www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://secure-web.cisco.com/1HcpZDCozyzVOO7_XCeRzXFpHCZa1aZjRPE67LxV8C_Z4fJGaIfn4aSLl2Mqa3swnDzJjOiEufhiBMam2IZTHaEBRLe95Gpb...
Effective URL:
https://www.123greetings.com/send/view/12520120910320702226/r10
Submission: On December 30 via manual (December 30th 2020, 6:33:33 pm UTC) from US

Summary HTTP 347 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 53 IPs in 10 countries across 41 domains to perform 347 HTTP transactions. The main IP is 184.72.245.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.

This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2620:101:2002... 2620:101:2002:11f0::1001	16417 (IRONPORT-...) (IRONPORT-SYSTEMS-INC)
3	184.72.245.68 184.72.245.68	14618 (AMAZON-AES) (AMAZON-AES)
108	67.27.235.124 67.27.235.124	3356 (LEVEL3) (LEVEL3)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	52.54.0.202 52.54.0.202	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
14	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::84 2a04:4e42:3::84	54113 (FASTLY) (FASTLY)
4	67.27.157.252 67.27.157.252	3356 (LEVEL3) (LEVEL3)
43	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
18	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
4	68.183.31.14 68.183.31.14	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
20	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3034::6812:2a06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6812:2b06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	54.39.16.115 54.39.16.115	16276 (OVH) (OVH)
8	51.79.79.82 51.79.79.82	16276 (OVH) (OVH)
3	2606:4700:20:... 2606:4700:20::ac43:4671	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	144.217.67.230 144.217.67.230	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:81b::2006	15169 (GOOGLE) (GOOGLE)
1	95.101.184.244 95.101.184.244	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	193.122.128.135 193.122.128.135	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
3	157.245.94.128 157.245.94.128	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.28.69.126 52.28.69.126	16509 (AMAZON-02) (AMAZON-02)
1	108.128.209.152 108.128.209.152	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
1 1	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400e:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:63::8	15169 (GOOGLE) (GOOGLE)
2	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2	54.154.164.132 54.154.164.132	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
1 1	67.202.110.34 67.202.110.34	32748 (STEADFAST) (STEADFAST)
1	208.100.17.186 208.100.17.186	32748 (STEADFAST) (STEADFAST)
1	95.101.184.231 95.101.184.231	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 4	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
1 1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
347	53

1 2620:101:2002:11f0::1001 (United States) 1 redirects

ASN16417 (IRONPORT-SYSTEMS-INC, US)

secure-web.cisco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.72.245.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com

www.123greetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

108 67.27.235.124 (United States)

ASN3356 (LEVEL3, US)

c.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.54.0.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-0-202.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::84 (Ascension Island)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.27.157.252 (United States)

ASN3356 (LEVEL3, US)

v.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

272015d200ed39fc26ed2a74054dc622.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

served-by.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3034::6812:2a06 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6812:2b06 (United States)

ASN13335 (CLOUDFLARENET, US)

targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.39.16.115 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns555277.ip-54-39-16.net

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.79.79.82 (Canada)

ASN16276 (OVH, FR)
PTR: ns568735.ip-51-79-79.net

track.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4671 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 144.217.67.230 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns536587.ip-144-217-67.net

h.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.184.244 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-184-244.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.122.128.135 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898, US)

pixfuture.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.245.94.128 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

prebidserver.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.69.126 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.209.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-209-152.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)

pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.133.78 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:63::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5e6nsr.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.164.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-164-132.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (Germany)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.34 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: ip34.67-202-110.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.186 (Chicago, United States)

ASN32748 (STEADFAST, US)

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.184.231 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-184-231.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.39 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
112	123g.us c.123g.us x.123g.us i.123g.us v.123g.us	2 MB
49	googlesyndication.com 272015d200ed39fc26ed2a74054dc622.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	857 KB
39	vdo.ai a.vdo.ai targeting.vdo.ai analytics.vdo.ai track.vdo.ai h.vdo.ai	2 MB
23	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	219 KB
20	ampproject.org cdn.ampproject.org	387 KB
15	google-analytics.com www.google-analytics.com	56 KB
10	pixfuture.com served-by.pixfuture.com cdn.pixfuture.com prebidserver.pixfuture.com	476 KB
10	googletagservices.com www.googletagservices.com	263 KB
9	google.com 4 redirects adservice.google.com www.google.com	908 B
6	adtelligent.com 1 redirects ghb.adtelligent.com s.adtelligent.com sync.adtelligent.com	2 KB
6	criteo.com 2 redirects gum.criteo.com mug.criteo.com	3 KB
4	google.de adservice.google.de	1 KB
4	googletagmanager.com www.googletagmanager.com	153 KB
3	openx.net 1 redirects pixfuture2-d.openx.net eu-u.openx.net rtb.openx.net	564 B
3	technoratimedia.com pixfuture.technoratimedia.com ad-cdn.technoratimedia.com	297 B
3	googleadservices.com partner.googleadservices.com	559 B
3	gstatic.com fonts.gstatic.com csi.gstatic.com	22 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	110 KB
3	trkn.us 1 redirects trkn.us	2 KB
3	izooto.com cdn.izooto.com	38 KB
3	123greetings.com www.123greetings.com	36 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	725 B
2	tynt.com 1 redirects ic.tynt.com de.tynt.com	633 B
2	adsrvr.org match.adsrvr.org	1 KB
2	rlcdn.com api.rlcdn.com	246 B
2	adnxs.com ib.adnxs.com acdn.adnxs.com	1 KB
2	facebook.com www.facebook.com
2	facebook.net connect.facebook.net	62 KB
1	trafmag.com t.trafmag.com	232 B
1	onetag-sys.com onetag-sys.com
1	googlevideo.com r3---sn-4g5e6nsr.googlevideo.com	3 MB
1	mgid.com 1 redirects cm.mgid.com	910 B
1	advertising.com adserver-us.adtech.advertising.com	269 B
1	yahoo.com c2shb.ssp.yahoo.com	663 B
1	gumgum.com g2.gumgum.com	829 B
1	360yield.com ice.360yield.com	517 B
1	pubmatic.com ads.pubmatic.com	84 KB
1	2mdn.net s0.2mdn.net	11 KB
1	pinterest.com assets.pinterest.com	1 KB
1	cisco.com 1 redirects secure-web.cisco.com	307 B
347	41

	Domain	Requested by
64	i.123g.us	www.123greetings.com c.123g.us
35	c.123g.us	www.123greetings.com c.123g.us
31	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.123greetings.com tpc.googlesyndication.com cdn.ampproject.org pagead2.googlesyndication.com
20	cdn.ampproject.org	securepubads.g.doubleclick.net
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com cdn.pixfuture.com
16	h.vdo.ai	a.vdo.ai
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.123greetings.com
15	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
10	www.googletagservices.com	c.123g.us securepubads.g.doubleclick.net pagead2.googlesyndication.com www.123greetings.com
9	x.123g.us	c.123g.us
8	track.vdo.ai
8	analytics.vdo.ai	a.vdo.ai
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	a.vdo.ai	www.123greetings.com a.vdo.ai
5	www.google.com	4 redirects www.123greetings.com
4	sync.adtelligent.com	1 redirects cdn.pixfuture.com
4	served-by.pixfuture.com	securepubads.g.doubleclick.net served-by.pixfuture.com www.123greetings.com
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	v.123g.us
4	www.googletagmanager.com	www.123greetings.com a.vdo.ai www.googletagmanager.com
3	prebidserver.pixfuture.com	cdn.pixfuture.com
3	mug.criteo.com	www.123greetings.com
3	gum.criteo.com	2 redirects
3	cdn.pixfuture.com	served-by.pixfuture.com cdn.pixfuture.com www.123greetings.com
3	partner.googleadservices.com	pagead2.googlesyndication.com
3	trkn.us	1 redirects www.123greetings.com
3	cdn.izooto.com	www.123greetings.com cdn.izooto.com
3	www.123greetings.com	c.123g.us
2	ap.lijit.com	2 redirects
2	match.adsrvr.org	cdn.pixfuture.com ads.pubmatic.com
2	api.rlcdn.com	cdn.pixfuture.com ads.pubmatic.com
2	pixfuture.technoratimedia.com	cdn.pixfuture.com
2	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	www.123greetings.com connect.facebook.net
1	t.trafmag.com
1	rtb.openx.net	1 redirects
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	acdn.adnxs.com	cdn.pixfuture.com
1	de.tynt.com	cdn.pixfuture.com
1	ic.tynt.com	1 redirects
1	eu-u.openx.net	cdn.pixfuture.com
1	ad-cdn.technoratimedia.com	cdn.pixfuture.com
1	s.adtelligent.com	cdn.pixfuture.com
1	onetag-sys.com	cdn.pixfuture.com
1	r3---sn-4g5e6nsr.googlevideo.com
1	csi.gstatic.com	imasdk.googleapis.com
1	cm.mgid.com	1 redirects
1	adserver-us.adtech.advertising.com	cdn.pixfuture.com
1	c2shb.ssp.yahoo.com	cdn.pixfuture.com
1	ghb.adtelligent.com	cdn.pixfuture.com
1	pixfuture2-d.openx.net	cdn.pixfuture.com
1	g2.gumgum.com	cdn.pixfuture.com
1	ice.360yield.com	cdn.pixfuture.com
1	ib.adnxs.com	cdn.pixfuture.com
1	ads.pubmatic.com	www.123greetings.com
1	s0.2mdn.net	imasdk.googleapis.com
1	targeting.vdo.ai	a.vdo.ai
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	272015d200ed39fc26ed2a74054dc622.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	assets.pinterest.com
1	secure-web.cisco.com	1 redirects
347	65

This site contains links to these domains. Also see Links.

Domain
studio.123greetings.com
nl.123greetings.com
www.addthis.com
info.123greetings.com
blog.123greetings.com
widgets.123greetings.com
help.123greetings.com
vdo.ai

Subject Issuer	Validity	Valid
*.123greetings.com Go Daddy Secure Certificate Authority - G2	`2020-04-29` - `2022-04-29`	2 years	crt.sh
*.123g.us Go Daddy Secure Certificate Authority - G2	`2019-06-21` - `2021-09-16`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2020-03-20` - `2021-03-20`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2021-12-02`	2 years	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2019-10-15` - `2021-10-15`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
ghb.adtelligent.com Let's Encrypt Authority X3	`2020-11-07` - `2021-02-05`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-09-18` - `2021-03-17`	6 months	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.c.docs.google.com GTS CA 1O1	`2020-12-08` - `2021-02-16`	2 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
onetag-sys.com Let's Encrypt Authority X3	`2020-11-02` - `2021-01-31`	3 months	crt.sh
s.adtelligent.com Let's Encrypt Authority X3	`2020-11-09` - `2021-02-07`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
sync.adtelligent.com R3	`2020-12-07` - `2021-03-07`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://www.123greetings.com/send/view/12520120910320702226/r10
Frame ID: C327D4191A919BF47680B06D49B5ED8F
Requests: 183 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html
Frame ID: 34FBAFC7F8BDBA39D57FA0E79C04679F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd694e54fbcdc%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1a1b3738ef4624%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchristmas%2Fmerry_christmas%2Fchristmas_blessings_of_the_lord_.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Frame ID: D4D4502B1B3B62C338FE380EBC97B462
Requests: 1 HTTP requests in this frame

Frame: https://www.123greetings.com/send/fcp_track/332f446b657a7d6b4268772e6e2d74405c276a7a7c/12520120910320702226/summary
Frame ID: 631413C8734BC368140B849BBDE0E720
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhNoriMllxdm9g60BHt5VP_ZH_7MoCqIBmhhCesuppnQoDPyYsGa0dm8sA6fJKA6T9ubsRNH4dx-jDeBmuSBivREuR-TzHEnNVq8iBw0zghyboUt_wHk7IOeVuTTB219okf6MSiyoiUKoMAWSGE6cuedmyrKtmlvoJ5jXFFkDWK4XDcRj-9rwKRKc6u8ChR62nahzGI8Eaxw518U04b_llQv88VpjpY0Fz2BRAKyseAemlHUGA6m2b9I-gOY8HqLnlQYQz6wV7NoYMaza83ZxQ_HGfAsiLY7g&sai=AMfl-YQOvUHjmXTSjbFFnWKtYcNkIXc5UcSdyPFDygqZNcz6lz_UdTKiCpLWSpzMr5BN8azUQSgB8yg_w6LfZfEYJfJCn7nxHXdhRzbWXAZdXfCGoYd8mkegSAUq2gv1FeGB&sig=Cg0ArKJSzF9MC5v84-FEEAE&urlfix=1&adurl=
Frame ID: 93E9E85C4E5620AC0F8AE4A8DA11E7C5
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUky7p48Lto3hOZtubW7EOZR2zqW8Hn8wSvyV9HxrfYZOreLaVBT1jyiTURym0tIVhbqeFekGNrEVOUWQWEYYKQjlIQzvVF3dErbjzGicGK8W-LFsbChyq86n7C301E8OBz0ds6e90k6xCWTQhztMH9ojqaLdZ_CvnES97EbybQ6hj_uBBFytezt5W2BFip5KR1dl-MtiB1YOhPpyFo7yORiRt5JUQTzJymCN0TmpoKSuYTOafUyil0NIADOHCOW8vADtW2_jUGCp1THS3L5d0uEnquwKXlInx&sai=AMfl-YRf13konDhs-hi8SuWM7xABPEH0ZEKcv6kBLjn7y-I2bkzEyCeb88z-eLUnjxqhKvUsJUqyUxam1zv0WzuM04RJ_AIiT1CZK5oswnlazX5nVkFRr53oZJ8Hr76YhVg1&sig=Cg0ArKJSzJXvuvwFrx-9EAE&urlfix=1&adurl=
Frame ID: 0817D34C9056F840F06E0F72A251CA62
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_qLIz5xHfF5DiN5huro3hWSoKO8gckX9svMjg9xhnOEtT5IkNGSRGe5kWCnn3eIYrUaCe8LJEU_M0m7vt4nhe1lSb_chtxencAbzBUI39AMS9DVLWzH6YroRQ3u4e0X5T-MCPYXhOLKGms_YhPL0w6kFribAIfw-1edk8JnGvZ_z3t_R8lnl1JYpuJUlEe_SmbDCYhAoWOsVrWS0DKbOsx7ZykYs41Ksjr4joTP3DyDVwGvAqEWCoobP48tKZVy0A0W1-xp3lCkGvbZpiQPENMoFmo9Qp-1YoZZU&sai=AMfl-YRgyCtqFT_pWQF0wEqrLoDC7GRTW80U8ih56NqacpeeNi2-dgznUfC6SJhZWoWmuD74ZPdbEqYLSegONnVUCgcIwG44wgEdwRzekFcLmFr2LRpdgv42CpObPu8pZa1p&sig=Cg0ArKJSzNQsyke2VQ0-EAE&urlfix=1&adurl=
Frame ID: 4756D49E27BF5C8D945C1ED65C40BB2C
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: B3C07A1E21F23840FABA8062F71E7718
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: C780F85B719880BEF0B7209C9C3977DD
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: E6F8CE8013054E5445E5B709C3781ED4
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: 45664C5725CF7421958071953BAD7A30
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssg86YqOrIlO73n7ikq9QGvcL3_LM2VS0Mzud98f0g-h76pPD0iO-GyQDqOIdNH9ZDjdTUQKT1Sbcg3Bk5Z4aYHf9TgSmRYm82pbI47zleuPuHS-goOfJ1Er9l1YwI6k34Ijx7c_F_je6jOiyf7h6fw4cfQBovYe2KLZB06vRAhdXJ0rSXf7UWkxpTRjJZUwI6LdA2P8WfoT6IE37ddcX1-yv5TJ0g5aevOqHt0l8tZEZwHYexorfhugEBjl1z2COpsKpM45WK21Nmcd0-ToYSkNhzMchK0-0pRVlY&sai=AMfl-YSepNJpyChjsKtLxd2FSMuhIXkJaWWpxILj9qjqxbqMWMRS0xXwl-mLdf3n2n65EuH5rgOO2fFvC0LBa78rl0Z2AlJ--KLuP965I5YPX_XrebZvwz6kCffcr58KK2Ua&sig=Cg0ArKJSzDj8QH0YwLJAEAE&urlfix=1&adurl=
Frame ID: 56D67EE542E3C6D9EEC515819766C01E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 84832308961CB736B81EA7861AAA0345
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609353197623&bpp=7&bdt=120&idt=274&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ&correlator=6292967325366&frm=23&ife=4&pv=2&ga_vid=580540161.1609353195&ga_sid=1609353198&ga_hid=1574651867&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2422&biw=1600&bih=1200&isw=728&ish=90&ifk=2199914196&scr_x=0&scr_y=0&eid=21068945%2C21065725%2C21069710&oid=3&pvsid=4157927252727418&pem=845&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.25jp8qhrtiaf&btvi=1&fsb=1&dtd=291
Frame ID: 594BEF2BFFD626800424622C3CD8FA54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609353197598&bpp=23&bdt=99&idt=324&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ&correlator=6292967325366&frm=23&ife=4&pv=1&ga_vid=580540161.1609353195&ga_sid=1609353198&ga_hid=763024696&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3983794644&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3590618154224541&pem=845&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.oofzzbctviph&fsb=1&dtd=332
Frame ID: 8F008CF92D70AF75786D94C3FAE0F636
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 3E49BB9136E9102EE5EB4666DDA57D5B
Requests: 1 HTTP requests in this frame

Frame: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=103x728x90x26x_ADSLOT1&keywords=&refUrl=&innerWidth=728&mainDiv=pf-103x728x90x26x_ADSLOT1&flag=true
Frame ID: 0757CCB7D5D134EDCED70D5CF014749A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: D79F963929A2312C0AE5F86451B66203
Requests: 1 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/djax_elastic.js
Frame ID: 5FBE25C122B41C45E89AD4D86DFC0C88
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: ED45340D4A265E49C8233801019EC64D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.432.0_en.html
Frame ID: FB0A5041EBD9B1E1353D9903D5B4DF62
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: DDC8BAF678E0ADB3140F90941FC13DAE
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=708427033&pi=t.ma~as.3157381981&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609353199810&bpp=4&bdt=28&idt=49&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ&correlator=6292967325366&frm=23&ife=4&pv=2&ga_vid=580540161.1609353195&ga_sid=1609353200&ga_hid=800192049&ga_fc=1&nhd=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=2537685136&scr_x=0&scr_y=0&oid=3&pvsid=3218131024019120&pem=845&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.lqcjcja2q8bj&fsb=1&dtd=56
Frame ID: 5A7E0266A2C5B49FD215692C8BFBB0AC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: E6626242391D51DE8F4E6F5CF4065AD4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: C0A1CFEB9823163F3A27BB3564D9BFA9
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=435035
Frame ID: 4C6B4C6FB27138339744E8956114852A
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.19.0
Frame ID: DF2EAEDE5B465CDCF9A4D00C2FA586CB
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Frame ID: 58B7191966D0D2A6C59C10EEA8161E1B
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 50502A78E07932BAD3778367F53DC43C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BD386C2955DDF8F0ACD068263CC0670E
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=IXs0ybkpg0Izo0eeC2an&pi=adtelligent&tc=1
Frame ID: 25C3B6F233B25B2D2967B8CF7A35A9F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://secure-web.cisco.com/1HcpZDCozyzVOO7_XCeRzXFpHCZa1aZjRPE67LxV8C_Z4fJGaIfn4aSLl2Mqa3swnDzJjOiEufhi... HTTP 302
https://www.123greetings.com/send/view/12520120910320702226/r10 Page URL

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

347
Requests

99 %
HTTPS

47 %
IPv6

41
Domains

65
Subdomains

53
IPs

10
Countries

9637 kB
Transfer

15367 kB
Size

5
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://studio.123greetings.com/
Title: Studio

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/blog/
Title: Editor Bob's Blog

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/company/pressroom/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://blog.123greetings.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://widgets.123greetings.com/
Title: Widgets

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/tell-a-friend
Title: Recommend Us

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/contact_us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://vdo.ai/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://secure-web.cisco.com/1HcpZDCozyzVOO7_XCeRzXFpHCZa1aZjRPE67LxV8C_Z4fJGaIfn4aSLl2Mqa3swnDzJjOiEufhiBMam2IZTHaEBRLe95GpbZR2OhUQKe82fxb16E5YKqfpNYrNCy66x1L5JIZkka8UZ-CawSRfDsLX_glE96EyDbqSpgeITo9HPzhA3jDYBac6QsmGUNxXTMFOF3wac274We-rKi6WH7Icm895Danf8kbz1HoiuCIzbj3sgT0NqrS8acCivPeGvYgWxWCpYfMjH7RV4iBaYUF186Ukh3CZSM70VAg_ct_41vyVe3cx-NJiPsjG2Qo6U6K_p467MELr4lvsl3qdoprOk8337P4fHajXX0MWzpkhkw_I89nifKS3vL_IhuUjAiTNl23yQeK0u3o5GOaR4Qpebh40GPBtvSL7cXK_wbJSXpTpYmA4t_PYHoX_egSaAe-i6lUHJe3xo6HliRenhN5w/https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10 HTTP 302
https://www.123greetings.com/send/view/12520120910320702226/r10 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=3509267590.3225155&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&dvis=visible HTTP 302
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=3509267590.3225155&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&dvis=visible&ip=185.156.175.187&cuidchk=1

Request Chain 166

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 168

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 169

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 231

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.123greetings.com%2F&domain=www.123greetings.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=uJFmUnx5UThYTHloTVJLMFhoejYydDNmMTMvRkE4NktBNWszZmFjaTh3WXY4NzFTTHVsQ1o2OFVvWC9MNHZaQm42djJMNXcwTEMrd2F6VEwvcmlaYjc0VFFZNGRnVmlTRlh4N1NIaVE2OUlmKzJFSXg1Zm1HR0xpOUtoUlZ2ck1ORWs2UDJ0NEpsY09FRHZIWlE0QkJJNjBTZ3VkYnFRVERuTE43V29KSEViSEV2UzVmMnRwRGlEdHBhdVF1cjJnNWJLTGNBTTdSRHZlWG12RTNuMnZQOGxGQ2VmY1VSYmo5NU1GT0NDanFxZmlUcDY0PXw&cppv=2

Request Chain 239

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.123greetings.com%2F&domain=www.123greetings.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=A6SsDHxsaHY3MVR1bUhWcUhFVVdnTEhPYzRRUkE2T2h3T3B2NVpmRk9pUkxJbjFFbkVwM3Rza1hCSCtzeUhXQnNDV3ZVUlgwbEE3cHJnbVdZcHhLS1NXRFlqVVNBSXlOZEZZeDRQbzQyYnpxSlFMdWF4bzlCcUVITnhCRTNWRC9OdXV5SWxIdUlQeDkwbEZlb20wUCs0VHZnSldqZ0VLZWhhRDlmNlhjNmNOY3VUT2tQVWJlWDVSV2t3eE40ZTVyY2h4aGluUVp4QmQ3ZGVIYTlkZjRydGJmdVltUXFQWDlrWmpkbjF4OS84VWtDQ0hRPXw&cppv=2

Request Chain 256

https://cm.mgid.com/m?cdsp=363893&adu=https%3A%2F%2Fprebidserver.pixfuture.com%3A8000%2Fsetuid%3Fbidder%3Dmgid%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%7Bmuidn%7D HTTP 301
https://prebidserver.pixfuture.com:8000/setuid?bidder=mgid&gdpr=1&gdpr_consent=&uid=kbujENlHTdxa

Request Chain 312

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
https://de.tynt.com/deb/?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X

Request Chain 314

https://creativecdn.com/cm-notify?pi=adtelligent HTTP 302
https://ams.creativecdn.com/cm-notify?pi=adtelligent&tc=1 HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=IXs0ybkpg0Izo0eeC2an&pi=adtelligent&tc=1

Request Chain 315

https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=a265e13f-c70c-4dbd-82b2-deb615c5d554

Request Chain 316

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=38ef30dd4f048a2f27271b46

Request Chain 317

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d1891896c628ffb7

347 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set r10 Show response
www.123greetings.com/send/view/12520120910320702226/
Redirect Chain

https://secure-web.cisco.com/1HcpZDCozyzVOO7_XCeRzXFpHCZa1aZjRPE67LxV8C_Z4fJGaIfn4aSLl2Mqa3swnDzJjOiEufhiBMam2IZTHaEBRLe95GpbZR2OhUQKe82fxb16E5YKqfpNYrNCy66x1L5JIZkka8UZ-CawSRfDsLX_glE96EyDbqSpgeIT...
https://www.123greetings.com/send/view/12520120910320702226/r10

30 KB
30 KB

6848ms
6457ms

Document
text/html

184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

f65f857f51ac77f3053e7aa9d0b8c1d67199d982eb9c1f82e8895f6efec7a7a9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.123greetings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Dec 2020 18:33:08 GMT
Server: Apache/2.2.15 (CentOS)
X-Frame-Options: SAMEORIGIN
transfer-encoding: chunked
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

Redirect headers

Server: nginx/1.17.8
Date: Wed, 30 Dec 2020 18:33:07 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Harpe-Token
Location: https://www.123greetings.com/send/view/12520120910320702226/r10
X-Harpe-Verdict: harpe_allow

GET
H/1.1 200
OK fcp_R1.css
c.123g.us/css/ 14 KB
4 KB 135ms
35ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/fcp_R1.css
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 30356f4ee7951ecbcb3b3581c7382375d9a6b3f7758387b159161f314b0dcf89

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 08:31:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Apr 2020 06:03:53 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2541693
ETag: "2476a-362a-5a23472e28440"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3493
jake_test: Test_Pass

GET
H/1.1 200
OK jquery.js Show response
c.123g.us/js2/ 92 KB
33 KB 141ms
41ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 19:24:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1206511
ETag: "16f3a-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33449
jake_test: Test_Pass
Expires: Thu, 17 Dec 2020 13:39:33 GMT

GET
H/1.1 200
OK swfobject.js Show response
c.123g.us/js2/ 10 KB
4 KB 135ms
35ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/swfobject.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 05:06:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1171591
ETag: "261f-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3868
jake_test: Test_Pass
Expires: Thu, 17 Dec 2020 14:11:06 GMT

GET
H/1.1 200
OK 123g_utils_v1.js Show response
c.123g.us/js2/ 123 KB
30 KB 139ms
40ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_utils_v1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 123befcec3590e5fac545c132399414c8baffc3e28840d6df912070e2a0fdeff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Dec 2020 10:42:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 10:40:59 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2274621
ETag: "2c311-1ed5c-5b3459d6f84c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30530
jake_test: Test_Pass

GET
H/1.1 200
OK utilsopt.js Show response
c.123g.us/js2/ 22 KB
7 KB 137ms
37ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/utilsopt.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Dec 2020 10:42:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 10:40:59 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2274621
ETag: "2c7c8-57b2-5b3459d6f84c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6801
jake_test: Test_Pass

GET
H/1.1 200
OK 123g_static.js Show response
c.123g.us/js2/ 135 KB
25 KB 143ms
44ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_static.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 62920b1fb80cd4c66afd8dc2c721f4f8aa3432ba23018bae94bd7a35835bf680

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 04 Dec 2020 16:05:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Nov 2020 09:38:26 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2255280
ETag: "21bf5-5b3bd70c98880"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24893
jake_test: Test_Pass
Expires: Thu, 10 Dec 2020 09:55:26 GMT

GET
H/1.1 200
OK jquery.blockUI.js Show response
c.123g.us/js2/ 8 KB
3 KB 171ms
35ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.blockUI.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 15:09:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 703440
ETag: "1fe9-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3052
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 15:24:17 GMT

GET
H/1.1 200
OK rakpanel.js Show response
c.123g.us/js2/ 3 KB
2 KB 171ms
35ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/rakpanel.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 05:42:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Aug 2018 13:50:01 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2379060
ETag: "d4c-57300e747f440"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1626
jake_test: Test_Pass
Expires: Thu, 03 Dec 2020 06:01:12 GMT

GET
H/1.1 200
OK addressbook.js Show response
c.123g.us/js2/ 397 KB
75 KB 199ms
38ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/addressbook.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fedb307abb8149c457e5f1df0e2ae11452c2179f57d56a30c5558e0e98fb2d40

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 18:56:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 10:40:59 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2504219
ETag: "2c400-63523-5b3459d6f84c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76755
jake_test: Test_Pass

GET
H/1.1 200
OK date.js Show response
c.123g.us/js2/calendar/ 3 KB
1 KB 203ms
31ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/calendar/date.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 05 Dec 2020 08:51:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:21 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2194893
ETag: "2c3fe-afa-54a227da71a40"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 974
jake_test: Test_Pass

GET
H/1.1 200
OK jquery.datePicker.js Show response
c.123g.us/js2/calendar/ 15 KB
5 KB 204ms
32ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/calendar/jquery.datePicker.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 15:31:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 615690
ETag: "3d65-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4593
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 15:46:44 GMT

GET
H/1.1 200
OK jquery.ajax_autocomplete.js Show response
c.123g.us/js2/ 32 KB
10 KB 224ms
44ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 01:10:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 08:18:53 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2395363
ETag: "7f11-5b19d2e943540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9770
jake_test: Test_Pass
Expires: Thu, 03 Dec 2020 01:25:51 GMT

GET
H/1.1 200
OK jquery.bxslider_new.js Show response
c.123g.us/js2/ 20 KB
5 KB 226ms
34ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.bxslider_new.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 15:29:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 615800
ETag: "50ba-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5210
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 15:44:54 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7841e30d2ebdc4b7b4ce0cca7dfe674224a7dd17eb1f4664c97aa4178ff20bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DO0iLYe+m/xZgahNvA4hsQ==
cross-origin-resource-policy: cross-origin
expires: Wed, 30 Dec 2020 18:48:18 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1778
x-fb-rlafr: 0
x-fb-debug: gpnVTgqtf9Am4Wauate0vv/R0aaay7OdR7ejQ3+1G3uL/noHExEUetHs3FDO2Za4PA06ifdp+27j0LelNxkFMg==
x-fb-trip-id: 2050670934
x-fb-content-md5: fee39ad933c57ba523db516f3fb13a24
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 30 Dec 2020 18:33:14 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "4f87b9e6c08291e0e37d732a3a85c6ca"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3076315-1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2182649a98ad5421bc74f1f2b03ae0966959c03591009d28f8c58ebf8ec3b591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38968
x-xss-protection: 0
last-modified: Wed, 30 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Dec 2020 18:33:14 GMT

GET
H2 200 e47fcb2b18197865491676b615dbb0f9011a95a1.js Show response
cdn.izooto.com/scripts/ 6 KB
2 KB 38ms
21ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/e47fcb2b18197865491676b615dbb0f9011a95a1.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7689090e677b378b1483520c11c02bbe53f326bf0aa1c18b3d516873abad1f4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:14 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 16:08:18 GMT
server: cloudflare
age: 398132
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=691200
expires: Thu, 07 Jan 2021 18:33:14 GMT
cf-ray: 609dd91abaae2b7d-FRA
cf-request-id: 07568604b600002b7d71996000000001
cf-bgj: minify

GET
H/1.1 200
OK styleopt_R1.css
c.123g.us/css/ 80 KB
16 KB 43ms
41ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/styleopt_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e42ded22e1888b43db2267140c74bc8490431dc6e3422ab9a4897d67066f6e30

Request headers

Referer: https://c.123g.us/css/fcp_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Dec 2020 07:37:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 07:35:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1508152
ETag: "13f79-5b19c94bd4600"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16142
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 15:45:00 GMT

GET
H/1.1 200
OK modal_window_R1.css
c.123g.us/css/ 33 KB
7 KB 56ms
32ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/modal_window_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Referer: https://c.123g.us/css/fcp_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 13:47:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 09:39:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1140333
ETag: "8220-5a7b79d367980"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6727
jake_test: Test_Pass
Expires: Thu, 17 Dec 2020 14:02:43 GMT

GET
H/1.1 200
OK print_card_R1.css
c.123g.us/css/ 3 KB
1 KB 55ms
31ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/print_card_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb

Request headers

Referer: https://c.123g.us/css/fcp_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Dec 2020 07:57:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 11:22:16 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2111725
ETag: "2453f-af1-571586437ea00"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 807
jake_test: Test_Pass

GET
H/1.1 200
OK ajax-fileuploader.gif
c.123g.us/images/ 11 KB
11 KB 34ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/ajax-fileuploader.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 07:44:13 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:44 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1594141
ETag: "9cf8b-2a43-54a227b728700"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10819
jake_test: Test_Pass

GET
H/1.1 200
OK 123g_master_bg.png
c.123g.us/images/ 145 B
500 B 31ms
31ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_bg.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 18:03:43 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 520171
ETag: "91-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:27:32 GMT

GET
H/1.1 200
OK master_img_menu.png
c.123g.us/images/ 6 KB
6 KB 33ms
33ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_img_menu.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 08:40:15 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1590779
ETag: "1861-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6241
jake_test: Test_Pass
Expires: Sat, 12 Dec 2020 08:55:17 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
141 KB 43ms
42ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Dec 2020 05:44:39 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2119715
ETag: "230cb-5979e1c4d2cc0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass
Expires: Sun, 06 Dec 2020 06:03:09 GMT

GET
H/1.1 200
OK big_img_sprite.png
c.123g.us/images/ 134 KB
134 KB 43ms
43ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/big_img_sprite.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 02:34:45 GMT
Last-Modified: Wed, 11 Sep 2019 08:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2563109
ETag: "21653-59242fbe2e0c0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136787
jake_test: Test_Pass
Expires: Tue, 01 Dec 2020 02:49:58 GMT

GET
H/1.1 200
OK master_icon_set_2.png
c.123g.us/images/ 107 KB
108 KB 36ms
36ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9579d339e6d8722afe4bf01403ed0437ddbc750601cc76bd28603742d21db7b0

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 06:46:24 GMT
Last-Modified: Sat, 26 Dec 2020 06:44:49 GMT
Server: Apache/2.2.15 (CentOS)
Age: 388010
ETag: "1ad75-5b7586095fa40"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 109941
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:01:24 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 195 KB
59 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e77f2bfcba1687ab14fe5550b5a76dc1&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df9e42827474b5b933a3b458899d8d6d88e7c0a518f7598952e3e82709f8fdd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.123greetings.com
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: kedDAezRNb9EmeKfvg+Z1g==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60129
x-fb-rlafr: 0
x-fb-debug: iTrpB3HcWdB+U0DzyloWvWOCxOYZX9BmbWdl/Ee+cn5EDOIGUsTmFTlerckM81ybA0hZuVtopC8iTyvzsmJilw==
x-fb-trip-id: 436667874
x-fb-content-md5: 83e8e8b85fce21467a538e33cf560eb9
x-frame-options: DENY
date: Wed, 30 Dec 2020 18:33:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "bc32ffeadb825d7e5fe239b2e0fda9db"
timing-allow-origin: *
expires: Thu, 30 Dec 2021 17:30:58 GMT

GET
H/1.1 200
OK request.js Show response
trkn.us/info/ 2 KB
1 KB 537ms
134ms Script
application/javascript 52.54.0.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=3509267590.3225155

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.0.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-0-202.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f14d17c9c8cfd3254ebbb6605fd8092439de906772dcb5df55d66d591d44e672

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Dec 2020 18:33:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 733
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 139 KB
36 KB 25ms
24ms Script
application/javascript 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/e47fcb2b18197865491676b615dbb0f9011a95a1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd708bf94bac4c399e9bc5b75b1dc8890c1164c0bd10a071be8a82497b64191b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 425405
cf-polished: origSize=142118
last-modified: Fri, 18 Dec 2020 20:21:06 GMT
cf-request-id: 075686054300002b7d72afa000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-xss-protection: 1; mode=block
cache-control: public, max-age=691200
cf-ray: 609dd91b9d412b7d-FRA
expires: Thu, 07 Jan 2021 18:33:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3076315-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2560
date: Wed, 30 Dec 2020 17:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 30 Dec 2020 19:50:34 GMT

GET
H2 200 iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame 34FB 0
0 18ms
18ms Document
text/html 2606:4700::6812:d841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn.izooto.com
:scheme: https
:path: /scripts/sak/iz_setcid.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

date: Wed, 30 Dec 2020 18:33:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da76f5742597a2cc623c78bbcf9efd4231609353194; expires=Fri, 29-Jan-21 18:33:14 GMT; path=/; domain=.izooto.com; HttpOnly; SameSite=Lax
last-modified: Tue, 11 Feb 2020 13:01:43 GMT
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 398139
expires: Tue, 02 Mar 2021 18:33:14 GMT
cache-control: public, max-age=5356800
cf-request-id: 075686056e00002b7d639a9000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 609dd91bee182b7d-FRA
content-encoding: br

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 55ms
43ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=6268317308&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e77f2bfcba1687ab14fe5550b5a76dc1&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: /SHKUDX4qRcjnUAs7ddKru/OCv4b6vEZvA63ql5zRtRsNupIFCQ/HosbyvYCFP/Qe6Wg5CAEO9aXL+kK+g6vnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Wed, 30 Dec 2020 18:33:14 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
390 B 50ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=375897132&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=723190052&gjid=1991606167&cid=580540161.1609353195&tid=UA-3076315-1&_gid=585063894.1609353195&_r=1&gtm=2oubu0&z=777870203

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 201 B
529 B 33ms
33ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Dec 2020 10:53:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1496404
ETag: "c9-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
jake_test: Test_Pass
Expires: Sun, 13 Dec 2020 11:08:10 GMT

GET
H/1.1

200
OK

/
trkn.us/info/
Redirect Chain

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=3509267590.3225155&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&dvis=visible
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=3509267590.3225155&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&dvis=visible&ip=185.156.175.1...

42 B
758 B

137ms
137ms

Image
image/gif

52.54.0.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=3509267590.3225155&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&dvis=visible&ip=185.156.175.187&cuidchk=1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.0.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-0-202.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Dec 2020 18:33:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Wed, 30 Dec 2020 18:33:15 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=3509267590.3225155&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&dvis=visible&ip=185.156.175.187&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H/1.1 200
OK 345238_details.js Show response
x.123g.us/json/ 3 KB
1 KB 451ms
345ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/345238_details.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a1d54f9649e67de3f4c9dad04c0f7b47e4f7d67f94aa9f95c105c9aa8fc7c68e

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 17:33:39 GMT
Server: Apache/2.2.15 (CentOS)
Age: 0
ETag: "ace-5b7b1e85c22c0"
Vary: Accept-Encoding
Content-Type: text/javascript
access-control-allow-origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 902
jake_test: Test_Pass
Expires: Wed, 30 Dec 2020 18:48:16 GMT

GET
H/1.1 200
OK menu.js Show response
x.123g.us/json/ 70 KB
13 KB 43ms
43ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/menu.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 129cffbf3312b2c53382db680a39acc9ec3ed60ac8a3dab442d61b03a7e2e3ff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:16:10 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 18:07:14 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1026
ETag: "1165f-5b7b260769880"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13007
jake_test: Test_Pass
Expires: Wed, 30 Dec 2020 18:31:26 GMT

GET
H/1.1 200
OK 345238_pc.jpg
i.123g.us/c/edec_c_newjingle/pc/ 77 KB
77 KB 148ms
43ms Image
image/jpeg 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/edec_c_newjingle/pc/345238_pc.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 271f9493a3f0b7c107af7edb33ee8972351a1ecc590191ca77fb2300ebc54b1b

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:21:40 GMT
Last-Modified: Sat, 19 Dec 2020 08:42:25 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713496
ETag: "13369-5b6cd34445e40"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78697
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 04:46:33 GMT

GET
H/1.1 200
OK play-button.png
c.123g.us/images/ 3 KB
3 KB 33ms
33ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/play-button.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 19:15:14 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1984682
ETag: "afd-54da7c7a66000"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2813
jake_test: Test_Pass
Expires: Thu, 24 Dec 2020 18:24:31 GMT

GET
H/1.1 200
OK 345238_bg.gif
i.123g.us/c/edec_c_newjingle/bg/ 210 B
565 B 133ms
35ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/edec_c_newjingle/bg/345238_bg.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 10f53fa2d186cab69df54f72edf6e785eafe9666dc409ae4dfe1fea405e20044

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:21:40 GMT
Last-Modified: Sat, 19 Dec 2020 08:42:07 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713496
ETag: "d2-5b6cd3331b5c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 16:30:23 GMT

GET
H2 200 like.php
www.facebook.com/v2.0/plugins/ Frame D4D4 0
0 91ms
91ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd694e54fbcdc%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1a1b3738ef4624%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchristmas%2Fmerry_christmas%2Fchristmas_blessings_of_the_lord_.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e77f2bfcba1687ab14fe5550b5a76dc1&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd694e54fbcdc%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff1a1b3738ef4624%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fevents%2Fchristmas%2Fmerry_christmas%2Fchristmas_blessings_of_the_lord_.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: zPYlmkDZaA9pAcEQDwOwaFcbSTolkqhevhtossjLY21XCizH7a+GQdh4UM32H80W9KWL9vFlU8AItY8jmTH2SQ==
date: Wed, 30 Dec 2020 18:33:16 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 PinExt.png
assets.pinterest.com/images/ 936 B
1 KB 22ms
6ms Image
image/png 2a04:4e42:3::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.pinterest.com/images/PinExt.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:16 GMT
x-cdn: fastly
etag: "61ed0472dfcbfaf25e7585f119adf76a"
vary: Origin
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-CDN
cache-control: max-age=86400
access-control-max-age: 86400
content-length: 936

GET
H/1.1 206
Partial Content 345238.mp4
v.123g.us/vod/edec_c_newjingle/ 16 KB
0 467ms
344ms Media
video/mp4 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/edec_c_newjingle/345238.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 30 Dec 2020 18:33:16 GMT
Last-Modified: Sat, 19 Dec 2020 09:07:12 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 0
ETag: "632ca3-5b6cd8ce8ef23"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 0-6499490/6499491
Connection: keep-alive
Content-Length: 6499491

GET
H/1.1 206
Partial Content 345238.mp4
v.123g.us/vod/edec_c_newjingle/ 48 KB
0 437ms
314ms Media
video/mp4 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/edec_c_newjingle/345238.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 30 Dec 2020 18:33:16 GMT
Last-Modified: Sat, 19 Dec 2020 09:07:12 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 0
ETag: "632ca3-5b6cd8ce8ef23"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 0-6499490/6499491
Connection: keep-alive
Content-Length: 6499491

GET
H/1.1 200
OK master_img_menu.png
c.123g.us/images/ 6 KB
6 KB 32ms
32ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_img_menu.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 12 Dec 2020 08:40:15 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1590781
ETag: "1861-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6241
jake_test: Test_Pass
Expires: Sat, 12 Dec 2020 08:55:17 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
141 KB 34ms
34ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Dec 2020 05:44:39 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2119717
ETag: "230cb-5979e1c4d2cc0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass
Expires: Sun, 06 Dec 2020 06:03:09 GMT

GET
H/1.1 200
OK tagclouds_cards.js Show response
x.123g.us/json/ 3 KB
1 KB 44ms
44ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/tagclouds_cards.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9b33ae84f06f7e6c15c082fedcac87dfebcfc63242c40bc5fd2de85ffa9c6891

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:22:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 18:02:17 GMT
Server: Apache/2.2.15 (CentOS)
Age: 641
ETag: "b78-5b7b24ec2bc40"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 676
jake_test: Test_Pass
Expires: Wed, 30 Dec 2020 18:37:37 GMT

GET
H/1.1 200
OK check_js_file.pl Show response
www.123greetings.com/usr-bin/ 19 B
285 B 591ms
591ms XHR
text/html 184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/usr-bin/check_js_file.pl?card_number=345238

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

c2668ef399dd267e5ac705229383957fecfa06dfcf54ed989b47e098a86f5729

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Frame-Options: SAMEORIGIN
transfer-encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 201 B
529 B 31ms
31ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Dec 2020 10:53:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1496406
ETag: "c9-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
jake_test: Test_Pass
Expires: Sun, 13 Dec 2020 11:08:10 GMT

GET
H/1.1 200
OK Cookie set summary Show response
www.123greetings.com/send/fcp_track/332f446b657a7d6b4268772e6e2d74405c276a7a7c/12520120910320702226/ Frame 6314 5 KB
5 KB 1573ms
1324ms Document
text/html 184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/send/fcp_track/332f446b657a7d6b4268772e6e2d74405c276a7a7c/12520120910320702226/summary

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.123greetings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: _ga=GA1.2.580540161.1609353195; _gid=GA1.2.585063894.1609353195; _gat_gtag_UA_3076315_1=1; config_data=CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

Cache-control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Wed, 30 Dec 2020 18:33:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Frame-Options: SAMEORIGIN
transfer-encoding: chunked
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
19 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678c16283762d2d1a12c9b055cf3e4333ca3c4c6638a95741f1130084882756f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "739 / 66 of 1000 / last-modified: 1608034737"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18850
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:16 GMT

GET
H2 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 112ms
40ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 21ms
20ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 190 KB
25 KB 746ms
706ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3023626409160711&correlator=2026535802037611&output=ldjh&impl=fifs&eid=21067995&vrg=2020120801&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201230&iu_parts=46400095%2CDesktopWeb_Finalcard_LB%2CDesktopWeb_Finalcard_Sky%2CDesktopWeb_Finalcard_LowerLB%2CDesktopWeb_Finalcard_Preroll%2CDesktopWeb_Finalcard_FCPLarge1%2CDesktopWeb_Finalcard_FCPLarge2%2CDesktopWeb_Finalcard_FCPLarge3%2CDesktopWeb_Finalcard_Video&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=728x90%2C160x600%2C970x90%7C728x90%7C970x250%2C300x250%7C336x280%7C360x300%2C300x250%2C300x250%2C300x250%2C1x1&cust_params=site%3D123greetings.com%26section%3Dedec_c_newjingle%26page%3Dfinalcard&cookie_enabled=1&bc=31&abxe=1&lmt=1609353196&dt=1609353196723&dlt=1609353194548&idt=2150&frm=20&biw=1600&bih=1200&oid=3&adxs=560%2C1114%2C310%2C410%2C332%2C650%2C968%2C0&adys=47%2C236%2C1562%2C535%2C970%2C970%2C970%2C1846&adks=3337616149%2C1542450727%2C4029745640%2C3714999025%2C3462125275%2C1838853332%2C2455301282%2C2411661447&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90%7C172x612%7C980x127%7C470x316%7C980x300%7C980x300%7C980x300%7C1600x1837&msz=728x90%7C160x600%7C980x90%7C470x270%7C314x264%7C314x264%7C314x264%7C1600x1&ga_vid=580540161.1609353195&ga_sid=1609353197&ga_hid=375897132&fws=4%2C4%2C0%2C0%2C0%2C0%2C0%2C0&ohw=728%2C160%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

fdc36d0b413db098a12a47bc3a167b7097f400ea9c69a366492ef50945c2bc70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24960
x-xss-protection: 0
google-lineitem-id: 5183673766,287186655,237051975,-1,-1,-1,-1,5484456697
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138288771224,113980516335,99278302815,-1,-1,-1,-1,138324624061
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
272015d200ed39fc26ed2a74054dc622.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
14ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://272015d200ed39fc26ed2a74054dc622.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 206
Partial Content 345238.mp4
v.123g.us/vod/edec_c_newjingle/ 43 KB
43 KB 176ms
55ms Media
video/mp4 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/edec_c_newjingle/345238.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash: 4ca3bc81ff1b14149f62de14b1ce66ed63061b4e6879c9ca7b28b2dfd665e5f9

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=6455296-

Response headers

Date: Wed, 30 Dec 2020 18:33:16 GMT
Last-Modified: Sat, 19 Dec 2020 09:07:12 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 0
ETag: "632ca3-5b6cd8ce8ef23"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 6455296-6499490/6499491
Connection: keep-alive
Content-Length: 44195

GET 345238.mp4
v.123g.us/vod/edec_c_newjingle/ 0
0

GET
H/1.1 200
OK fcp_thankyou.js Show response
x.123g.us/json/ 4 KB
1 KB 33ms
33ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/fcp_thankyou.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:30:57 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 May 2020 08:02:46 GMT
Server: Apache/2.2.15 (CentOS)
Age: 140
ETag: "f55-5a5bf5ae75580"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1026
jake_test: Test_Pass
Expires: Wed, 30 Dec 2020 18:46:33 GMT

GET
H/1.1 206
Partial Content 345238.mp4
v.123g.us/vod/edec_c_newjingle/ 80 KB
0 37ms
37ms Media
video/mp4 67.27.157.252
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/edec_c_newjingle/345238.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.157.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.4.10 (Unix) OpenSSL/1.0.2a /
Resource Hash

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=32768-

Response headers

Date: Wed, 30 Dec 2020 18:33:16 GMT
Last-Modified: Sat, 19 Dec 2020 09:07:12 GMT
Server: Apache/2.4.10 (Unix) OpenSSL/1.0.2a
Age: 1
ETag: "632ca3-5b6cd8ce8ef23"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 32768-6499490/6499491
Connection: keep-alive
Content-Length: 6466723

GET
H/1.1 200
OK thank_sendcard_v3.js Show response
x.123g.us/json/ 582 B
757 B 59ms
58ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/thank_sendcard_v3.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ad34ccf3280365b76b2225afc498f2c14a75774690f3d258c2f792c930e1ab1

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:24:58 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 18:01:18 GMT
Server: Apache/2.2.15 (CentOS)
Age: 499
ETag: "246-5b7b24b3e7780"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 319
jake_test: Test_Pass
Expires: Wed, 30 Dec 2020 18:39:58 GMT

GET
H/1.1 200
OK edec_c_thankyou.js Show response
x.123g.us/json/ 174 KB
20 KB 48ms
48ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/edec_c_thankyou.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 853b899d696b5e0f490a54b0348117f9fd92261708804e0f36377883f83fda85

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:21:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 17:42:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 705
ETag: "2b88c-5b7b20638ca00"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20501
jake_test: Test_Pass
Expires: Wed, 30 Dec 2020 18:44:39 GMT

GET
H/1.1 200
OK ejan_ny.js Show response
x.123g.us/json/ 90 KB
18 KB 56ms
56ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/ejan_ny.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 644b3b16669314a89594e0ce2dcb1256a31de3ce8c199f0abb4ed7bdbe574621

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:11:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 17:42:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1333
ETag: "1683a-5b7b207d4c6c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18046
jake_test: Test_Pass
Expires: Wed, 30 Dec 2020 18:27:01 GMT

GET
H/1.1 200
OK ejan_ny_topcards.js Show response
x.123g.us/json/ 5 KB
2 KB 36ms
36ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/ejan_ny_topcards.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 6d79e99d5df4bd7fa2ab47b5f28acd5fe734289bbf7758932c68f859b99a52c7

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:26:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2020 18:11:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 384
ETag: "1515-5b7b26f8b11c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1293
jake_test: Test_Pass
Expires: Wed, 30 Dec 2020 18:42:20 GMT

GET
H/1.1 200
OK big_img_sprite.png
c.123g.us/images/ 134 KB
134 KB 32ms
31ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/big_img_sprite.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer: https://c.123g.us/css/fcp_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 02:34:45 GMT
Last-Modified: Wed, 11 Sep 2019 08:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2563112
ETag: "21653-59242fbe2e0c0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136787
jake_test: Test_Pass
Expires: Tue, 01 Dec 2020 02:49:58 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
141 KB 36ms
36ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer: https://c.123g.us/css/fcp_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 06 Dec 2020 05:44:39 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2119718
ETag: "230cb-5979e1c4d2cc0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass
Expires: Sun, 06 Dec 2020 06:03:09 GMT

GET
H/1.1 200
OK carousel_thank.json Show response
x.123g.us/json/ 5 KB
5 KB 192ms
75ms XHR
application/json 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/carousel_thank.json
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: edac864025d2ddf623d08b2478bbda55ebd33ae2a7dc7b248c3a6c1426013094

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:08:02 GMT
Last-Modified: Wed, 30 Dec 2020 18:07:17 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1515
ETag: "13b3-5b7b260a45f40"
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5043
jake_test: Test_Pass
Expires: Wed, 30 Dec 2020 18:24:11 GMT

GET
H/1.1 200
OK 332228_th.gif
i.123g.us/c/ejan_ny_happy/th/ 6 KB
7 KB 35ms
33ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/332228_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0cf35f07795c660e4c60a9ad862e62af9dfa4f2de3faf5538b081895204098e6

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 07:22:49 GMT
Last-Modified: Mon, 30 Nov 2020 08:12:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 385828
ETag: "19b3-5b54e935d6000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6579
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 10:36:44 GMT

GET
H/1.1 200
OK 336844_th.gif
i.123g.us/c/ejan_ny_happy/th/ 8 KB
8 KB 37ms
35ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/336844_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 17e4ce4b9cbbb056783083576973602113b5208319d9038be8487f50d4dd7485

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:04 GMT
Last-Modified: Tue, 08 Dec 2020 12:31:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713473
ETag: "1f2c-5b5f31e626ac0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7980
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:10 GMT

GET
H/1.1 200
OK 341615_th.gif
i.123g.us/c/ejan_ny_happy/th/ 8 KB
8 KB 69ms
33ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/341615_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21b0414773d12d99d3b12aa6e561370493f374d3e82ad2d4647f775fa27b5585

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:23:28 GMT
Last-Modified: Tue, 15 Dec 2020 14:19:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713389
ETag: "1ffb-5b68173b79200"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8187
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:38:28 GMT

GET
H/1.1 200
OK closeBtn_h.png
c.123g.us/images/ 1 KB
1 KB 34ms
32ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/closeBtn_h.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 07 Dec 2020 14:01:59 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2003478
ETag: "42a-54da7c7a66000"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1066
jake_test: Test_Pass
Expires: Sun, 13 Dec 2020 15:03:34 GMT

GET
H/1.1 200
OK 126362_th.gif
i.123g.us/c/edec_c_thankyou/th/ 8 KB
8 KB 72ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/edec_c_thankyou/th/126362_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3933da3b6b6d80b072fcb813763cd58e5d3827a1bd7df5c9c997cbdf46944d03

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:21:20 GMT
Last-Modified: Mon, 24 Feb 2014 09:48:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713517
ETag: "1fe7-4f323e08414c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8167
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:36:59 GMT

GET
H/1.1 200
OK 345105_th.jpg
i.123g.us/c/edec_c_thankyou/th/ 6 KB
7 KB 103ms
34ms Image
image/jpeg 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/edec_c_thankyou/th/345105_th.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 474ec785bc51c33eaacec0b14c6af0ad56a3984f2f41ca06ca25df3d3931db2b

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:21:12 GMT
Last-Modified: Wed, 09 Dec 2020 04:53:44 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713525
ETag: "1968-5b600d804c600"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6504
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:00 GMT

GET
H/1.1 200
OK 121537_th.gif
i.123g.us/c/edec_c_thankyou/th/ 8 KB
8 KB 108ms
36ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/edec_c_thankyou/th/121537_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7612d016dc83a6946de83a852657b781471ee8c2ee48d931d14a0848d9c30ab7

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:21:15 GMT
Last-Modified: Mon, 24 Feb 2014 09:48:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713522
ETag: "1fe5-4f323e08414c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8165
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:36:36 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 93E9 0
0 41ms
41ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhNoriMllxdm9g60BHt5VP_ZH_7MoCqIBmhhCesuppnQoDPyYsGa0dm8sA6fJKA6T9ubsRNH4dx-jDeBmuSBivREuR-TzHEnNVq8iBw0zghyboUt_wHk7IOeVuTTB219okf6MSiyoiUKoMAWSGE6cuedmyrKtmlvoJ5jXFFkDWK4XDcRj-9rwKRKc6u8ChR62nahzGI8Eaxw518U04b_llQv88VpjpY0Fz2BRAKyseAemlHUGA6m2b9I-gOY8HqLnlQYQz6wV7NoYMaza83ZxQ_HGfAsiLY7g&sai=AMfl-YQOvUHjmXTSjbFFnWKtYcNkIXc5UcSdyPFDygqZNcz6lz_UdTKiCpLWSpzMr5BN8azUQSgB8yg_w6LfZfEYJfJCn7nxHXdhRzbWXAZdXfCGoYd8mkegSAUq2gv1FeGB&sig=Cg0ArKJSzF9MC5v84-FEEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H/1.1 200
OK ads.js Show response
served-by.pixfuture.com/www/delivery/ Frame 93E9 3 KB
4 KB 386ms
124ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/ads.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6c47cf62b59b7a70cf1301ee79ab25193c347c114326dbab4c5170fc3dac5793

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:17 GMT
Last-Modified: Mon, 26 Oct 2020 19:24:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f972288-bac"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2988
Expires: Fri, 01 Jan 2021 18:33:17 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93E9 76 KB
29 KB 52ms
37ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0817 0
0 49ms
48ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUky7p48Lto3hOZtubW7EOZR2zqW8Hn8wSvyV9HxrfYZOreLaVBT1jyiTURym0tIVhbqeFekGNrEVOUWQWEYYKQjlIQzvVF3dErbjzGicGK8W-LFsbChyq86n7C301E8OBz0ds6e90k6xCWTQhztMH9ojqaLdZ_CvnES97EbybQ6hj_uBBFytezt5W2BFip5KR1dl-MtiB1YOhPpyFo7yORiRt5JUQTzJymCN0TmpoKSuYTOafUyil0NIADOHCOW8vADtW2_jUGCp1THS3L5d0uEnquwKXlInx&sai=AMfl-YRf13konDhs-hi8SuWM7xABPEH0ZEKcv6kBLjn7y-I2bkzEyCeb88z-eLUnjxqhKvUsJUqyUxam1zv0WzuM04RJ_AIiT1CZK5oswnlazX5nVkFRr53oZJ8Hr76YhVg1&sig=Cg0ArKJSzJXvuvwFrx-9EAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 0817 92 KB
32 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b06666a84e0d8fb440cd6dcfb4e9431e14f15ad1c20bc172fcafc23d9b081e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33111
x-xss-protection: 0
server: cafe
etag: 3338715496686780052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0817 76 KB
29 KB 46ms
35ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4756 0
0 49ms
48ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_qLIz5xHfF5DiN5huro3hWSoKO8gckX9svMjg9xhnOEtT5IkNGSRGe5kWCnn3eIYrUaCe8LJEU_M0m7vt4nhe1lSb_chtxencAbzBUI39AMS9DVLWzH6YroRQ3u4e0X5T-MCPYXhOLKGms_YhPL0w6kFribAIfw-1edk8JnGvZ_z3t_R8lnl1JYpuJUlEe_SmbDCYhAoWOsVrWS0DKbOsx7ZykYs41Ksjr4joTP3DyDVwGvAqEWCoobP48tKZVy0A0W1-xp3lCkGvbZpiQPENMoFmo9Qp-1YoZZU&sai=AMfl-YRgyCtqFT_pWQF0wEqrLoDC7GRTW80U8ih56NqacpeeNi2-dgznUfC6SJhZWoWmuD74ZPdbEqYLSegONnVUCgcIwG44wgEdwRzekFcLmFr2LRpdgv42CpObPu8pZa1p&sig=Cg0ArKJSzNQsyke2VQ0-EAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4756 92 KB
32 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b06666a84e0d8fb440cd6dcfb4e9431e14f15ad1c20bc172fcafc23d9b081e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33111
x-xss-protection: 0
server: cafe
etag: 3338715496686780052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4756 76 KB
29 KB 41ms
35ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame B3C0 180 KB
50 KB 35ms
11ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604307
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:30 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B3C0 13 KB
6 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604746
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:34:11 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B3C0 90 KB
27 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604308
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B3C0 3 KB
1 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604773
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:33:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:33:44 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame B3C0 41 KB
13 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604293
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B3C0 4 KB
725 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 30 Dec 2020 17:17:33 GMT
server: ESF
date: Wed, 30 Dec 2020 18:33:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
DATA 200
OK truncated
/ Frame B3C0 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31af7fe938fe7b647330365e525725fab6b5b12f239eb518c1de4cf526917e6f

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B3C0 2 KB
3 KB 41ms
27ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 68330
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Dec 2020 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B3C0 295 B
389 B 41ms
27ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 74396
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Dec 2020 21:53:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B3C0 0
0 15ms
14ms Image
text/html 2a00:1450:4001:814::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSf_F-yxoVKttOgQRV-OgWgEhbHz4iiowKtpRzrV08RbYWt7gBn083hmLz8zW2LtEOa4H26
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B3C0 0
0 45ms
44ms Image
text/html 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHwRo7MfsX8qAN6KrrATXhbown4fl5mClytqZsAzd2R4QASCF7JICYPWVzoHgBKABqKzH7gLIAQGpAhfv6h4YA7M-4AIAqAMByAMKqgSMAk_QpwWBBAC-ykh_i4Q-2JIrfJXgrgu2u4myaweLoiRdkf1y-1rHs_GpAT-afn3DuqkYDUkc-H8X9V699lstuH8F9Kgi7T20Wm66Q8VX_ofV0abHcJf0P34zLrBEwvrDh9HwtUV3qULjntf5VCtLAmdZA3hdLTIK03ua4VUsFR-XUFLFaBviVNDBkwHb7P-B2whjEW0pRLJ7ebz1gTllt5xCVep-nTBgeZEQmTZF76darxAoHQ3nUmaYIoIlTUby2wWn9LarrfaXxglNVLHwFdcolpTML9T92c3UVkHXkHc9zwuKdi55SbOBmmSJ07L1Lonq_vny38D4rp8dION7hh48A2NNB8LrawdxmDzABMPt1OKlA-AEAZIFBAgEGAGSBQQIBRgEgAewjruRAagH1ckbqAfw2RuoB_LZG6gHlJixAqgHpd8bqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcFEO7l-i3SCAkIgOGAQBABGB2ACgHICwHYEwyyFxoKGAgBEhRwdWItODI3NTMwMjEwNzY5MzY2NA&sigh=cf1_otonBgI&tpd=AGWhJmvHpe650eGu8QsqLeaBWUJk_mn0FVAIkwXbTluHuVzZKA
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s13-in-f226.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H/1.1 200
OK 336844_th.gif
i.123g.us/c/ejan_ny_happy/th/ 8 KB
8 KB 42ms
36ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/336844_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 17e4ce4b9cbbb056783083576973602113b5208319d9038be8487f50d4dd7485

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:04 GMT
Last-Modified: Tue, 08 Dec 2020 12:31:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713473
ETag: "1f2c-5b5f31e626ac0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7980
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:10 GMT

GET
H/1.1 200
OK 332228_th.gif
i.123g.us/c/ejan_ny_happy/th/ 6 KB
7 KB 38ms
32ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/332228_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0cf35f07795c660e4c60a9ad862e62af9dfa4f2de3faf5538b081895204098e6

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 07:22:49 GMT
Last-Modified: Mon, 30 Nov 2020 08:12:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 385828
ETag: "19b3-5b54e935d6000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6579
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 10:36:44 GMT

GET
H/1.1 200
OK 341615_th.gif
i.123g.us/c/ejan_ny_happy/th/ 8 KB
8 KB 40ms
31ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/341615_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21b0414773d12d99d3b12aa6e561370493f374d3e82ad2d4647f775fa27b5585

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:23:28 GMT
Last-Modified: Tue, 15 Dec 2020 14:19:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713389
ETag: "1ffb-5b68173b79200"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8187
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:38:28 GMT

GET
H/1.1 200
OK 341750_th.jpg
i.123g.us/c/ejan_orthodoxnew_year/th/ 8 KB
8 KB 55ms
35ms Image
image/jpeg 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/341750_th.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fd9c5b4c088958c2991b464c928739f0c956875c8dd947a4169b1f857f5c8ae4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 14:24:08 GMT
Last-Modified: Mon, 28 Dec 2020 13:52:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 187749
ETag: "1f44-5b786956cf600"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8004
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 15:49:58 GMT

GET
H/1.1 200
OK 345324_th.gif
i.123g.us/c/ejan_orthodoxnew_year/th/ 7 KB
7 KB 58ms
38ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/345324_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ef944c738ecf6aa4234cc1282bcb00325e02f90149f946fb58266aa878487cc

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 09:57:38 GMT
Last-Modified: Mon, 28 Dec 2020 06:48:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 203739
ETag: "1c4b-5b780a88c09c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7243
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 10:12:38 GMT

GET
H/1.1 200
OK 121385_th.gif
i.123g.us/c/ejan_thankyoucards/th/ 8 KB
8 KB 65ms
51ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/121385_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eda11c9193950556c5c996d33524cd9d9dc08f742d43460efe2193083b93f0c4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:32:56 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 712821
ETag: "1f90-4f323b80b5d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8080
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 17:05:16 GMT

GET
H/1.1 200
OK 117004_th.gif
i.123g.us/c/ejan_ny_thanku/th/ 7 KB
7 KB 43ms
40ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_thanku/th/117004_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3c316ed222febb84e230551c6cc8f856f5bde70076c91ff0ca24a8c191592352

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:48 GMT
Last-Modified: Mon, 02 Nov 2020 07:29:16 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713429
ETag: "1c97-5b31ab41eeb00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7319
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:40:37 GMT

GET
H/1.1 200
OK 103861_th.gif
i.123g.us/c/ejan_epiphanyday/th/ 7 KB
7 KB 35ms
35ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_epiphanyday/th/103861_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e694f33711aa21f4bc6d7745df8a71df916a7ed735c0245b6c294baa5a8d913d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:05 GMT
Last-Modified: Wed, 05 Aug 2015 11:11:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713472
ETag: "1bcb-51c8e76e1da40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7115
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:58:04 GMT

GET
H/1.1 200
OK 109293_th.gif
i.123g.us/c/ejan_danceday/th/ 6 KB
7 KB 32ms
31ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_danceday/th/109293_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 58694980bbc66f470a6a28d1bc7291726a7990beeb63a78eaeb04f64a4e7956d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 21:23:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 680976
ETag: "189d-4f323d104cbc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6301
jake_test: Test_Pass
Expires: Thu, 24 Dec 2020 06:54:41 GMT

GET
H/1.1 200
OK 341705_th.gif
i.123g.us/c/ejan_orthodoxchristmas/th/ 8 KB
8 KB 63ms
35ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxchristmas/th/341705_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4d3488633d427920b4765661f6037c8705d8bb3218e3f1e864027ab5b2dab95f

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 04:23:04 GMT
Last-Modified: Sat, 28 Dec 2019 05:35:21 GMT
Server: Apache/2.2.15 (CentOS)
Age: 655813
ETag: "1ff5-59abcf9ead840"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8181
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 04:38:04 GMT

GET
H/1.1 200
OK 315819_th.jpg
i.123g.us/c/ejan_bubblebathday/th/ 6 KB
7 KB 56ms
37ms Image
image/jpeg 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_bubblebathday/th/315819_th.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1f43a6c0703598c9c717bb370bc7c34e5ec71547923ffbe5731e12b2aed733b4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 18:12:48 GMT
Last-Modified: Mon, 05 Jan 2015 13:23:11 GMT
Server: Apache/2.2.15 (CentOS)
Age: 519629
ETag: "19e5-50be797854dc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6629
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 11:45:43 GMT

GET
H/1.1 200
OK 341706_th.gif
i.123g.us/c/ejan_orthodoxchristmas/th/ 8 KB
8 KB 44ms
38ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxchristmas/th/341706_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c5f99a5c3138bad204bc948a512fec9915ea748a01ccf12d90231a4eeaf654c7

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:25:58 GMT
Last-Modified: Mon, 30 Dec 2019 10:34:06 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713239
ETag: "1fa0-59ae962036380"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8096
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 08:10:35 GMT

GET
H/1.1 200
OK 120846_th.gif
i.123g.us/c/ejan_danceday/th/ 4 KB
4 KB 39ms
35ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_danceday/th/120846_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2b0399929f166d79f3dd74c1f6e1bb10cc6f8205daa4ebf8dc234d41a136f0f0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 06:39:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 561216
ETag: "100b-4f323d104cbc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4107
jake_test: Test_Pass
Expires: Tue, 29 Dec 2020 15:05:16 GMT

GET
H/1.1 200
OK 121394_th.gif
i.123g.us/c/ejan_thankyoucards/th/ 8 KB
8 KB 42ms
38ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/121394_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7516ab595a6d37e8976328b4043a1bf17a4a9d90feb9c1a7c442dfb8b6af2feb

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:42:31 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 712246
ETag: "1f46-4f323b80b5d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8006
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 08:24:41 GMT

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame C780 180 KB
50 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604307
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:30 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C780 13 KB
5 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604746
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:34:11 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C780 90 KB
27 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604308
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:29 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C780 3 KB
1 KB 41ms
28ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604773
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:33:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:33:44 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame C780 41 KB
13 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604293
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:44 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C780 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 68330
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Dec 2020 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C780 295 B
320 B 9ms
9ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 74396
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Dec 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame C780 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dca586053fcb60bd911a229a1d06ceb070f0204416146054312c084f78db347e

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame E6F8 180 KB
50 KB 29ms
22ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604307
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:30 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E6F8 13 KB
5 KB 38ms
31ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604746
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:34:11 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E6F8 90 KB
27 KB 35ms
29ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604308
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:29 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E6F8 3 KB
2 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604773
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:33:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:33:44 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame E6F8 41 KB
13 KB 33ms
27ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604293
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:44 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E6F8 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 68330
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Dec 2020 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E6F8 295 B
320 B 9ms
8ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 74396
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Dec 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame E6F8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50ad451055222e0c91f859f31d85c5706a720ca492bcf3bbf427b10fb9ed5975

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame 4566 180 KB
50 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604307
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:30 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4566 13 KB
5 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604746
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:34:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:34:11 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4566 90 KB
27 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604308
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:29 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4566 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604773
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:33:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:33:44 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame 4566 41 KB
13 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 604293
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Wed, 23 Dec 2020 18:41:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Dec 2021 18:41:44 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4566 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 68330
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Dec 2020 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4566 295 B
320 B 9ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 74396
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Dec 2020 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 4566 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25057a5db69d36033c70101fee355e40007797815b243c08f7d5c15b60632147

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 56D6 0
0 45ms
44ms Fetch
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssg86YqOrIlO73n7ikq9QGvcL3_LM2VS0Mzud98f0g-h76pPD0iO-GyQDqOIdNH9ZDjdTUQKT1Sbcg3Bk5Z4aYHf9TgSmRYm82pbI47zleuPuHS-goOfJ1Er9l1YwI6k34Ijx7c_F_je6jOiyf7h6fw4cfQBovYe2KLZB06vRAhdXJ0rSXf7UWkxpTRjJZUwI6LdA2P8WfoT6IE37ddcX1-yv5TJ0g5aevOqHt0l8tZEZwHYexorfhugEBjl1z2COpsKpM45WK21Nmcd0-ToYSkNhzMchK0-0pRVlY&sai=AMfl-YSepNJpyChjsKtLxd2FSMuhIXkJaWWpxILj9qjqxbqMWMRS0xXwl-mLdf3n2n65EuH5rgOO2fFvC0LBa78rl0Z2AlJ--KLuP965I5YPX_XrebZvwz6kCffcr58KK2Ua&sig=Cg0ArKJSzDj8QH0YwLJAEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/123greetings/ Frame 56D6 13 KB
4 KB 63ms
14ms Script
text/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/123greetings/vdo.ai.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0d1f1bbecf45f0366e0b1defadb0a0514415038079991cae365fc2f847415ef

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 345
x-cache: HIT
vdo-server: Tag2
content-encoding: br
cf-request-id: 075686103f000096e0751ee000000001
x-varnish: 451190 3454116
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=maEcTvECFJPrTzwQat2GJVDOv3GM6fh3eJKkm%2F0UMxSJ5HW%2B6J3qZAMkxbbft%2B%2Bz%2FcJ%2Fee3xzDJ21Twb58ZZ%2F15OAiV%2FDBuYOl8fV7jU1IdStXAwaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 609dd92d38c596e0-FRA

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 56D6 76 KB
29 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29432
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H3-Q050 200 13526951147801823787
tpc.googlesyndication.com/simgad/ Frame C780 85 KB
85 KB 23ms
20ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13526951147801823787?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnROFlZ6a_BqDaEZz1MrdM_v6rBKQ

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af0418dcac2952a04ccb2cfe47f5af7dae74dc53bb1207db945af78eb3d0efb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 10:17:41 GMT
server: sffe
age: 94929
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86622
x-xss-protection: 0
expires: Wed, 29 Dec 2021 16:11:08 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C780 0
0 46ms
43ms Image
text/html 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=COCzL7MfsX7CBN6KrrATXhbowl579y2D65Ji-mwyIu8Psig4QASDv9pAhYPWVzoHgBKABnNfYpwLIAQKpAmbBwYTiT4E-4AIAqAMByAMIqgSTAk_QNPxRKkAzHmXyPR1XdF3rA5PepFtIoj37iYArQjMM4x91Om7CkEqqSGuG69-GOVATAS7mTRNMoRcUr8AbUPz6_9nHlJVIyC-YZijsc65Y2bucN1TEKGtB0VrZk6lHlB7NXLC3AlXhw1HsadlrvNgqvLHIlh3uDIsG3j8CH0_8EZBbDYwUVuIzv_wPZQG_8K5Oh2e0nwk0fOBHWm285sFWzi_eZCrUx7zynWrr280YzMX3EPmhdrHfLsZs6AhxVOCBzjt2PRZgVf5uJVKJmtEjw8m4QP-PfhM-jzPTanXj0_U9XczzSqlf1xXtkUpUQ9p4QqnLs_zD5E6n8G0su2khfjfi5TSsCo_Z10EtoZr3DNAcwASx1IbKtgPgBAGSBQQIBBgBkgUECAUYBKAGAoAHtcfp5gGoB9XJG6gH8NkbqAfy2RuoB5SYsQKoB6XfG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDf6AfSCAkIgOGAQBABGB2ACgPICwHYEwKyFxoKGAgBEhRwdWItNDYyNzUxNzY4MDI0OTY3MA&sigh=Hsy9tuw1bjM&tpd=AGWhJmvo4RWZ2xMYA19RogC8MHM6AZlWl9Q2_F3ANyOIXCVd5w
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s13-in-f226.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 6844370223875203552
tpc.googlesyndication.com/daca_images/simgad/ Frame E6F8 43 KB
43 KB 16ms
13ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6844370223875203552

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f64a08d002fbce85414d01a38f95a1febea81f916cfd6fd9cbb75c9dc11035fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:53:03 GMT
x-content-type-options: nosniff
age: 538814
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43958
x-xss-protection: 0
last-modified: Tue, 24 Dec 2019 13:45:16 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Dec 2021 12:53:03 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E6F8 0
0 46ms
43ms Image
text/html 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3Z3T7MfsX5WCN6KrrATXhbowgqja6GDP6cz61gqwkB8QASDv9pAhYPWVzoHgBKAB19ycxwLIAQKpAhfv6h4YA7M-4AIAqAMByAMIqgSSAk_Q2EA23dwwa_TZTPhUXPDHPJcd0f9TS8gdB3yqda76VMQIxkxcpAEGN1w9Slln2YeguLwZrWR3Lle91Hd-iDR6L84Eqjh9K4nZaPpFLsdO1R1EN6CsmDq58bvZNsbt9fIWPdDTqes0OdrvkUgFKJ8GsMoDrvQmvq-g_h0sGzHabdiiArmMNv1Qvq-kmr_P5nWSzmJz3oLrzDjJ1rrt9TC2RYsqeIJW-qzmbMXVCSlfaxE5CdFyz2LDEL_g3bgTM8eEteKzTAzRv5VzcntNS67F1xcZNSFwJ2Hgq8I6T0MWv6KWiUgpsgJsxCkpDqP5XguA6SgMViz-NwZZqDFEVlc6vnk3pleK7LBSMiivCkHOB_LABNu6rP7GAuAEAZIFBAgEGAGSBQQIBRgEoAYCgAeRo-O4AagH1ckbqAfw2RuoB_LZG6gHlJixAqgHpd8bqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOriB9IICQiA4YBAEAEYHYAKA8gLAdgTDbIXGgoYCAESFHB1Yi00NjI3NTE3NjgwMjQ5Njcw&sigh=dpAYg2dLxXI&tpd=AGWhJmtQEv0fRwqCMRt5A4eC-5v-NVk17zDnFxWNxhx98KTnVA
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s13-in-f226.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 13526951147801823787
tpc.googlesyndication.com/simgad/ Frame 4566 85 KB
85 KB 26ms
23ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13526951147801823787?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnROFlZ6a_BqDaEZz1MrdM_v6rBKQ

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af0418dcac2952a04ccb2cfe47f5af7dae74dc53bb1207db945af78eb3d0efb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 10:17:41 GMT
server: sffe
age: 94929
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86622
x-xss-protection: 0
expires: Wed, 29 Dec 2021 16:11:08 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4566 0
0 47ms
45ms Image
text/html 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzMoc7MfsX-6CN6KrrATXhbowl579y2D65Ji-mwyIu8Psig4QASDv9pAhYPWVzoHgBKABnNfYpwLIAQKpAmbBwYTiT4E-4AIAqAMByAMIqgSTAk_QMdJOIra6LqvOsMHeVgOxdZDiKstKTRtRe4Wj7isVql988PZfXEytB0FuxSbOvR6GJAwFjRB2BN6Y8Kf9RlmFPAMvIVcaC4vbvYbGHzP3Wd6nkeg8jF7joxyJ28IJhypfy5it8VeNrptga16g2HmEletDqNUyOICFD0LSoJ_OGz1Va0gKDfosEPbjVbU0QqGptvdDwknNavUsle4fahEOqW1zfoFtBUbEJyrMPMazOFhFNkEMOFkuG0HHy2qPbsLBvpVpqL7aM_5ovNFtFSkdWgJr30FHxAoHbQ2jIOGHtnRjA_EUY4O-dUWDzopN-MsM_s20--jIgBK_2dFLC-uZYFQvSLGqTH6MARIgPcQ7fbIMwASx1IbKtgPgBAGSBQQIBBgBkgUECAUYBKAGAoAHtcfp5gGoB9XJG6gH8NkbqAfy2RuoB5SYsQKoB6XfG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDVowbSCAkIgOGAQBABGB2ACgPICwHYEwKyFxoKGAgBEhRwdWItNDYyNzUxNzY4MDI0OTY3MA&sigh=hYZoei9CnCk&tpd=AGWhJmsZeNd_dLR1QdB5JSgzGBVC1qRcyunECC5H70O8KLBOIw
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.21.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s13-in-f226.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
27ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be052cbfcd57819c8d06ab9bdb2d0b40f4e45f64d8c1bfffc663f149c2551c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6285
x-xss-protection: 0

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame 0817 234 KB
87 KB 59ms
30ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 8483 0
0 20ms
5ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn2MnayjV2CLscTAXk9cIaII6wl-QA9W-FHVy_WMxsnuE2BDvIMaGo5psPt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 30 Dec 2020 10:01:15 GMT
expires: Wed, 13 Jan 2021 10:01:15 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 30722
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame 4756 234 KB
88 KB 40ms
29ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B3C0 11 KB
11 KB 8ms
5ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.123greetings.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Dec 2020 22:21:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 159117
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 28 Dec 2021 22:21:20 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame B3C0 11 KB
11 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.123greetings.com
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 90772
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 29 Dec 2021 17:20:25 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
DATA 200
OK truncated
/ Frame 4756 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d66e89622da2cdeb29b4e6996b10c2b036dce6033a073e71badfc341991384e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 93E9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14fbe9fe0bea550049ab61f6d49c2876d18b9e1e263a593fd33ba80cd625af6e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0817 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e10a2edd7df57eaa653e7083c309dd6077398ed2fbf686dccedc9957f1296bc8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 56D6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18fb0dd8f7703b2e5693b5ea9b4fd31c842e364f93255283cd1f941f78d41e41

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 56D6 96 KB
39 KB 44ms
29ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-29

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/123greetings/vdo.ai.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b339807708fa0d686bd38cac3c8b360aa4492012eec0ac1e08bd6d6bf12ea4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39014
x-xss-protection: 0
last-modified: Wed, 30 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H2 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4/ 296 KB
95 KB 34ms
33ms Script
application/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/123greetings/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: facac9f820b7fe3e2482c9b2f532d71af367ec42f8e81f1825ec1080a7359f63

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1281
cf-ray: 609dd92ec9bb96e0-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
cf-request-id: 075686113b000096e04687f000000001
last-modified: Tue, 22 Dec 2020 06:58:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=67k8dblOKARCUztBQMzO8LVsr2GvWYyA5DyWrDCta1b6UFde1ZBnifzAVtgPgpvG7nE7R%2F5siVHu%2F2uQ1Ja4d3sw4Jtd3JMfm9A%2BUkfu8YlLnjH0bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 3817038 229414
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 316 KB
109 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/123greetings/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e7ed022e6412f6c1416fe649aeb461650491238f7f7ee77bdc0a35435fa891a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111405
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 4756 12 B
247 B 42ms
41ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4756 109 B
781 B 43ms
29ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4756 109 B
127 B 45ms
31ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 594B 0
0 146ms
146ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609353197623&bpp=7&bdt=120&idt=274&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ&correlator=6292967325366&frm=23&ife=4&pv=2&ga_vid=580540161.1609353195&ga_sid=1609353198&ga_hid=1574651867&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2422&biw=1600&bih=1200&isw=728&ish=90&ifk=2199914196&scr_x=0&scr_y=0&eid=21068945%2C21065725%2C21069710&oid=3&pvsid=4157927252727418&pem=845&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.25jp8qhrtiaf&btvi=1&fsb=1&dtd=291

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609353197623&bpp=7&bdt=120&idt=274&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ&correlator=6292967325366&frm=23&ife=4&pv=2&ga_vid=580540161.1609353195&ga_sid=1609353198&ga_hid=1574651867&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2422&biw=1600&bih=1200&isw=728&ish=90&ifk=2199914196&scr_x=0&scr_y=0&eid=21068945%2C21065725%2C21069710&oid=3&pvsid=4157927252727418&pem=845&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.25jp8qhrtiaf&btvi=1&fsb=1&dtd=291
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn2MnayjV2CLscTAXk9cIaII6wl-QA9W-FHVy_WMxsnuE2BDvIMaGo5psPt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 30 Dec 2020 18:33:18 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4756 74 KB
28 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0817 12 B
97 B 42ms
41ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0817 109 B
127 B 26ms
26ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0817 109 B
127 B 24ms
24ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8F00 0
0 165ms
163ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609353197598&bpp=23&bdt=99&idt=324&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ&correlator=6292967325366&frm=23&ife=4&pv=1&ga_vid=580540161.1609353195&ga_sid=1609353198&ga_hid=763024696&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3983794644&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3590618154224541&pem=845&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.oofzzbctviph&fsb=1&dtd=332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609353197598&bpp=23&bdt=99&idt=324&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ&correlator=6292967325366&frm=23&ife=4&pv=1&ga_vid=580540161.1609353195&ga_sid=1609353198&ga_hid=763024696&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3983794644&scr_x=0&scr_y=0&eid=21067981&oid=3&pvsid=3590618154224541&pem=845&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.oofzzbctviph&fsb=1&dtd=332
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn2MnayjV2CLscTAXk9cIaII6wl-QA9W-FHVy_WMxsnuE2BDvIMaGo5psPt
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 30 Dec 2020 18:33:18 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0817 74 KB
28 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:17 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame B3C0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Wed, 30 Dec 2020 18:33:17 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E6F8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

39ms
39ms

Image
text/html

2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Wed, 30 Dec 2020 18:33:17 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C780
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Wed, 30 Dec 2020 18:33:17 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4566
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

43ms
42ms

Image
text/html

2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Wed, 30 Dec 2020 18:33:17 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 3E49 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 30 Dec 2020 17:37:50 GMT
expires: Thu, 30 Dec 2021 17:37:50 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3327
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B3C0 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 68331
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Dec 2020 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame B3C0 295 B
325 B 7ms
6ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 74397
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Dec 2020 21:53:21 GMT

GET
H3-Q050 200 13526951147801823787
tpc.googlesyndication.com/simgad/ Frame C780 85 KB
85 KB 7ms
6ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13526951147801823787?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnROFlZ6a_BqDaEZz1MrdM_v6rBKQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af0418dcac2952a04ccb2cfe47f5af7dae74dc53bb1207db945af78eb3d0efb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 10:17:41 GMT
server: sffe
age: 94930
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86622
x-xss-protection: 0
expires: Wed, 29 Dec 2021 16:11:08 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C780 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 68331
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Dec 2020 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C780 295 B
320 B 9ms
9ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 74397
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Dec 2020 21:53:21 GMT

GET
H3-Q050 200 6844370223875203552
tpc.googlesyndication.com/daca_images/simgad/ Frame E6F8 43 KB
43 KB 9ms
9ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6844370223875203552

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f64a08d002fbce85414d01a38f95a1febea81f916cfd6fd9cbb75c9dc11035fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Dec 2020 12:53:03 GMT
x-content-type-options: nosniff
age: 538815
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43958
x-xss-protection: 0
last-modified: Tue, 24 Dec 2019 13:45:16 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Dec 2021 12:53:03 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E6F8 2 KB
2 KB 9ms
9ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 68331
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Dec 2020 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E6F8 295 B
320 B 9ms
8ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 74397
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Dec 2020 21:53:21 GMT

GET
H3-Q050 200 13526951147801823787
tpc.googlesyndication.com/simgad/ Frame 4566 85 KB
85 KB 10ms
9ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13526951147801823787?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnROFlZ6a_BqDaEZz1MrdM_v6rBKQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af0418dcac2952a04ccb2cfe47f5af7dae74dc53bb1207db945af78eb3d0efb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Dec 2020 16:11:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 10:17:41 GMT
server: sffe
age: 94930
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86622
x-xss-protection: 0
expires: Wed, 29 Dec 2021 16:11:08 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4566 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 23:34:27 GMT
x-content-type-options: nosniff
server: cafe
age: 68331
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Wed, 30 Dec 2020 23:34:27 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4566 295 B
320 B 10ms
9ms Image
image/png 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 29 Dec 2020 21:53:21 GMT
x-content-type-options: nosniff
server: cafe
age: 74397
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 30 Dec 2020 21:53:21 GMT

GET
H/1.1 200
OK headerbid_refresh_alex.php Show response
served-by.pixfuture.com/www/delivery/ Frame 0757 11 KB
11 KB 163ms
163ms Script
text/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=103x728x90x26x_ADSLOT1&keywords=&refUrl=&innerWidth=728&mainDiv=pf-103x728x90x26x_ADSLOT1&flag=true
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 740f4a834d55a4b2b1092b1244251a939c2eff78e4d4ea1d2efa70041dc30493

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Dec 2020 18:33:18 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Fri, 01 Jan 2021 18:33:18 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-29

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b339807708fa0d686bd38cac3c8b360aa4492012eec0ac1e08bd6d6bf12ea4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39014
x-xss-protection: 0
last-modified: Wed, 30 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Dec 2020 18:33:18 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-29&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3076315-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad060fa77a4c1b23d16b5037baa27c08b02d8b88a56bf9484088cd1f53d6170f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39037
x-xss-protection: 0
last-modified: Wed, 30 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Dec 2020 18:33:18 GMT

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 98 B
909 B 43ms
25ms XHR
application/json 2606:4700:3036::6812:2b06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&tag=123greetings&domain=123greetings.com
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6812:2b06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15e01342d6b0f44b84f4886a6c363241b298e85fb7b3c6323bd183cc40511ce

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MsReZrkOMjRvcY8%2Fs5z7e11CImuHkcVvNr7gD58Uc7eI0Hzz3UyTMupvKzNRs5VD7%2BHixxQyqw8ujppwnX8DNVpGJI7cO%2FXUgC6cjrBiEuLHjAlHdJyGHj5XrjxS"}],"group":"cf-nel","max_age":604800}
cf-ray: 609dd930a84ddfb7-FRA
cf-request-id: 075686126b0000dfb79aa1a000000001

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4756 0
45 B 42ms
42ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssdydHRJ5KU47GGzxLqlzw0__Ilyts-ZWXqOhnuXyk1O68AHur5dLiqmJsWdH1ML8vm08MOsQK0E86Ygal6QhJQiQIQqyNv-rEPsnnhrjfSbdVXTDehiGzb7bVUKSthj9pCXa3ucccaLOuthv-VzrrYTIg1JbzlbdintU4Q7p8jBkyF_tkvVd90ToZgqiZ60gWNqh1EVaBmVq31W_CL_tbDvtOxfdV7gTBXToMMa72QrF1LyKMyq_9ptvCdeWj3lDeq5-U3KoQrO3Woll65AWmxhlVWav8QimZv3hQOIw&sai=AMfl-YTT5E5MAD7PSFRMy6u-Fo-dXAQILZOteo0P1SfzV_bRxi3QUSgh4yJ8PeuDitjN6MvKbPFPGGMm7bK_ZA1lm6XGprTblENs4IlA_LUS8XD0dgbOvHhfG9iwdg6Rd1Z1&sig=Cg0ArKJSzHvxdFUInobLEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4756 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f13a9f22f899dbe5241c85576852ad1a954a44b9a7743694380f33815adc4fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6449
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0817 0
22 B 58ms
57ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvk4SK5H0kQO98ysDVnC0kdUCV7WaCQYHjutHfFf99D5nKuhTT7SJBjgS-_Yet7-gWFln2c8QUFtCUidWye6KBkx0AJScAMpxIwbN4Hn2-Nsva5II4x3XhEVCMACFC5EZ3jahghSZC2dXN7nXk2x2HRS7fOADdiRP345uH7xRxbn8BTCLOsBhuRjBnVwtnTla5Efp9a5LJ9nE3b0ENWgHJi-ybxUfdwC2PG-kBL4h1EKvUSCu9lQxr8VTQqg7_ybOsHOJIKqmpYY5WPE1O9K2D4O4X1Z6k5YkJXtkc&sai=AMfl-YQ_Crt2VEdIk9PbavWQQCrRjsyN9FJiOg6ZpVEldK45cHAopGgJbBuvZ19Ff_WxHj-It0iImZecAFkMjHi7HRYICHBXVQyJQ08Hzaqhn_il_OLUPnVmtjE3LBwuSqPa&sig=Cg0ArKJSzLbiHKFyQOfZEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0817 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcd3f82100ec7d3c7948d39dee6f86ca9196cdc29251ca7ebdcae11bd1aee4ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6466
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 56D6 0
22 B 50ms
50ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvFOapHIrIXvO4pamCX1MhVy02ST5JotR-xWse_5bMy-Oza91tmgngH-2HKTIhFK23FADNFUPINsfx9LxRi4_fbzCfRCv929ScDgEYybTiMvJAyJg9eSExiINih5uyqzVPEgizYJfCiAEe4yNRzaOIJ-SwlwyOmdHOBrANP874WArHkytJWz6XJb0A-1S4V-PAw-BkCGp7FQgB6ABK-Vh0x7HUXRlyonji8QsHXGABjoOG1_uV07MmlglqRzAkpDLZpeQcvE1p_Wezz8TKd29PEP3qX_8vYE95YGYifw&sai=AMfl-YSRZTWDI4q49jgy88aS8gAtBJLRu6lgYEgrXQM4JTcqdpfk-YpyC8m_e5l1l2EDdXlzLCCIrfGkyyv_pEM8lPto_GNgzJDLeol5vEkchdA31MmRQtb3_0IPrFTDKhq3&sig=Cg0ArKJSzJIbv5aysfHmEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 56D6 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-29

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2564
date: Wed, 30 Dec 2020 17:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 30 Dec 2020 19:50:34 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4756 16 KB
6 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:18 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 379ms
119ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 30 Dec 2020 18:33:18 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 vdo.player.js Show response
a.vdo.ai/core/assets/ 575 KB
144 KB 63ms
62ms Script
application/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d3d3d99ec2d1da823e792b3024b24ae723c89a29d46d9cffe4b1d4ba935c0da

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1281
cf-ray: 609dd9316b6696e0-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
cf-request-id: 07568612dc000096e047202000000001
last-modified: Mon, 14 Sep 2020 22:24:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=unGZhjDS6RqbLutcsslm0oVp8Te8x10gs%2FnoYsmhTlHFbwmGfjqUTjPGfbxe%2B1EzCz%2FVwUVslW1HV0Ya9nLKxRQ8jzHWb4UYU8q%2B3OjWvv543yu3fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 2346041 294944
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 prebid.js Show response
a.vdo.ai/core/assets/ 339 KB
95 KB 57ms
56ms Script
application/javascript 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/prebid.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ac98091f04d8e654cfa6e1bae62ef59a9de93168f8d0e0b266ef6a9e79e10a4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1280
cf-ray: 609dd9316b6796e0-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
cf-request-id: 07568612dd000096e075210000000001
last-modified: Thu, 10 Dec 2020 11:35:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iNwAr%2FanAs09Cp9r9bhKKGA5ouwyO6TAxDlOx%2BT66KmF8jtaB7hGBFRFDkY6kn1YGAfg8GF8Romhj8rB41BQqXquOSiKljaMfsozpaIsXP9v7fY4iw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 2122302 98330
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 375ms
117ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=initVdo&uid=65ce6236-f560-478c-90c7-adccd0a44e8e&t=1609353198300
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:18 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0817 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:18 GMT

GET
H/1.1 200
OK fcp.css
c.123g.us/css/ Frame 6314 7 KB
2 KB 50ms
50ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/fcp.css
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/332f446b657a7d6b4268772e6e2d74405c276a7a7c/12520120910320702226/summary
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063

Request headers

Referer: https://www.123greetings.com/send/fcp_track/332f446b657a7d6b4268772e6e2d74405c276a7a7c/12520120910320702226/summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 06:33:52 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Jul 2018 10:30:13 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2548766
ETag: "2462e-1b92-57234f253d740"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2003
jake_test: Test_Pass

GET
H/1.1 200
OK jquery.js Show response
c.123g.us/js2/ Frame 6314 92 KB
33 KB 51ms
50ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/332f446b657a7d6b4268772e6e2d74405c276a7a7c/12520120910320702226/summary
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer: https://www.123greetings.com/send/fcp_track/332f446b657a7d6b4268772e6e2d74405c276a7a7c/12520120910320702226/summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 19:24:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1206515
ETag: "16f3a-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33449
jake_test: Test_Pass
Expires: Thu, 17 Dec 2020 13:39:33 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
47 B 17ms
16ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=375897132&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Marie%20Poulsen%20from%20Rama%20Weizmann&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=109413003&gjid=296754107&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&_r=1&gtm=2oubu0&z=1963382681

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-29

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2564
date: Wed, 30 Dec 2020 17:50:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 30 Dec 2020 19:50:34 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=375897132&t=event&_s=2&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Marie%20Poulsen%20from%20Rama%20Weizmann&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=c7e4a18&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&gtm=2oubu0&z=396717885

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 03:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53095
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
7ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=375897132&t=event&_s=3&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Marie%20Poulsen%20from%20Rama%20Weizmann&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=banner_blocked_size&el=c7e4a18&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&gtm=2oubu0&z=481771809

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 03:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53095
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ Frame 56D6 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=754925447&t=event&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1x1&je=0&ec=vdoaijs&ea=loaded&ev=1&_u=AACAAUAB~&jid=&gjid=&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&gtm=2oubu0&z=564074751

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 03:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53095
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame D79F 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 30 Dec 2020 17:37:50 GMT
expires: Thu, 30 Dec 2021 17:37:50 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3328
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK styleopt_v2.css
c.123g.us/css/ Frame 6314 45 KB
9 KB 33ms
31ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/styleopt_v2.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9

Request headers

Referer: https://c.123g.us/css/fcp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 06:54:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Feb 2019 10:50:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1337908
ETag: "24665-b2be-582511f153a40"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8955
jake_test: Test_Pass

GET
H/1.1 200
OK modal_window.css
c.123g.us/css/ Frame 6314 29 KB
6 KB 76ms
74ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/modal_window.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de

Request headers

Referer: https://c.123g.us/css/fcp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 16:35:36 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:40:54 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2426262
ETag: "2468c-746b-54a227c0b1d80"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6107
jake_test: Test_Pass

GET
H/1.1 200
OK print_card.css
c.123g.us/css/ Frame 6314 3 KB
1 KB 33ms
32ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/print_card.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969

Request headers

Referer: https://c.123g.us/css/fcp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Dec 2020 13:28:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 277495
ETag: "bbf-54da7c8112fc0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 824
jake_test: Test_Pass
Expires: Sun, 27 Dec 2020 13:43:24 GMT

GET
H2 200 djax_elastic.js Show response
cdn.pixfuture.com/ Frame 5FBE 37 KB
37 KB 182ms
157ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/djax_elastic.js
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid_refresh_alex.php?dat=103x728x90x26x_ADSLOT1&keywords=&refUrl=&innerWidth=728&mainDiv=pf-103x728x90x26x_ADSLOT1&flag=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d26e98e9600c9cea41a4f28dee915eedd266f450849d151a7f653d1738917de

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 23 Nov 2020 17:49:07 GMT
server: cloudflare
etag: "5fbbf613-9275"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MuldOdYafo5JZj0FTs08l%2BldlL%2BeIvCojJH7%2Bykzu1lEXZdoyxfYwXRAddzIDEI9xcPNMnhq9XjzgtFiAqNuFaOOELa3ZYD7EckVAxEy%2BFVrhGpt8YJmQbhV2WGnKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 609dd9321b1fdfe3-FRA
content-length: 37493
cf-request-id: 075686134d0000dfe387291000000001
expires: Fri, 01 Jan 2021 18:33:18 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 93E9 0
22 B 67ms
66ms Image
image/gif 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDF-6WGDysDBfv4MaKvLBuM3zk4aTidnGoAexYn_tUI1N10y68wxbgGU2SGVk2F_na51tz5sDRL0D1ORmTfRN0PJyJYOscjLnYHTF6G643elsFOn5nFXiqPqxLgpg50PWegJaKoqtnsZvBhfFx9GDyeIvU0klYH8sEcD7nRiKICbT2RfymNwOEwAK089piaLJWxSy3EYm7jw4CKryjzWsfL-kUMfOrKLC4ph4AHnLJYdt6obIM9YL1xLe4NaeMb-pL4AUl5v61fAYF2UHFFa4dV3XkOBEyDCztOg&sai=AMfl-YQZKoADeixWJp-br0xaXMuQarIboPc_ftMAjcwSkfq9wDGY83P5YlHgC1xxxytoi7EsGC-wc602qx_D6g0ZTkA_rd7qbBL7CK1nTxEsZ4yt2l6FD1fCsAzgtBCty-CZ&sig=Cg0ArKJSzKO8OsfWu-eoEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame ED45 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 30 Dec 2020 17:37:50 GMT
expires: Thu, 30 Dec 2021 17:37:50 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3328
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK e195b292-600e-4256-b49d-dc29c881cff0
https://www.123greetings.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.123greetings.com/e195b292-600e-4256-b49d-dc29c881cff0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

OPTIONS
H/1.1 204
No Content ent40.m3u8
h.vdo.ai/videos/categories/ Frame 0
0 357ms
118ms Other
text/plain 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.m3u8
Protocol: HTTP/1.1
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Wed, 30 Dec 2020 18:33:18 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK ent40.m3u8 Show response
h.vdo.ai/videos/categories/ 1 KB
2 KB 119ms
119ms XHR
application/vnd.apple.mpegurl 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash: ca8f45e72d0ae1bfee1a751b8c878b10952a7884e3f384730be1c6124fd29038

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
vdoai: true

Response headers

Date: Wed, 30 Dec 2020 18:33:18 GMT
Last-Modified: Tue, 03 Nov 2020 16:58:50 GMT
Server: nginx/1.12.2
ETag: "5fa18c4a-5ef"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1519

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
86 B 17ms
17ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120801&jk=3023626409160711&bg=!hYalhqbNAAUbEDgJG1gq-VTGIHJivQIAAAEJUgAAABRoAQcKAKXIfMLSAURY0p0s0UYthprMIoxeEc9dP3F_dPvM3yKsnxKX3FpdkZaAkTWNzMHt7JVTLQ0AXsx6BCz9XFbdatqvONUVW9bIeDmAtnwHXTS4UHdWE9mI8UpaBhG1csSdsPjhdAvD7RZXMdo_kjC_czVcParB4wpfk7TEzreQ83FkTiMDXeP9a8LOyu1zycLoVnbQdH30xNmI4omf6VmYtFm01nOD4LeZAb3TOmS6178a9-MiVFsaiKHmEGazDmYO1kiO03QmnU3XGqDSc_UGWKBrFMinoERCwurqXBmDYK-cjcFO5thvpKUa5nyPC8FdMsqZ5_MmGcw3fpKFs-h03-Lan4_IdbwQqhwJ2qnefw9wgchMzNB9RDbkkp5bseJ4dFrilxGCjc4cuLtFwWupZlJO1wjEIc7zOuhPrQrcHAx-L32an8ItbXyXfGw-I18cR79e5qvStVyo9Jk5cGbl2Y0U8O9IiWU2IaosMk2bb3woj02FmI6rSUztE5UnnaKDCjEy-H45_YOaky7mnf769nhfWandD1V3yessMCQER-YG17I8n12e-GpddzfOd2gcd7xuCdP-MoxBA4ixl6APBQUdYOLJSMsPLMwDuS5USVx2FIq3egYq6i6Btq4-dDEbdEpqakBaEv0x8lTsCzhBghPcla4ZthDfK1ICwZRGfR33Uka5cx3xm0rfICCn33y7RwEtvVxvbg7Wc28NfkGkyIFlHh1MeeUYvD411VbtIsIXZcqeKiRjtkmWeQd-xKVbRrj170jLeMbqzNnUt-_ad-iGRfHPqOynh7YuUZMYGTPz_AsDDejV

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK d90b8043-92b2-4b99-ba05-46ae554d8798
https://www.123greetings.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.123greetings.com/d90b8043-92b2-4b99-ba05-46ae554d8798
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0d2bb46c68e084f258f3728375c0351cb47075647142ba7df6f0059ae0b2581

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H3-Q050 200 bridge3.432.0_en.html
imasdk.googleapis.com/js/core/ Frame FB0A 0
0 33ms
20ms Document
text/html 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.432.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.432.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192035
date: Tue, 29 Dec 2020 21:37:24 GMT
expires: Wed, 29 Dec 2021 21:37:24 GMT
last-modified: Tue, 15 Dec 2020 20:14:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 75354
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:81b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:18 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 208ms
119ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 30 Dec 2020 18:33:18 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
1000 B 12ms
11ms Image
image/svg+xml 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1282
cf-ray: 609dd9333c3096e0-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
cf-request-id: 0756861400000096e0468a2000000001
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ptYQdy%2B1CfBGc4s32H4%2Ffm50%2FSmLu3VEHheZDGeGwXA15tPAPOh7ecR7Mp9S4qHrBDM1gUVPtmZ%2BWutxgUeEorbU3zob%2BsZdgP6OuAkyneGqyFz5QA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1753095 65542
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: image/svg+xml
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 202ms
118ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=forceplay&uid=65ce6236-f560-478c-90c7-adccd0a44e8e&t=1609353198590
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:18 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 jquery3_5_1.min.js Show response
cdn.pixfuture.com/ Frame 5FBE 87 KB
88 KB 111ms
111ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery3_5_1.min.js
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 26 Aug 2020 15:41:27 GMT
server: cloudflare
etag: "5f4682a7-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G%2FUK%2FL2IsSl%2Fj5MD1DwgNrTeFpawbnh6tZIc3umHKxnoQHbLxrJXh%2F2powhMIfbDUNUrO2MR6LPnqGhMHfmJd5Ml75Myu0aEOqVgHF0GYohd7oYeLkaBxy70dFzZuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 609dd9333d9fdfe3-FRA
content-length: 89476
cf-request-id: 07568614070000dfe3d8801000000001
expires: Fri, 01 Jan 2021 18:33:18 GMT

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame 5FBE 275 KB
84 KB 138ms
61ms Script
text/javascript 95.101.184.244
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.244 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-244.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=121684
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Fri, 01 Jan 2021 04:21:22 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 316ms
119ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 30 Dec 2020 18:33:18 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 342ms
119ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 30 Dec 2020 18:33:18 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 310ms
121ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=pageview&uid=65ce6236-f560-478c-90c7-adccd0a44e8e&t=1609353198602
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:18 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=375897132&t=event&_s=4&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Marie%20Poulsen%20from%20Rama%20Weizmann&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=c7e4a18&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&gtm=2oubu0&z=1625642298

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 03:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53095
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 337ms
119ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=website_pageview&uid=65ce6236-f560-478c-90c7-adccd0a44e8e&t=1609353198604
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:18 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=375897132&t=event&_s=5&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Marie%20Poulsen%20from%20Rama%20Weizmann&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=c7e4a18&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&gtm=2oubu0&z=1118511839

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 03:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53095
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 8ms
7ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=375897132&t=event&_s=6&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Marie%20Poulsen%20from%20Rama%20Weizmann&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=c7e4a18&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&gtm=2oubu0&z=823279738

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 03:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53095
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5FBE
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.123greetings.com%2F&domain=www.123greetings.com&cw=1
https://mug.criteo.com/sid?cpp=uJFmUnx5UThYTHloTVJLMFhoejYydDNmMTMvRkE4NktBNWszZmFjaTh3WXY4NzFTTHVsQ1o2OFVvWC9MNHZaQm42djJMNXcwTEMrd2F6VEwvcmlaYjc0VFFZNGRnVmlTRlh4N1NIaVE2OUlmKzJFSXg1Zm1HR0xpOUtoUl...

344 B
637 B

130ms
44ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uJFmUnx5UThYTHloTVJLMFhoejYydDNmMTMvRkE4NktBNWszZmFjaTh3WXY4NzFTTHVsQ1o2OFVvWC9MNHZaQm42djJMNXcwTEMrd2F6VEwvcmlaYjc0VFFZNGRnVmlTRlh4N1NIaVE2OUlmKzJFSXg1Zm1HR0xpOUtoUlZ2ck1ORWs2UDJ0NEpsY09FRHZIWlE0QkJJNjBTZ3VkYnFRVERuTE43V29KSEViSEV2UzVmMnRwRGlEdHBhdVF1cjJnNWJLTGNBTTdSRHZlWG12RTNuMnZQOGxGQ2VmY1VSYmo5NU1GT0NDanFxZmlUcDY0PXw&cppv=2

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2de8c1c1f58500fdb5c75375da8cee1d4179a8f877a061c520255b7cd99285c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 30 Dec 2020 18:33:18 GMT
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1116
content-length: 344
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 30 Dec 2020 18:33:18 GMT
location: https://mug.criteo.com/sid?cpp=uJFmUnx5UThYTHloTVJLMFhoejYydDNmMTMvRkE4NktBNWszZmFjaTh3WXY4NzFTTHVsQ1o2OFVvWC9MNHZaQm42djJMNXcwTEMrd2F6VEwvcmlaYjc0VFFZNGRnVmlTRlh4N1NIaVE2OUlmKzJFSXg1Zm1HR0xpOUtoUlZ2ck1ORWs2UDJ0NEpsY09FRHZIWlE0QkJJNjBTZ3VkYnFRVERuTE43V29KSEViSEV2UzVmMnRwRGlEdHBhdVF1cjJnNWJLTGNBTTdSRHZlWG12RTNuMnZQOGxGQ2VmY1VSYmo5NU1GT0NDanFxZmlUcDY0PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1017
content-length: 482
expires: 0

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5FBE 54 KB
18 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a5558775d58f1e1bf62e65cfa27f6c34e88eb34254a3704cd202f69863864f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "739 / 18 of 1000 / last-modified: 1608034737"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18843
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:18 GMT

GET
H2 200 prebid4.19.0.js Show response
cdn.pixfuture.com/ Frame 5FBE 331 KB
332 KB 123ms
122ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 10 Dec 2020 17:32:50 GMT
server: cloudflare
etag: "5fd25bc2-52b1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cUQviTXb4TpX5vo%2BroTuEC%2BRpDJGyZ9LzUvnryUAqFgCFPaqERwQ%2FGyLWZdidr0Zrj0dExx0cP77HspD%2BAse4%2BbBlGB433%2FTZhxhCRL7ELqhfrXdAnuXKso8hhTJlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public, no-transform
accept-ranges: bytes
cf-ray: 609dd934882ddfe3-FRA
content-length: 338715
cf-request-id: 07568614d20000dfe3d3394000000001
expires: Fri, 01 Jan 2021 18:33:18 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4756 0
23 B 17ms
17ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=4157927252727418&bg=!lJell7fNAAXKjztBylhceFFpCiGtzQIAAACiUgAAABNoAQcKAYxM3hJOsPG5k4sp9WyDGkGHdb_GEIhUVQaZ99vp8ABXNm0aDkDNMJU5dq0ixeBi9M4z2hO31K3Qtw2QKgNB7TU_Y8iiYCQ3Qvc0rPBVPMzdX6oRlyz3aHDZ4NHVEpH2y5vYjBvo5pzKiGy7ouSTLbfjOd3x9D7k73euawBIFtPg_JzbVeqQ1Gd3Dr-8t9i9YjBijb-ntBZA8TOv2kWKtxodn97z2hxjGJGXVCD3HytAaQodt7lD1op4UN0eU6wp6FuEagTl5i29ScYoFJCI_A71GIk0iA9Bi3alPHby4XLDECHUv6KabZ1Wyk7xNrSpReI68QqdLr4UhQsZApuR6tohGOJeLbdKgjembn5jdXPXtTM7lBYBsWHEmdKsMq9rCEVr8U7OgzQtNEdtAuKW3_EoPRxa1qUgUnWPJ4L2NkOwU9PYvZp_HLQiS3L3gzgWLorYvlum9bSu1qzKdslrsY7R6A9i5nRwJtgj3RQillNZSMYyqjz09ZgruFQVZz1NZ4K0XNrejfzVULZLm-2ZAcO7jU0nvh_719vw5Qc5nYIvW-fEr3O1ghOyTTj09Wq1Ajk-MNjhL7Xy6g-Wsl5u6o14SQtnFQvjS2r6LxehnsiAXjtzef3b36ESyPtxE5kP4DhEjUzMRMQ9CIJQMAO7OYqN00Rvrr_RD9QgJ19tUQvDcR7stq4ke9_O219km8oi8x21BBbfCLvYkHODhK0MZJC9e9LHl5meepXAIK_368zlpNXucL2P24pUEHYsWqqW82glAJQlDQ2Dw6Pibsn6axsYJkRVQ7iuRu1bDToJgCabrEIfJC-xgc6pqA30M5SUaR3lG8z3BLpJ3gfE5Vjydy-QikJM12z1oTBnn-sRhjjatvSt3zHKvrlXNExu4T4p3fQvl26KktiLxfXY0QaFqTbJUFQQW_yjv3LcCEG5Djs-iJyJaS08bVFIGJll5lSlVOyXxcXD6_l4u14_uIoaZkzf3dHhDipYo9ZupcKcjYyXek7cB9Dh7EW-6Dvo59UDvsIkRuq8d27_Bm2xvfXD8KdLlYjyjXFBZoZbWjfeF8COaZ5s8zh6cQ8h81AHC8-6RvC35CPjN7vtGNWFk74lfcfTQzxTAfbPaELbN57FvPi5E7BY

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0817 0
23 B 17ms
16ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=3590618154224541&bg=!wsGlweHNAAXKjztBylhyFfPN70qQigIAAACoUgAAABJoAQcKAWvg8ivGug3GpdlGq1-GCiN2cuBzVdvwFU6WMi3wF8ENGMiXkZb-Nug_pH4x-OvsiyRFWvRpJkMDInlQ8hUC0TIXM3kvsBeVnkh-JYz-iNrJVWBAkuDr1Hc0PJzZJU70j3qgVa6kGFLYRzuO5T_fwgX1MuUn7YVf4BNeR5zN3tV_xwxwJV9z-VGVLkMZM8lTsiyXWOal2VIdv8fz1_4EKz5gNhJFc5f7C1K5Y7j1tMDAycTuA6G3SR8sr2LWBsNxnZNTzh2Ddms4zi4U8EXpyNdDS-U_Tjz6tFLXhkySVt_iRSTdlPtqfPu0H8CzCx2L4svdUbGeySces_ulI0SR83mFs0rLIMxa1OXT3XTQ0kwTF7yoL0Sxmob5FlIdkbxvc9bDLyFHwsQYTRYbpqNAkQQMcSIu74NKmlcx4An8qcaXOAGOKsPZgRKFe7HBesWostGidueEOFkdbDbvJeYIbLZNMybpYGOBJV39oauZAcNobjNWZv5aOhT97Cpg4Fbtos5R8aFY7_9iPNZ4UsSHEMyumLfU2SZdVGhB7VZqWgMuTsAJ8l-nsKTssaWo9PlmW4StKOpvQ_qaUVs2p5hE88XANfkOUjJ3WLyNhG48oc_UjbwR2MFfM9LJ4PgHopkpb-X1G0JEHZ9V_ksSNodlDCsP923lXiO8LEEz2Ob09_a8rFw-jDbAvXL-EIX6osjz1S__O2KI9656Bsh_cElgxyOaodsBq8xRkPxYVLMJhBq7v7CGxJyfMIzQnt9Z1Z0j90n6TjebjYwezqFDGYhTB_cTCgoIMccv1UnT8zevDEWw8h4H_Xe-oW5Z7qTEcAeHfRMwRtUjg9WsUGFqb9gG4kei042K9hsCNa4h7aHnn4iGWQOoCIMks99rMhmdo3HudYyFobtEwIOtasOpnc1zLh-jkND2nVcxvZbtP2Gnk76vvjFGv4_IZcOpakaC6g8y3vGGRyoM3T_X5HmM8jSz9cE7OYWUjogCNeA1jAWxBT8nEjlN1GRZlsn8xahAO_jQUPpDccGNfn0H7JrMftfARSiVKMSIfecVBjQwumfTzDWIbMrXv0iw3i315uiWyKBRph0O

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020120801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5FBE 274 KB
97 KB 40ms
40ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Dec 2020 09:42:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98829
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:18 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 22ms
21ms Other
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.123greetings.com%2F&domain=www.123greetings.com&cw=1&lsw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.123greetings.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 704
date: Wed, 30 Dec 2020 18:33:18 GMT
content-length: 2

OPTIONS
H2 204 pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ Frame 0
0 392ms
125ms Other 193.122.128.135
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_4.19.0
Protocol: H2
Server: 193.122.128.135 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 30 Dec 2020 18:33:19 GMT
access-control-allow-headers: content-type
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 955070012
age: 0
via: 1.1 varnish

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5FBE
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.123greetings.com%2F&domain=www.123greetings.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=A6SsDHxsaHY3MVR1bUhWcUhFVVdnTEhPYzRRUkE2T2h3T3B2NVpmRk9pUkxJbjFFbkVwM3Rza1hCSCtzeUhXQnNDV3ZVUlgwbEE3cHJnbVdZcHhLS1NXRFlqVVNBSXlOZEZZeDRQbzQyYnpxSlFMdWF4bzlCcUVITnhCRT...

355 B
648 B

138ms
46ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=A6SsDHxsaHY3MVR1bUhWcUhFVVdnTEhPYzRRUkE2T2h3T3B2NVpmRk9pUkxJbjFFbkVwM3Rza1hCSCtzeUhXQnNDV3ZVUlgwbEE3cHJnbVdZcHhLS1NXRFlqVVNBSXlOZEZZeDRQbzQyYnpxSlFMdWF4bzlCcUVITnhCRTNWRC9OdXV5SWxIdUlQeDkwbEZlb20wUCs0VHZnSldqZ0VLZWhhRDlmNlhjNmNOY3VUT2tQVWJlWDVSV2t3eE40ZTVyY2h4aGluUVp4QmQ3ZGVIYTlkZjRydGJmdVltUXFQWDlrWmpkbjF4OS84VWtDQ0hRPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

85fb72b93ac26f52a2f0b73e9e1aedf11670485a40bb9cc72e4a3f2ff4bdf4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 30 Dec 2020 18:33:18 GMT
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1138
content-length: 355
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 30 Dec 2020 18:33:18 GMT
location: https://mug.criteo.com/sid?cpp=A6SsDHxsaHY3MVR1bUhWcUhFVVdnTEhPYzRRUkE2T2h3T3B2NVpmRk9pUkxJbjFFbkVwM3Rza1hCSCtzeUhXQnNDV3ZVUlgwbEE3cHJnbVdZcHhLS1NXRFlqVVNBSXlOZEZZeDRQbzQyYnpxSlFMdWF4bzlCcUVITnhCRTNWRC9OdXV5SWxIdUlQeDkwbEZlb20wUCs0VHZnSldqZ0VLZWhhRDlmNlhjNmNOY3VUT2tQVWJlWDVSV2t3eE40ZTVyY2h4aGluUVp4QmQ3ZGVIYTlkZjRydGJmdVltUXFQWDlrWmpkbjF4OS84VWtDQ0hRPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1633
content-length: 482
expires: 0

POST
H/1.1 200
OK cookie_sync Show response
prebidserver.pixfuture.com/ Frame 5FBE 275 B
649 B 379ms
122ms XHR
application/json 157.245.94.128
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/cookie_sync
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.94.128 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6a99e7d178fd19b946a936a0f64d31a1af2e843b889ab515ada00d38622c5d67

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Dec 2020 18:33:19 GMT
Server: nginx/1.14.0 (Ubuntu)
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 275
Expires: 0

POST
H/1.1 200
OK auction Show response
prebidserver.pixfuture.com/openrtb2/ Frame 5FBE 105 B
464 B 394ms
137ms XHR
application/json 157.245.94.128
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebidserver.pixfuture.com/openrtb2/auction
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.94.128 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3c31de420ea4980a8c892497e2c0526542a81e975928a036c7b0db8e99c4a65d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Dec 2020 18:33:19 GMT
Server: nginx/1.14.0 (Ubuntu)
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 105
Expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5FBE 144 B
1 KB 147ms
74ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

47e42db1a13cad7038692045d3e7d3eb6d749761670e20ecae0b3a39ea46ce20

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 30 Dec 2020 18:33:19 GMT
X-Proxy-Origin: 185.156.175.187; 185.156.175.187; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid: f3db620c-e073-4dbb-9113-171ee149884d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 pixfuture Show response
pixfuture.technoratimedia.com/openrtb/bids/ Frame 5FBE 0
297 B 377ms
129ms XHR
text/plain 193.122.128.135
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_4.19.0
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.128.135 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 30 Dec 2020 18:33:19 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 1066535181
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true

GET
H2 200 hb Show response
ice.360yield.com/ Frame 5FBE 97 B
517 B 167ms
88ms XHR
application/json 52.28.69.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2218a86935234a68f%22%2C%22version%22%3A%227.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%2226%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22481751a9-d714-41a3-b3e8-d64bf0b92424%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228ad2142322bad%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22pid%22%3A22292112%2C%22tid%22%3A%2215db3e84-0fc2-4fc0-b379-b5301e5ae1fb%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.69.126 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f48865d73c8d0872ffed2458a1014a817e713ed294f0568c73f98c00779fe8f3

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.123greetings.com
date: Wed, 30 Dec 2020 18:33:19 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 97
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 5FBE 243 B
829 B 180ms
68ms XHR
application/json 108.128.209.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=ticcez29&pi=3&si=28491&bf=728x90&schain=1.0%2C1!pixfuture.com%2C26%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.19.0%22%7D&ogu=null&ns=9318
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.209.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-209-152.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cc1026007f89a02aacd1fe58a66d36d652cdfef39dc959e679630d94bf66580e

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:19 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.123greetings.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 arj Show response
pixfuture2-d.openx.net/w/1.0/ Frame 5FBE 172 B
420 B 54ms
40ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=15db3e84-0fc2-4fc0-b379-b5301e5ae1fb&nocache=1609353199011&pubcid=481751a9-d714-41a3-b3e8-d64bf0b92424&schain=1.0%2C1!pixfuture.com%2C26%2C1%2C%2C%2C&aus=728x90&divIds=103x728x90x26x_ADSLOT1&auid=540580842&tps=bXlrZXl3b3JkPSZteW90aGVya2V5d29yZD0%3D
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.199.0 /
Resource Hash: a427c383b1971b24fbcef3ddcab28238369fb896e6eae9ec77c9c4a7bc46e2c1

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:19 GMT
content-encoding: gzip
server: OXGW/16.199.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.123greetings.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ Frame 5FBE 951 B
784 B 218ms
170ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: b5317538d5fcd2a3cbbd9a19745a7d89aa2130e3ec4bc9d955ceac7a47bf69a3

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Dec 2020 18:33:19 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.123greetings.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 489

GET
H/1.1 200
OK bidRequest Show response
c2shb.ssp.yahoo.com/ Frame 5FBE 62 B
663 B 187ms
108ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969105017575db4f32dc2eda5c0067&pos=pixfuture_network_news_728x90&cmd=bid&secure=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: da4f73e34cac70249f07115aa124de07e76f563336cb7ab19160be9c609c0b88

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 30 Dec 2020 18:33:19 GMT
Server: ATS/7.1.2.128
Age: 0
Access-Control-Allow-Methods: POST,GET,HEAD,OPTIONS
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.123greetings.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 62

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=207ca74e54cdfe5;misc=1609353199012; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ Frame 5FBE 47 B
269 B 151ms
131ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/9834/3344885/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=207ca74e54cdfe5;misc=1609353199012;
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 4b887bab8466ef253f320643b2a953c1b5b1be823834659b28c0c8b0c4d04f9a

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:19 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.123greetings.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
BLOB 200
OK 82651d0c-4620-4b03-a2a2-6a28f1af3922
https://www.123greetings.com/ 52 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.123greetings.com/82651d0c-4620-4b03-a2a2-6a28f1af3922
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27b6996a0f7ea420886fcb7b079d023a65391f41b283c92c38b60e8a157d6559

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 52893
Content-Type: application/javascript

GET
H/1.1 206
Partial Content ent40.ts Show response
h.vdo.ai/videos/categories/ 228 KB
228 KB 211ms
211ms XHR
video/mp2t 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash: ea18606e9f0b5edc595468756405e4026c4ff7111ff3ab504f3ee2176a456c2c

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-233495

Response headers

Date: Wed, 30 Dec 2020 18:33:19 GMT
Last-Modified: Tue, 03 Nov 2020 16:58:59 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5fa18c53-6002cc"
Content-Type: video/mp2t
Content-Range: bytes 0-233495/6292172
Connection: keep-alive
Content-Length: 233496

OPTIONS
H/1.1 204
No Content ent40.ts
h.vdo.ai/videos/categories/ Frame 0
0 122ms
122ms Other
text/plain 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Protocol: HTTP/1.1
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Wed, 30 Dec 2020 18:33:19 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 44ms
44ms Other
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 691
date: Wed, 30 Dec 2020 18:33:18 GMT
content-length: 2

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B3C0 42 B
94 B 27ms
26ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAGsmp3hiHjJ1cBKLpNFFlswzlvkPwg5PPiFpdYz1pWMVDhHcd91s-Kfg1YM87vReUVSyUL-KyEJC3c602KTIphCXnAuP9YpXYHDlA0aEQlFTqBYKdzShReTj-Cag13kporqR-ZZTCR-kN8smGdVyS&sai=AMfl-YRVye4S1ac4OTXrpvRCpUxIkfV_HMsI0BLem5Rqc6CfT-7CBmlfsqXORoCEXoHFnoatGMmVLVsJ4F9-2grSCwdTIOCp7f2-rywxbXCjXeaUF8tHZ-7v-qthhJdLvqar&sig=Cg0ArKJSzIEyc3bv8fLgEAE&cid=CAASPeRoxLJLdLOlCHCseVrzG16irVgX-6nFp16zk8CfOWqsM8PbwWpMY2sPRlzKi--ymSJ9D1ebGx7PE7oFO5A&id=ampim&o=495,535&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=405&tls=1405&g=100&h=100&tt=1406&r=v&avms=ampa&adk=3714999025

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0817 42 B
66 B 15ms
14ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvE4RhNWzjIpQkGEShJJYFrghe0tNqsKze8HZsGXzmrEUiZQELcHo4EYrMPttRLDgTXPzk2dCtmmvTnPN5qlb-3xCSiRiVTXXAuUh6A9FE&sig=Cg0ArKJSzBFwr3S8mOOqEAE&adk=1542450727&tt=-1&bs=1600%2C1200&mtos=0,1049,1049,1049,1049&tos=0,1049,0,0,0&p=236,1114,836,1274&mcvt=1049&rs=0&ht=0&tfs=552&tls=1601&mc=0.99&lte=-1&bas=0&bac=0&met=ie&avms=nio&niot_obs=437&niot_cbk=540&md=2&btr=0&cpmav=0&lm=2&rst=1609353197536&dlt&rpt=665&isd=0&msd=0&xdi=0&ps=1600%2C5520&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-3-10-10-0-0-0&tvt=1600&is=160%2C600&iframe_loc=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&r=v&id=osdim&vs=4&uc=11&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201211

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

400
Bad Request

setuid
prebidserver.pixfuture.com/ Frame 5FBE
Redirect Chain

https://cm.mgid.com/m?cdsp=363893&adu=https%3A%2F%2Fprebidserver.pixfuture.com%3A8000%2Fsetuid%3Fbidder%3Dmgid%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%7Bmuidn%7D
https://prebidserver.pixfuture.com:8000/setuid?bidder=mgid&gdpr=1&gdpr_consent=&uid=kbujENlHTdxa

36 B
36 B

374ms
125ms

Image
text/plain

157.245.94.128
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebidserver.pixfuture.com:8000/setuid?bidder=mgid&gdpr=1&gdpr_consent=&uid=kbujENlHTdxa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 157.245.94.128 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 30 Dec 2020 18:33:19 GMT
Server: nginx/1.14.0 (Ubuntu)
Vary: Origin
Content-Type: text/plain; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 36
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:19 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c3d79230-da05-4007-bcdb-257c15ace2f5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://prebidserver.pixfuture.com:8000/setuid?bidder=mgid&gdpr=1&gdpr_consent=&uid=kbujENlHTdxa
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 609dd9389a9c2325-ZRH
content-type: image/gif
cf-request-id: 075686175d000023256025f000000001
server: cloudflare

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 93E9 42 B
66 B 15ms
14ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWZMH8nkcUL2roEjh4iu9tXMDk-GInfHmVQ-hS_ttujPMecsSK47RdD1rvVE6EGEm-tUmv537CxEqZzTEj_gG5kNY-u3A4qOg9pBCbD3U&sig=Cg0ArKJSzOYg0QCIOxvcEAE&adk=3337616149&tt=-1&bs=1600%2C1200&mtos=0,1009,1009,1009,1009&tos=0,1009,0,0,0&p=47,560,137,1288&mcvt=1009&rs=0&ht=0&tfs=809&tls=1818&mc=0.99&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=630&niot_cbk=638&md=2&btr=0&cpmav=0&lm=2&rst=1609353197515&dlt&rpt=877&isd=0&msd=0&xdi=0&ps=1600%2C5520&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-3-11-11-0-0-0&tvt=1816&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20201211

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content ent40.ts Show response
h.vdo.ai/videos/categories/ 205 KB
205 KB 121ms
121ms XHR
video/mp2t 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash: b274a5e53502a5270f2ec056552d8ab5aab35ed6a4c81432cea70b9b3a7dff5d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=233496-443491

Response headers

Date: Wed, 30 Dec 2020 18:33:19 GMT
Last-Modified: Tue, 03 Nov 2020 16:58:59 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5fa18c53-6002cc"
Content-Type: video/mp2t
Content-Range: bytes 233496-443491/6292172
Connection: keep-alive
Content-Length: 209996

OPTIONS
H/1.1 204
No Content ent40.ts
h.vdo.ai/videos/categories/ Frame 0
0 118ms
117ms Other
text/plain 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Protocol: HTTP/1.1
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Wed, 30 Dec 2020 18:33:19 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame DDC8 92 KB
32 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/djax_elastic.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b06666a84e0d8fb440cd6dcfb4e9431e14f15ad1c20bc172fcafc23d9b081e76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33111
x-xss-protection: 0
server: cafe
etag: 3338715496686780052
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Dec 2020 18:33:19 GMT

GET
H/1.1 200
OK demo_track.js Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 5FBE 3 KB
3 KB 127ms
126ms Script
application/javascript 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v593
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12520120910320702226/r10
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:19 GMT
Last-Modified: Mon, 06 Jul 2020 13:30:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "5f032768-a4e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 2638
Expires: Fri, 01 Jan 2021 18:33:19 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame DDC8 234 KB
87 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Dec 2020 18:33:19 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame DDC8 12 B
215 B 40ms
39ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-1575911585432548&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame DDC8 109 B
150 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame DDC8 109 B
127 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5A7E 0
0 330ms
329ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=708427033&pi=t.ma~as.3157381981&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609353199810&bpp=4&bdt=28&idt=49&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ&correlator=6292967325366&frm=23&ife=4&pv=2&ga_vid=580540161.1609353195&ga_sid=1609353200&ga_hid=800192049&ga_fc=1&nhd=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=2537685136&scr_x=0&scr_y=0&oid=3&pvsid=3218131024019120&pem=845&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.lqcjcja2q8bj&fsb=1&dtd=56

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJaGse6r9u0CFVe33godAZkJkA&gqi=78fsX__hNdXHtwfQ_LHYDw&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-1575911585432548&output=html&h=90&slotname=3157381981&adk=141025852&adf=708427033&pi=t.ma~as.3157381981&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ea=0&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1609353199810&bpp=4&bdt=28&idt=49&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dd7d3d8ebfa8dd98e-2252303478b9006e%3AT%3D1609353196%3AS%3DALNI_Mb2Rg8A3CLk4Gg8vfDrNxoJ4LINyQ&correlator=6292967325366&frm=23&ife=4&pv=2&ga_vid=580540161.1609353195&ga_sid=1609353200&ga_hid=800192049&ga_fc=1&nhd=4&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=2537685136&scr_x=0&scr_y=0&oid=3&pvsid=3218131024019120&pem=845&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.lqcjcja2q8bj&fsb=1&dtd=56
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn2MnayjV2CLscTAXk9cIaII6wl-QA9W-FHVy_WMxsnuE2BDvIMaGo5psPt; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJaGse6r9u0CFVe33godAZkJkA&gqi=78fsX__hNdXHtwfQ_LHYDw&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 30 Dec 2020 18:33:20 GMT
server: cafe
content-length: 32610
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDC8 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607690616793149"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28334
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:19 GMT

POST
H/1.1 200
OK demo_track.php Show response
served-by.pixfuture.com/www/headerbid/library/tracking/ Frame 5FBE 36 B
615 B 372ms
126ms XHR
text/html 68.183.31.14
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.php
Requested by: Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/headerbid/library/tracking/demo_track.js?v593
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 30 Dec 2020 18:33:20 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Fri, 01 Jan 2021 18:33:20 GMT

POST
H3-Q050 204 csi
csi.gstatic.com/ 0
318 B 58ms
26ms Other
image/gif 2a00:1450:400e:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kjbrcb4i&c=6292967325366&slotId=3146483662683&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content videoplayback
r3---sn-4g5e6nsr.googlevideo.com/ 3 MB
3 MB 24ms
7ms Media
video/mp4 2a00:1450:4001:63::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nsr.googlevideo.com/videoplayback?expire=1609381999&ei=78fsX8T_MoL6WuP2rvgH&ip=2a01:4f8:192:5414::2&id=6cb24a474831e2f3&itag=22&source=youtube&requiressl=yes&mh=fb&mm=31&mn=sn-4g5e6nsr&ms=au&mv=m&mvi=3&pl=40&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=30.046&lmt=1601563202867072&mt=1609352913&txp=5432432&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAKi2ET-LQeknyH2bz1N1jKDZsaAeu5SZz8f2WykQM5A1AiEAhVYiQwC-rSpWQt1M8zqNqTksaiu3V2nE4qKgRGybc6U=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgBDz6HR81N0IvoQnivN4h_-cRncbCXCe8UXGOky4mfOYCIELOQ8TKmNb-z7BKErie-UXrRl5cRihsdbaB5h--WKWZ&cpn=xpGWefNDwLgAWS1X

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:63::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b5fa7f6c88bab6220bc21da88cbc9be45d7efb062e7208d5a1b85b7e2d50e626

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 01 Oct 2020 14:40:02 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-3055282/3055283
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3055283
Expires: Wed, 30 Dec 2020 18:33:20 GMT

GET
H/1.1 206
Partial Content ent40.ts Show response
h.vdo.ai/videos/categories/ 271 KB
271 KB 119ms
119ms XHR
video/mp2t 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash: 66f2fcd1b9f213946a387c254f5ef2bc3b3ddef474a236ba1c22059faae48aa3

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=443492-721167

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Last-Modified: Tue, 03 Nov 2020 16:58:59 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5fa18c53-6002cc"
Content-Type: video/mp2t
Content-Range: bytes 443492-721167/6292172
Connection: keep-alive
Content-Length: 277676

OPTIONS
H/1.1 204
No Content ent40.ts
h.vdo.ai/videos/categories/ Frame 0
0 131ms
131ms Other
text/plain 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Protocol: HTTP/1.1
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Wed, 30 Dec 2020 18:33:20 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 121ms
119ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 121ms
120ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 119ms
119ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 121ms
121ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Origin: https://www.123greetings.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 126ms
118ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=ad_match0&uid=65ce6236-f560-478c-90c7-adccd0a44e8e&t=1609353200083
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 259ms
133ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=video_loaded&uid=65ce6236-f560-478c-90c7-adccd0a44e8e&t=1609353200084
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 17ms
8ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=375897132&t=event&_s=7&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Marie%20Poulsen%20from%20Rama%20Weizmann&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=video_loaded&el=c7e4a18&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&gtm=2oubu0&z=1102573243

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 03:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53097
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 377ms
117ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=website_pageview_match&uid=65ce6236-f560-478c-90c7-adccd0a44e8e&t=1609353200087
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 17ms
8ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=375897132&t=event&_s=8&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Marie%20Poulsen%20from%20Rama%20Weizmann&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview_match&el=c7e4a18&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&gtm=2oubu0&z=1222181959

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 03:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53097
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 379ms
119ms Image
image/gif 51.79.79.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=pageview_match&uid=65ce6236-f560-478c-90c7-adccd0a44e8e&t=1609353200089
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.79.82 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns568735.ip-51-79-79.net
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 16ms
8ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=375897132&t=event&_s=9&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Marie%20Poulsen%20from%20Rama%20Weizmann&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview_match&el=c7e4a18&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&gtm=2oubu0&z=1272735374

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 03:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53097
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DDC8 8 KB
6 KB 62ms
62ms XHR
application/json 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e906065f70331d022b2c68a332a34a59da0bdb72321417725a6a39a0376db69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Dec 2020 18:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6429
x-xss-protection: 0

GET
H/1.1 206
Partial Content ent40.ts Show response
h.vdo.ai/videos/categories/ 266 KB
267 KB 120ms
119ms XHR
video/mp2t 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash: 36448ad7c8a0ebaede61a354ff0eb0c7a7cb0ecd0705a8100ff1762abbab8287

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=721168-993955

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Last-Modified: Tue, 03 Nov 2020 16:58:59 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5fa18c53-6002cc"
Content-Type: video/mp2t
Content-Range: bytes 721168-993955/6292172
Connection: keep-alive
Content-Length: 272788

OPTIONS
H/1.1 204
No Content ent40.ts
h.vdo.ai/videos/categories/ Frame 0
0 118ms
118ms Other
text/plain 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Protocol: HTTP/1.1
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Wed, 30 Dec 2020 18:33:20 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DDC8 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 30 Dec 2020 18:33:20 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame E662 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 30 Dec 2020 17:37:50 GMT
expires: Thu, 30 Dec 2021 17:37:50 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3330
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 103861_th.gif
i.123g.us/c/ejan_epiphanyday/th/ 7 KB
7 KB 35ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_epiphanyday/th/103861_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e694f33711aa21f4bc6d7745df8a71df916a7ed735c0245b6c294baa5a8d913d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:05 GMT
Last-Modified: Wed, 05 Aug 2015 11:11:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713475
ETag: "1bcb-51c8e76e1da40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7115
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:58:04 GMT

GET
H/1.1 200
OK 336844_th.gif
i.123g.us/c/ejan_ny_happy/th/ 8 KB
8 KB 36ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/336844_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 17e4ce4b9cbbb056783083576973602113b5208319d9038be8487f50d4dd7485

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:04 GMT
Last-Modified: Tue, 08 Dec 2020 12:31:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713476
ETag: "1f2c-5b5f31e626ac0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7980
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:10 GMT

GET
H/1.1 200
OK 341750_th.jpg
i.123g.us/c/ejan_orthodoxnew_year/th/ 8 KB
8 KB 37ms
36ms Image
image/jpeg 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/341750_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fd9c5b4c088958c2991b464c928739f0c956875c8dd947a4169b1f857f5c8ae4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 14:24:08 GMT
Last-Modified: Mon, 28 Dec 2020 13:52:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 187752
ETag: "1f44-5b786956cf600"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8004
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 15:49:58 GMT

GET
H/1.1 200
OK 332228_th.gif
i.123g.us/c/ejan_ny_happy/th/ 6 KB
7 KB 34ms
32ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/332228_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0cf35f07795c660e4c60a9ad862e62af9dfa4f2de3faf5538b081895204098e6

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 07:22:49 GMT
Last-Modified: Mon, 30 Nov 2020 08:12:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 385831
ETag: "19b3-5b54e935d6000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6579
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 10:36:44 GMT

GET
H/1.1 200
OK 345324_th.gif
i.123g.us/c/ejan_orthodoxnew_year/th/ 7 KB
7 KB 52ms
38ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/345324_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ef944c738ecf6aa4234cc1282bcb00325e02f90149f946fb58266aa878487cc

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 09:57:38 GMT
Last-Modified: Mon, 28 Dec 2020 06:48:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 203742
ETag: "1c4b-5b780a88c09c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7243
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 10:12:38 GMT

GET
H/1.1 200
OK 341615_th.gif
i.123g.us/c/ejan_ny_happy/th/ 8 KB
8 KB 52ms
38ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/341615_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21b0414773d12d99d3b12aa6e561370493f374d3e82ad2d4647f775fa27b5585

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:23:28 GMT
Last-Modified: Tue, 15 Dec 2020 14:19:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713392
ETag: "1ffb-5b68173b79200"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8187
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:38:28 GMT

GET
H/1.1 200
OK 121385_th.gif
i.123g.us/c/ejan_thankyoucards/th/ 8 KB
8 KB 40ms
39ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/121385_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eda11c9193950556c5c996d33524cd9d9dc08f742d43460efe2193083b93f0c4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:32:56 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 712824
ETag: "1f90-4f323b80b5d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8080
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 17:05:16 GMT

GET
H/1.1 200
OK 117004_th.gif
i.123g.us/c/ejan_ny_thanku/th/ 7 KB
7 KB 57ms
56ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_thanku/th/117004_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3c316ed222febb84e230551c6cc8f856f5bde70076c91ff0ca24a8c191592352

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:48 GMT
Last-Modified: Mon, 02 Nov 2020 07:29:16 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713432
ETag: "1c97-5b31ab41eeb00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7319
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:40:37 GMT

GET
H/1.1 200
OK 121394_th.gif
i.123g.us/c/ejan_thankyoucards/th/ 8 KB
8 KB 36ms
35ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/121394_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7516ab595a6d37e8976328b4043a1bf17a4a9d90feb9c1a7c442dfb8b6af2feb

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:42:31 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 712249
ETag: "1f46-4f323b80b5d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8006
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 08:24:41 GMT

GET
H/1.1 200
OK 120846_th.gif
i.123g.us/c/ejan_danceday/th/ 4 KB
4 KB 33ms
32ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_danceday/th/120846_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2b0399929f166d79f3dd74c1f6e1bb10cc6f8205daa4ebf8dc234d41a136f0f0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 06:39:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 561219
ETag: "100b-4f323d104cbc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4107
jake_test: Test_Pass
Expires: Tue, 29 Dec 2020 15:05:16 GMT

GET
H/1.1 200
OK 341706_th.gif
i.123g.us/c/ejan_orthodoxchristmas/th/ 8 KB
8 KB 37ms
36ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxchristmas/th/341706_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c5f99a5c3138bad204bc948a512fec9915ea748a01ccf12d90231a4eeaf654c7

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:25:58 GMT
Last-Modified: Mon, 30 Dec 2019 10:34:06 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713242
ETag: "1fa0-59ae962036380"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8096
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 08:10:35 GMT

GET
H/1.1 200
OK 315819_th.jpg
i.123g.us/c/ejan_bubblebathday/th/ 6 KB
7 KB 34ms
33ms Image
image/jpeg 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_bubblebathday/th/315819_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1f43a6c0703598c9c717bb370bc7c34e5ec71547923ffbe5731e12b2aed733b4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 18:12:48 GMT
Last-Modified: Mon, 05 Jan 2015 13:23:11 GMT
Server: Apache/2.2.15 (CentOS)
Age: 519632
ETag: "19e5-50be797854dc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6629
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 11:45:43 GMT

GET
H/1.1 200
OK 341705_th.gif
i.123g.us/c/ejan_orthodoxchristmas/th/ 8 KB
8 KB 43ms
42ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxchristmas/th/341705_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4d3488633d427920b4765661f6037c8705d8bb3218e3f1e864027ab5b2dab95f

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 04:23:04 GMT
Last-Modified: Sat, 28 Dec 2019 05:35:21 GMT
Server: Apache/2.2.15 (CentOS)
Age: 655816
ETag: "1ff5-59abcf9ead840"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8181
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 04:38:04 GMT

GET
H/1.1 200
OK 109293_th.gif
i.123g.us/c/ejan_danceday/th/ 6 KB
7 KB 41ms
41ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_danceday/th/109293_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 58694980bbc66f470a6a28d1bc7291726a7990beeb63a78eaeb04f64a4e7956d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 21:23:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 680979
ETag: "189d-4f323d104cbc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6301
jake_test: Test_Pass
Expires: Thu, 24 Dec 2020 06:54:41 GMT

GET
H/1.1 206
Partial Content ent40.ts Show response
h.vdo.ai/videos/categories/ 263 KB
264 KB 160ms
160ms XHR
video/mp2t 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash: 737c97e23226153564a68174b9478df9fecac9ef6723d89dfc0463c306e567fb

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=993956-1263547

Response headers

Date: Wed, 30 Dec 2020 18:33:20 GMT
Last-Modified: Tue, 03 Nov 2020 16:58:59 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5fa18c53-6002cc"
Content-Type: video/mp2t
Content-Range: bytes 993956-1263547/6292172
Connection: keep-alive
Content-Length: 269592

OPTIONS
H/1.1 204
No Content ent40.ts
h.vdo.ai/videos/categories/ Frame 0
0 118ms
117ms Other
text/plain 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Protocol: HTTP/1.1
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Wed, 30 Dec 2020 18:33:20 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 5FBE 0
200 B 82ms
81ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Dec 2020 18:33:20 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 5FBE 109 B
546 B 280ms
96ms XHR
application/json 54.154.164.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.164.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-164-132.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 457a41ab60ded1bf0e16aafcab0467793e2412ca2736aa650f72824acc0f839e

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Dec 2020 18:33:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.123greetings.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 29 Jan 2021 18:33:20 GMT

GET
H2 200 /
onetag-sys.com/usync/ Frame C0A1 0
0 170ms
65ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.253 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=59a18369e249bfb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=2592000

GET
H/1.1 200
OK sync.html
s.adtelligent.com/ Frame 4C6B 0
0 194ms
24ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=435035
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

Server: VertaMedia 1.0
Date: Wed, 30 Dec 2020 18:33:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 581
Access-Control-Allow-Origin: https://www.123greetings.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 200 usersync.html
ad-cdn.technoratimedia.com/html/ Frame DF2E 0
0 202ms
34ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.19.0
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C9B) /
Resource Hash

Request headers

:method: GET
:authority: ad-cdn.technoratimedia.com
:scheme: https
:path: /html/usersync.html?src=prebid_prebid_4.19.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tads_uid=GDPR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 814
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Wed, 30 Dec 2020 18:33:20 GMT
etag: "3fc5-5aee1960f1a00"
expires: Wed, 30 Dec 2020 18:48:20 GMT
last-modified: Wed, 09 Sep 2020 13:39:52 GMT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server: ECAcc (mil/6C9B)
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-varnish: 172318310
content-length: 5244

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 58B7 0
0 99ms
34ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.199.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=481751a9-d714-41a3-b3e8-d64bf0b92424|1609353199
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=481751a9-d714-41a3-b3e8-d64bf0b92424|1609353199; Version=1; Expires=Thu, 30-Dec-2021 18:33:20 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1609353200|gekin0vNiygu; Version=1; Expires=Thu, 14-Jan-2021 18:33:20 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.199.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 30 Dec 2020 18:33:20 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2

200

/
de.tynt.com/deb/ Frame 5050
Redirect Chain

https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
https://de.tynt.com/deb/?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X

0
0

416ms
139ms

Document
text/html

208.100.17.186
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12520120910320702226/r10
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uid=CmUMKl/sx/GyITnGOfb/Ag==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires: Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Wed, 30 Dec 2020 18:33:20 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

server: nginx/1.16.1
date: Wed, 30 Dec 2020 18:33:21 GMT
content-type: text/html; charset=utf-8
content-length: 171
location: https://de.tynt.com/deb/?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
set-cookie: uid=CmUMKl/sx/GyITnGOfb/Ag==; expires=Thu, 30-Dec-21 18:33:21 GMT; domain=tynt.com; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame BD38 0
0 390ms
45ms Document
text/html 95.101.184.231
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.184.231 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-184-231.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgI3sJXEAoYASABKAEw74-z_wU4AUABSAEQ74-z_wUYAA..; uuid2=839682203086268112
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 31 Dec 2020 18:33:23 GMT
Date: Wed, 30 Dec 2020 18:33:21 GMT
Connection: keep-alive

GET
H/1.1

200
OK

Cookie set csync
sync.adtelligent.com/ Frame 25C3
Redirect Chain

https://creativecdn.com/cm-notify?pi=adtelligent
https://ams.creativecdn.com/cm-notify?pi=adtelligent&tc=1
https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=IXs0ybkpg0Izo0eeC2an&pi=adtelligent&tc=1

0
0

949ms
776ms

Document
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=IXs0ybkpg0Izo0eeC2an&pi=adtelligent&tc=1
Requested by: Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/prebid4.19.0.js?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash

Request headers

Host: sync.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12520120910320702226/r10

Response headers

Server: VertaMedia 1.0
Date: Wed, 30 Dec 2020 18:33:21 GMT
Content-Type: image/gif
Content-Length: 43
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=d1891896c628ffb7; expires=Tue, 02 Mar 2021 18:33:21 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a307355=IXs0ybkpg0Izo0eeC2an; expires=Tue, 02 Mar 2021 18:33:21 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

date: Wed, 30 Dec 2020 18:33:21 GMT Wed, 30 Dec 2020 18:33:21 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=IXs0ybkpg0Izo0eeC2an&pi=adtelligent&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 5FBE
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=a265e13f-c70c-4dbd-82b2-deb615c5d554

43 B
504 B

1197ms
722ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=a265e13f-c70c-4dbd-82b2-deb615c5d554
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:20 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=a265e13f-c70c-4dbd-82b2-deb615c5d554
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 16vas2ek9mlcse1ig1kbm2ukeqv9mj72

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 5FBE
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=38ef30dd4f048a2f27271b46

43 B
492 B

1043ms
674ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=38ef30dd4f048a2f27271b46
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Dec 2020 18:33:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Wed, 30 Dec 2020 18:33:21 GMT
Server: nginx
Location: https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=38ef30dd4f048a2f27271b46
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 5FBE
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d1891896c628ffb7

35 B
232 B

187ms
55ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d1891896c628ffb7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:21 GMT
server: nginx
content-type: image/gif
content-length: 35
p3p: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=d1891896c628ffb7
Date: Wed, 30 Dec 2020 18:33:21 GMT
Server: VertaMedia 1.0
Content-Length: 0

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 5FBE 0
46 B 99ms
94ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Dec 2020 18:33:20 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.123greetings.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 5FBE 109 B
546 B 200ms
95ms XHR
application/json 54.154.164.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.164.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-164-132.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1e66fd8c60e4d0ad7439cb9483dc87b104b2d6cc351e933fc6c8fe84178777b2

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Dec 2020 18:33:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.123greetings.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 29 Jan 2021 18:33:20 GMT

GET
H/1.1 206
Partial Content ent40.ts Show response
h.vdo.ai/videos/categories/ 269 KB
270 KB 118ms
118ms XHR
video/mp2t 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash: b9a3ef04685bb644dd6937c795f72938cea1fdf6f2d9f1593a166250c13337a9

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=1263548-1539343

Response headers

Date: Wed, 30 Dec 2020 18:33:21 GMT
Last-Modified: Tue, 03 Nov 2020 16:58:59 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5fa18c53-6002cc"
Content-Type: video/mp2t
Content-Range: bytes 1263548-1539343/6292172
Connection: keep-alive
Content-Length: 275796

OPTIONS
H/1.1 204
No Content ent40.ts
h.vdo.ai/videos/categories/ Frame 0
0 117ms
117ms Other
text/plain 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Protocol: HTTP/1.1
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Wed, 30 Dec 2020 18:33:21 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DDC8 0
46 B 17ms
16ms Image
image/gif 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201203&jk=3218131024019120&bg=!VFelV3fNAAUbEDgJG1jPBvB-49iG_wIAAAGYUgAAABxoAQcKAGS9tmu68K_LH0gl0rRvJ2lnGe2bGV5ZsZ9NEcZRvoMgn8yEfc_L7JNdV1BnTGyGf0XFGc7GXNXTtN0OYh6cZStpKEZK1WpwiTWnWRb1vNsqQDh8f0HhAS6DIitu2T01PIMpmHyGmQIdLmxOjyd1JouEtnWQ8CIJzVU0H6ZCeuva0vzRNpY02j2cjAR_htc17oURK2_m0I7RE9ylUgUdaTffgQsOjMbAG7eZFHMkCpjTqF1aDkFjpL3V_TtIRYlYLzU37Yc7971uxkYIpD2oo87nduVvB_RqwdyFYSpmvNF6jHLvQ7L5IUH_7luAHRgQ0UOmv_K7yy8HpFegTAP2IUkxe1v43ujTCgkAjRNw9hZMmj2SfnWUBCTXgkeVHtUTsO9XsJTg643kAhLFOOZ-A7TeTMj1Xgy_vuanskXBdxgi0BUjVnBWYuruN2vt4z9tSbb56KsSZ4zJ0b52YDnZacJ1xrFWJc1F4LG5xkDbobbAaqoiiAR_ImrSOlMmPrpbWvgIvLNdTP0Vd-3D0AKWWswT0WADl8Zqpcn4FN1b3F5fp-nAjfuX1ARDOoyMAGanKqJ5OByes0J2w-WyUZ56NfyEWTFnkJD2HHi1P4a29iHCha38gE1bdymTDWHbUh8b1LsO8x7yJ0eUe-3_vqPC1FQSaAdS5C3sTr9GQNjztj3Sg-VTX022SlkvmWjPryH9u3Q528P8E55T3wA-2pqgBNlLFw-sZyI0cj5F5ooWsyjCKR_bYTmON_VmfRVyF_uB20XI5YgtSGJHF8Gxmu-ZbNvZahtNnE1Vc7_UadPcK4KW9cxrQRAiw4PvizvqMWG3oQJMlWqQEQFAPsiD8Y7i4Ly0_B9HLQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 18:33:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content ent40.ts Show response
h.vdo.ai/videos/categories/ 250 KB
250 KB 118ms
118ms XHR
video/mp2t 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash: 51947342f432ee0050863c56f8718f385a5f695b75658212aa81b8e563a08317

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=1539344-1794835

Response headers

Date: Wed, 30 Dec 2020 18:33:21 GMT
Last-Modified: Tue, 03 Nov 2020 16:58:59 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5fa18c53-6002cc"
Content-Type: video/mp2t
Content-Range: bytes 1539344-1794835/6292172
Connection: keep-alive
Content-Length: 255492

OPTIONS
H/1.1 204
No Content ent40.ts
h.vdo.ai/videos/categories/ Frame 0
0 118ms
118ms Other
text/plain 144.217.67.230
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent40.ts
Protocol: HTTP/1.1
Server: 144.217.67.230 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns536587.ip-144-217-67.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Wed, 30 Dec 2020 18:33:21 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=375897132&t=event&_s=10&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12520120910320702226%2Fr10&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Marie%20Poulsen%20from%20Rama%20Weizmann&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=impression_video&el=c7e4a18&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=580540161.1609353195&tid=UA-113932176-29&_gid=585063894.1609353195&gtm=2oubu0&z=2014023440

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Dec 2020 03:48:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53099
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 109293_th.gif
i.123g.us/c/ejan_danceday/th/ 6 KB
7 KB 42ms
40ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_danceday/th/109293_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 58694980bbc66f470a6a28d1bc7291726a7990beeb63a78eaeb04f64a4e7956d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 21:23:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 680982
ETag: "189d-4f323d104cbc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6301
jake_test: Test_Pass
Expires: Thu, 24 Dec 2020 06:54:41 GMT

GET
H/1.1 200
OK 103861_th.gif
i.123g.us/c/ejan_epiphanyday/th/ 7 KB
7 KB 34ms
33ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_epiphanyday/th/103861_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e694f33711aa21f4bc6d7745df8a71df916a7ed735c0245b6c294baa5a8d913d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:05 GMT
Last-Modified: Wed, 05 Aug 2015 11:11:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713478
ETag: "1bcb-51c8e76e1da40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7115
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:58:04 GMT

GET
H/1.1 200
OK 336844_th.gif
i.123g.us/c/ejan_ny_happy/th/ 8 KB
8 KB 43ms
41ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/336844_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 17e4ce4b9cbbb056783083576973602113b5208319d9038be8487f50d4dd7485

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:04 GMT
Last-Modified: Tue, 08 Dec 2020 12:31:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713479
ETag: "1f2c-5b5f31e626ac0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7980
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:10 GMT

GET
H/1.1 200
OK 341750_th.jpg
i.123g.us/c/ejan_orthodoxnew_year/th/ 8 KB
8 KB 37ms
35ms Image
image/jpeg 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/341750_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fd9c5b4c088958c2991b464c928739f0c956875c8dd947a4169b1f857f5c8ae4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 14:24:08 GMT
Last-Modified: Mon, 28 Dec 2020 13:52:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 187755
ETag: "1f44-5b786956cf600"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8004
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 15:49:58 GMT

GET
H/1.1 200
OK 332228_th.gif
i.123g.us/c/ejan_ny_happy/th/ 6 KB
7 KB 33ms
31ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/332228_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0cf35f07795c660e4c60a9ad862e62af9dfa4f2de3faf5538b081895204098e6

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 07:22:49 GMT
Last-Modified: Mon, 30 Nov 2020 08:12:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 385834
ETag: "19b3-5b54e935d6000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6579
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 10:36:44 GMT

GET
H/1.1 200
OK 345324_th.gif
i.123g.us/c/ejan_orthodoxnew_year/th/ 7 KB
7 KB 35ms
33ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/345324_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ef944c738ecf6aa4234cc1282bcb00325e02f90149f946fb58266aa878487cc

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 09:57:38 GMT
Last-Modified: Mon, 28 Dec 2020 06:48:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 203745
ETag: "1c4b-5b780a88c09c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7243
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 10:12:38 GMT

GET
H/1.1 200
OK 341615_th.gif
i.123g.us/c/ejan_ny_happy/th/ 8 KB
8 KB 35ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/341615_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21b0414773d12d99d3b12aa6e561370493f374d3e82ad2d4647f775fa27b5585

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:23:28 GMT
Last-Modified: Tue, 15 Dec 2020 14:19:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713395
ETag: "1ffb-5b68173b79200"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8187
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:38:28 GMT

GET
H/1.1 200
OK 121385_th.gif
i.123g.us/c/ejan_thankyoucards/th/ 8 KB
8 KB 40ms
39ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/121385_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eda11c9193950556c5c996d33524cd9d9dc08f742d43460efe2193083b93f0c4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:32:56 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 712827
ETag: "1f90-4f323b80b5d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8080
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 17:05:16 GMT

GET
H/1.1 200
OK 117004_th.gif
i.123g.us/c/ejan_ny_thanku/th/ 7 KB
7 KB 35ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_thanku/th/117004_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3c316ed222febb84e230551c6cc8f856f5bde70076c91ff0ca24a8c191592352

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:48 GMT
Last-Modified: Mon, 02 Nov 2020 07:29:16 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713435
ETag: "1c97-5b31ab41eeb00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7319
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:40:37 GMT

GET
H/1.1 200
OK 121394_th.gif
i.123g.us/c/ejan_thankyoucards/th/ 8 KB
8 KB 35ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/121394_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7516ab595a6d37e8976328b4043a1bf17a4a9d90feb9c1a7c442dfb8b6af2feb

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:42:31 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 712252
ETag: "1f46-4f323b80b5d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8006
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 08:24:41 GMT

GET
H/1.1 200
OK 120846_th.gif
i.123g.us/c/ejan_danceday/th/ 4 KB
4 KB 32ms
32ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_danceday/th/120846_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2b0399929f166d79f3dd74c1f6e1bb10cc6f8205daa4ebf8dc234d41a136f0f0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 06:39:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 561222
ETag: "100b-4f323d104cbc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4107
jake_test: Test_Pass
Expires: Tue, 29 Dec 2020 15:05:16 GMT

GET
H/1.1 200
OK 341706_th.gif
i.123g.us/c/ejan_orthodoxchristmas/th/ 8 KB
8 KB 38ms
37ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxchristmas/th/341706_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c5f99a5c3138bad204bc948a512fec9915ea748a01ccf12d90231a4eeaf654c7

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:25:58 GMT
Last-Modified: Mon, 30 Dec 2019 10:34:06 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713245
ETag: "1fa0-59ae962036380"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8096
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 08:10:35 GMT

GET
H/1.1 200
OK 315819_th.jpg
i.123g.us/c/ejan_bubblebathday/th/ 6 KB
7 KB 36ms
35ms Image
image/jpeg 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_bubblebathday/th/315819_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1f43a6c0703598c9c717bb370bc7c34e5ec71547923ffbe5731e12b2aed733b4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 18:12:48 GMT
Last-Modified: Mon, 05 Jan 2015 13:23:11 GMT
Server: Apache/2.2.15 (CentOS)
Age: 519635
ETag: "19e5-50be797854dc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6629
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 11:45:43 GMT

GET
H/1.1 200
OK 341705_th.gif
i.123g.us/c/ejan_orthodoxchristmas/th/ 8 KB
8 KB 35ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxchristmas/th/341705_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4d3488633d427920b4765661f6037c8705d8bb3218e3f1e864027ab5b2dab95f

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 04:23:04 GMT
Last-Modified: Sat, 28 Dec 2019 05:35:21 GMT
Server: Apache/2.2.15 (CentOS)
Age: 655819
ETag: "1ff5-59abcf9ead840"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8181
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 04:38:04 GMT

GET
H2 200 cross.svg
a.vdo.ai/core/assets/img/ 712 B
901 B 16ms
15ms Image
image/svg+xml 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/cross.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d456e800a4ff42bd90b8be54da2a5d63d99bd12c4e947145f461bc5c1ca10ca5

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Dec 2020 18:33:25 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1288
cf-ray: 609dd95bcf5296e0-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
cf-request-id: 0756862d5e000096e04730a000000001
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KRqOErDaG4QDrL50gT5qRWNdT4yBpT9u5qFqfy6XFcntEuRlqFqDF3XZzzCf47ZfHnfIzsxCqCanigGL7Ls7PZptn5U5XJ3jOEw%2BBRF%2BHocCF8CWEw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 4074717 196665
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: image/svg+xml
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK 341705_th.gif
i.123g.us/c/ejan_orthodoxchristmas/th/ 8 KB
8 KB 36ms
35ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxchristmas/th/341705_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4d3488633d427920b4765661f6037c8705d8bb3218e3f1e864027ab5b2dab95f

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 04:23:04 GMT
Last-Modified: Sat, 28 Dec 2019 05:35:21 GMT
Server: Apache/2.2.15 (CentOS)
Age: 655822
ETag: "1ff5-59abcf9ead840"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8181
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 04:38:04 GMT

GET
H/1.1 200
OK 109293_th.gif
i.123g.us/c/ejan_danceday/th/ 6 KB
7 KB 34ms
33ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_danceday/th/109293_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 58694980bbc66f470a6a28d1bc7291726a7990beeb63a78eaeb04f64a4e7956d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 21:23:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 680985
ETag: "189d-4f323d104cbc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6301
jake_test: Test_Pass
Expires: Thu, 24 Dec 2020 06:54:41 GMT

GET
H/1.1 200
OK 103861_th.gif
i.123g.us/c/ejan_epiphanyday/th/ 7 KB
7 KB 36ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_epiphanyday/th/103861_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e694f33711aa21f4bc6d7745df8a71df916a7ed735c0245b6c294baa5a8d913d

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:05 GMT
Last-Modified: Wed, 05 Aug 2015 11:11:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713481
ETag: "1bcb-51c8e76e1da40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7115
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:58:04 GMT

GET
H/1.1 200
OK 336844_th.gif
i.123g.us/c/ejan_ny_happy/th/ 8 KB
8 KB 36ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/336844_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 17e4ce4b9cbbb056783083576973602113b5208319d9038be8487f50d4dd7485

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:04 GMT
Last-Modified: Tue, 08 Dec 2020 12:31:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713482
ETag: "1f2c-5b5f31e626ac0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7980
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:10 GMT

GET
H/1.1 200
OK 341750_th.jpg
i.123g.us/c/ejan_orthodoxnew_year/th/ 8 KB
8 KB 36ms
34ms Image
image/jpeg 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/341750_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fd9c5b4c088958c2991b464c928739f0c956875c8dd947a4169b1f857f5c8ae4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 14:24:08 GMT
Last-Modified: Mon, 28 Dec 2020 13:52:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 187758
ETag: "1f44-5b786956cf600"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8004
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 15:49:58 GMT

GET
H/1.1 200
OK 332228_th.gif
i.123g.us/c/ejan_ny_happy/th/ 6 KB
7 KB 38ms
36ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/332228_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0cf35f07795c660e4c60a9ad862e62af9dfa4f2de3faf5538b081895204098e6

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 07:22:49 GMT
Last-Modified: Mon, 30 Nov 2020 08:12:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 385837
ETag: "19b3-5b54e935d6000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6579
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 10:36:44 GMT

GET
H/1.1 200
OK 345324_th.gif
i.123g.us/c/ejan_orthodoxnew_year/th/ 7 KB
7 KB 34ms
33ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/345324_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7ef944c738ecf6aa4234cc1282bcb00325e02f90149f946fb58266aa878487cc

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 09:57:38 GMT
Last-Modified: Mon, 28 Dec 2020 06:48:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 203748
ETag: "1c4b-5b780a88c09c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7243
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 10:12:38 GMT

GET
H/1.1 200
OK 341615_th.gif
i.123g.us/c/ejan_ny_happy/th/ 8 KB
8 KB 35ms
33ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_happy/th/341615_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21b0414773d12d99d3b12aa6e561370493f374d3e82ad2d4647f775fa27b5585

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:23:28 GMT
Last-Modified: Tue, 15 Dec 2020 14:19:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713398
ETag: "1ffb-5b68173b79200"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8187
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:38:28 GMT

GET
H/1.1 200
OK 121385_th.gif
i.123g.us/c/ejan_thankyoucards/th/ 8 KB
8 KB 40ms
38ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/121385_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eda11c9193950556c5c996d33524cd9d9dc08f742d43460efe2193083b93f0c4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:32:56 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 712830
ETag: "1f90-4f323b80b5d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8080
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 17:05:16 GMT

GET
H/1.1 200
OK 117004_th.gif
i.123g.us/c/ejan_ny_thanku/th/ 7 KB
7 KB 43ms
42ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_ny_thanku/th/117004_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3c316ed222febb84e230551c6cc8f856f5bde70076c91ff0ca24a8c191592352

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:22:48 GMT
Last-Modified: Mon, 02 Nov 2020 07:29:16 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713438
ETag: "1c97-5b31ab41eeb00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7319
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:40:37 GMT

GET
H/1.1 200
OK 121394_th.gif
i.123g.us/c/ejan_thankyoucards/th/ 8 KB
8 KB 36ms
35ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/121394_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 7516ab595a6d37e8976328b4043a1bf17a4a9d90feb9c1a7c442dfb8b6af2feb

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:42:31 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 712255
ETag: "1f46-4f323b80b5d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8006
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 08:24:41 GMT

GET
H/1.1 200
OK 120846_th.gif
i.123g.us/c/ejan_danceday/th/ 4 KB
4 KB 31ms
31ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_danceday/th/120846_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2b0399929f166d79f3dd74c1f6e1bb10cc6f8205daa4ebf8dc234d41a136f0f0

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 06:39:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:44:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 561225
ETag: "100b-4f323d104cbc0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4107
jake_test: Test_Pass
Expires: Tue, 29 Dec 2020 15:05:16 GMT

GET
H/1.1 200
OK 341706_th.gif
i.123g.us/c/ejan_orthodoxchristmas/th/ 8 KB
8 KB 35ms
34ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxchristmas/th/341706_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c5f99a5c3138bad204bc948a512fec9915ea748a01ccf12d90231a4eeaf654c7

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:25:58 GMT
Last-Modified: Mon, 30 Dec 2019 10:34:06 GMT
Server: Apache/2.2.15 (CentOS)
Age: 713248
ETag: "1fa0-59ae962036380"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8096
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 08:10:35 GMT

GET
H/1.1 200
OK 315819_th.jpg
i.123g.us/c/ejan_bubblebathday/th/ 6 KB
7 KB 36ms
36ms Image
image/jpeg 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_bubblebathday/th/315819_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1f43a6c0703598c9c717bb370bc7c34e5ec71547923ffbe5731e12b2aed733b4

Request headers

Referer: https://www.123greetings.com/send/view/12520120910320702226/r10
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 18:12:48 GMT
Last-Modified: Mon, 05 Jan 2015 13:23:11 GMT
Server: Apache/2.2.15 (CentOS)
Age: 519638
ETag: "19e5-50be797854dc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6629
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 11:45:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: v.123g.us
URL: https://v.123g.us/vod/edec_c_newjingle/345238.mp4

Verdicts & Comments Add Verdict or Comment

503 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.izooto.com/	1970-02-03 15:02:33	Name: IZCID Value: c3d486f4-9907-40d7-b795-58dde1b00706
.123greetings.com/	1970-01-19 15:02:33	Name: _gat_gtag_UA_3076315_1 Value: 1
www.123greetings.com/	1970-01-19 15:02:33	Name: config_data Value: CADB=1\|CLG=1\|CBR=1\|CUB=1\|CCC=1\|CFLC=1\|CPFR=1\|CBRR=1\|TCP=1\|TAP=1\|TCAP=1\|TRE=1\|QkDshLgd=0\|FBCon=1
.123greetings.com/	1970-01-19 15:03:59	Name: _gid Value: GA1.2.585063894.1609353195
.123greetings.com/	1970-01-20 08:33:45	Name: _ga Value: GA1.2.580540161.1609353195

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.123greetings.com/send/view/12520120910320702226/r10
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.123greetings.com/send/view/12520120910320702226/r10
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.123greetings.com/send/view/12520120910320702226/r10
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://www.123greetings.com/send/view/12520120910320702226/r10
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://www.123greetings.com/send/view/12520120910320702226/r10(Line 114) Message: CMP IS NOT FOUND!!!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

272015d200ed39fc26ed2a74054dc622.safeframe.googlesyndication.com
a.vdo.ai
acdn.adnxs.com
ad-cdn.technoratimedia.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ams.creativecdn.com
analytics.vdo.ai
ap.lijit.com
api.rlcdn.com
assets.pinterest.com
c.123g.us
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.izooto.com
cdn.pixfuture.com
cm.mgid.com
connect.facebook.net
creativecdn.com
csi.gstatic.com
de.tynt.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
ghb.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
h.vdo.ai
i.123g.us
ib.adnxs.com
ic.tynt.com
ice.360yield.com
imasdk.googleapis.com
match.adsrvr.org
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixfuture.technoratimedia.com
pixfuture2-d.openx.net
prebidserver.pixfuture.com
r3---sn-4g5e6nsr.googlevideo.com
rtb.openx.net
s.adtelligent.com
s0.2mdn.net
secure-web.cisco.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
sync.adtelligent.com
t.trafmag.com
targeting.vdo.ai
tpc.googlesyndication.com
track.vdo.ai
trkn.us
v.123g.us
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.123g.us
v.123g.us
104.19.133.78
108.128.209.152
144.217.67.230
152.199.22.191
157.245.94.128
172.217.21.226
178.250.0.157
184.72.245.68
185.184.8.30
193.122.128.135
193.200.65.5
208.100.17.186
216.52.2.39
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:20::ac43:4671
2606:4700:3034::6812:2a06
2606:4700:3036::6812:2b06
2606:4700::6812:d841
2620:101:2002:11f0::1001
2a00:1450:4001:63::8
2a00:1450:4001:802::200a
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:814::2004
2a00:1450:4001:817::200a
2a00:1450:4001:81b::2006
2a00:1450:4001:81d::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:81f::2001
2a00:1450:4001:820::2001
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a00:1450:400e:80d::2003
2a02:2638::1c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::84
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5142::2
34.120.207.148
35.157.246.167
35.186.253.211
35.244.159.8
37.252.173.22
51.79.79.82
51.89.9.253
52.28.69.126
52.54.0.202
54.154.164.132
54.39.16.115
62.149.0.72
67.202.110.34
67.27.157.252
67.27.235.124
68.183.31.14
95.101.184.231
95.101.184.244
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
07a3eb8be1687dc1ee377d85bffd51891d0fd539258b63ab4031b012bd77f5fc
0a5558775d58f1e1bf62e65cfa27f6c34e88eb34254a3704cd202f69863864f0
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0cf35f07795c660e4c60a9ad862e62af9dfa4f2de3faf5538b081895204098e6
0d3d3d99ec2d1da823e792b3024b24ae723c89a29d46d9cffe4b1d4ba935c0da
10f53fa2d186cab69df54f72edf6e785eafe9666dc409ae4dfe1fea405e20044
123befcec3590e5fac545c132399414c8baffc3e28840d6df912070e2a0fdeff
129cffbf3312b2c53382db680a39acc9ec3ed60ac8a3dab442d61b03a7e2e3ff
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
14fbe9fe0bea550049ab61f6d49c2876d18b9e1e263a593fd33ba80cd625af6e
17e4ce4b9cbbb056783083576973602113b5208319d9038be8487f50d4dd7485
18fb0dd8f7703b2e5693b5ea9b4fd31c842e364f93255283cd1f941f78d41e41
1b339807708fa0d686bd38cac3c8b360aa4492012eec0ac1e08bd6d6bf12ea4a
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
1e66fd8c60e4d0ad7439cb9483dc87b104b2d6cc351e933fc6c8fe84178777b2
1f43a6c0703598c9c717bb370bc7c34e5ec71547923ffbe5731e12b2aed733b4
2182649a98ad5421bc74f1f2b03ae0966959c03591009d28f8c58ebf8ec3b591
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
21b0414773d12d99d3b12aa6e561370493f374d3e82ad2d4647f775fa27b5585
22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
25057a5db69d36033c70101fee355e40007797815b243c08f7d5c15b60632147
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693
271f9493a3f0b7c107af7edb33ee8972351a1ecc590191ca77fb2300ebc54b1b
273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07
27b6996a0f7ea420886fcb7b079d023a65391f41b283c92c38b60e8a157d6559
2ac98091f04d8e654cfa6e1bae62ef59a9de93168f8d0e0b266ef6a9e79e10a4
2b0399929f166d79f3dd74c1f6e1bb10cc6f8205daa4ebf8dc234d41a136f0f0
2de8c1c1f58500fdb5c75375da8cee1d4179a8f877a061c520255b7cd99285c3
30356f4ee7951ecbcb3b3581c7382375d9a6b3f7758387b159161f314b0dcf89
31af7fe938fe7b647330365e525725fab6b5b12f239eb518c1de4cf526917e6f
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36448ad7c8a0ebaede61a354ff0eb0c7a7cb0ecd0705a8100ff1762abbab8287
3933da3b6b6d80b072fcb813763cd58e5d3827a1bd7df5c9c997cbdf46944d03
3c316ed222febb84e230551c6cc8f856f5bde70076c91ff0ca24a8c191592352
3c31de420ea4980a8c892497e2c0526542a81e975928a036c7b0db8e99c4a65d
457a41ab60ded1bf0e16aafcab0467793e2412ca2736aa650f72824acc0f839e
46db7a0a77511a777f77205b377cde8df6937dbde8a6e63441d7829d8f6ccfee
474ec785bc51c33eaacec0b14c6af0ad56a3984f2f41ca06ca25df3d3931db2b
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
47e42db1a13cad7038692045d3e7d3eb6d749761670e20ecae0b3a39ea46ce20
4b887bab8466ef253f320643b2a953c1b5b1be823834659b28c0c8b0c4d04f9a
4ca3bc81ff1b14149f62de14b1ce66ed63061b4e6879c9ca7b28b2dfd665e5f9
4d3488633d427920b4765661f6037c8705d8bb3218e3f1e864027ab5b2dab95f
50ad451055222e0c91f859f31d85c5706a720ca492bcf3bbf427b10fb9ed5975
51947342f432ee0050863c56f8718f385a5f695b75658212aa81b8e563a08317
58694980bbc66f470a6a28d1bc7291726a7990beeb63a78eaeb04f64a4e7956d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5d26e98e9600c9cea41a4f28dee915eedd266f450849d151a7f653d1738917de
5e7ed022e6412f6c1416fe649aeb461650491238f7f7ee77bdc0a35435fa891a
5f02981bfcab6807a15ddfea1babc7cee05cd0f1f59abe712928de44fb6c1f0d
62920b1fb80cd4c66afd8dc2c721f4f8aa3432ba23018bae94bd7a35835bf680
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
644b3b16669314a89594e0ce2dcb1256a31de3ce8c199f0abb4ed7bdbe574621
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
66f2fcd1b9f213946a387c254f5ef2bc3b3ddef474a236ba1c22059faae48aa3
678c16283762d2d1a12c9b055cf3e4333ca3c4c6638a95741f1130084882756f
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b
6a99e7d178fd19b946a936a0f64d31a1af2e843b889ab515ada00d38622c5d67
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c47cf62b59b7a70cf1301ee79ab25193c347c114326dbab4c5170fc3dac5793
6d79e99d5df4bd7fa2ab47b5f28acd5fe734289bbf7758932c68f859b99a52c7
737c97e23226153564a68174b9478df9fecac9ef6723d89dfc0463c306e567fb
740f4a834d55a4b2b1092b1244251a939c2eff78e4d4ea1d2efa70041dc30493
7516ab595a6d37e8976328b4043a1bf17a4a9d90feb9c1a7c442dfb8b6af2feb
7612d016dc83a6946de83a852657b781471ee8c2ee48d931d14a0848d9c30ab7
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7841e30d2ebdc4b7b4ce0cca7dfe674224a7dd17eb1f4664c97aa4178ff20bf4
7ad34ccf3280365b76b2225afc498f2c14a75774690f3d258c2f792c930e1ab1
7b420ad439dadbbbc88cef506a6e2ea73c331178f08f984c6b230cec7ac66a04
7e906065f70331d022b2c68a332a34a59da0bdb72321417725a6a39a0376db69
7ef944c738ecf6aa4234cc1282bcb00325e02f90149f946fb58266aa878487cc
7f13a9f22f899dbe5241c85576852ad1a954a44b9a7743694380f33815adc4fb
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb
853b899d696b5e0f490a54b0348117f9fd92261708804e0f36377883f83fda85
85fb72b93ac26f52a2f0b73e9e1aedf11670485a40bb9cc72e4a3f2ff4bdf4e5
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4
90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905
9579d339e6d8722afe4bf01403ed0437ddbc750601cc76bd28603742d21db7b0
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9b33ae84f06f7e6c15c082fedcac87dfebcfc63242c40bc5fd2de85ffa9c6891
a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1d54f9649e67de3f4c9dad04c0f7b47e4f7d67f94aa9f95c105c9aa8fc7c68e
a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969
a427c383b1971b24fbcef3ddcab28238369fb896e6eae9ec77c9c4a7bc46e2c1
a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ad060fa77a4c1b23d16b5037baa27c08b02d8b88a56bf9484088cd1f53d6170f
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848
af0418dcac2952a04ccb2cfe47f5af7dae74dc53bb1207db945af78eb3d0efb9
b06666a84e0d8fb440cd6dcfb4e9431e14f15ad1c20bc172fcafc23d9b081e76
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b274a5e53502a5270f2ec056552d8ab5aab35ed6a4c81432cea70b9b3a7dff5d
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b5317538d5fcd2a3cbbd9a19745a7d89aa2130e3ec4bc9d955ceac7a47bf69a3
b5fa7f6c88bab6220bc21da88cbc9be45d7efb062e7208d5a1b85b7e2d50e626
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01
b9a3ef04685bb644dd6937c795f72938cea1fdf6f2d9f1593a166250c13337a9
be052cbfcd57819c8d06ab9bdb2d0b40f4e45f64d8c1bfffc663f149c2551c70
c0d2bb46c68e084f258f3728375c0351cb47075647142ba7df6f0059ae0b2581
c1c9310eb6a56101c2133db372cfbe9cefb5ff6b90a02ded916984c975b813b2
c2668ef399dd267e5ac705229383957fecfa06dfcf54ed989b47e098a86f5729
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c5f99a5c3138bad204bc948a512fec9915ea748a01ccf12d90231a4eeaf654c7
c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb
ca8f45e72d0ae1bfee1a751b8c878b10952a7884e3f384730be1c6124fd29038
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cc1026007f89a02aacd1fe58a66d36d652cdfef39dc959e679630d94bf66580e
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d456e800a4ff42bd90b8be54da2a5d63d99bd12c4e947145f461bc5c1ca10ca5
d66e89622da2cdeb29b4e6996b10c2b036dce6033a073e71badfc341991384e5
da4f73e34cac70249f07115aa124de07e76f563336cb7ab19160be9c609c0b88
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dca586053fcb60bd911a229a1d06ceb070f0204416146054312c084f78db347e
dcd3f82100ec7d3c7948d39dee6f86ca9196cdc29251ca7ebdcae11bd1aee4ee
dd708bf94bac4c399e9bc5b75b1dc8890c1164c0bd10a071be8a82497b64191b
df9e42827474b5b933a3b458899d8d6d88e7c0a518f7598952e3e82709f8fdd2
e10a2edd7df57eaa653e7083c309dd6077398ed2fbf686dccedc9957f1296bc8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42ded22e1888b43db2267140c74bc8490431dc6e3422ab9a4897d67066f6e30
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e694f33711aa21f4bc6d7745df8a71df916a7ed735c0245b6c294baa5a8d913d
e70696531ebef4e25c157f95ad6730a529ac4df922aa285b3d6e9236007e8820
e7689090e677b378b1483520c11c02bbe53f326bf0aa1c18b3d516873abad1f4
e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce
ea18606e9f0b5edc595468756405e4026c4ff7111ff3ab504f3ee2176a456c2c
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
eda11c9193950556c5c996d33524cd9d9dc08f742d43460efe2193083b93f0c4
edac864025d2ddf623d08b2478bbda55ebd33ae2a7dc7b248c3a6c1426013094
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d1f1bbecf45f0366e0b1defadb0a0514415038079991cae365fc2f847415ef
f14d17c9c8cfd3254ebbb6605fd8092439de906772dcb5df55d66d591d44e672
f15e01342d6b0f44b84f4886a6c363241b298e85fb7b3c6323bd183cc40511ce
f48865d73c8d0872ffed2458a1014a817e713ed294f0568c73f98c00779fe8f3
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f64a08d002fbce85414d01a38f95a1febea81f916cfd6fd9cbb75c9dc11035fa
f65f857f51ac77f3053e7aa9d0b8c1d67199d982eb9c1f82e8895f6efec7a7a9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
facac9f820b7fe3e2482c9b2f532d71af367ec42f8e81f1825ec1080a7359f63
fd9c5b4c088958c2991b464c928739f0c956875c8dd947a4169b1f857f5c8ae4
fdc36d0b413db098a12a47bc3a167b7097f400ea9c69a366492ef50945c2bc70
fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
fedb307abb8149c457e5f1df0e2ae11452c2179f57d56a30c5558e0e98fb2d40

www.123greetings.com Open in urlscan Pro 184.72.245.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

347 Requests

99 %HTTPS

47 %IPv6

41 Domains

65 Subdomains

53 IPs

10 Countries

9637 kBTransfer

15367 kBSize

5 Cookies

11 Outgoing links

Page URL History

Redirected requests

347 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Screenshot
Live screenshot

Full Image

347
Requests

99 %
HTTPS

47 %
IPv6

41
Domains

65
Subdomains

53
IPs

10
Countries

9637 kB
Transfer

15367 kB
Size

5
Cookies

347 HTTP transactions
9 data transactions