a9d2165a7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d98822c2ee45aa95f7c98f9ab5bf7eb3fb37dffb0332d7caf0fc7afe5805f506
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
da8424d67b738df701764a2af42e099d42f4000c7836bcbcd1f95f90a1754d13
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dccec3e311238d5f40a83bdb4d88d835ad80a4312278cc2628a05d1d6a818788
e264b483476d2f3077d91eaa27d016f350e940b675442a531b69bf8237f7de52
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
ed0ce81b44c3ff77f9063e5023b3ef9eae3cf9a5027345876cca337a399928c3
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4d2ae93a2f0b286fd607d601ecb39ddd0f53b86ba5da33789f2289b67141f8
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f46be63e19d04817dee1c03f7961f270dcda6b0ebba3a28ce946351aa06ca5a6
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f6cef4504476e7ffd234496143729a73c652191f2a20478b26666eeb05a1f30f
fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9