www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.123greetings.com/send/view/12321520122813534416
Submission Tags: falconsandbox
Submission: On January 12 via api (January 12th 2021, 9:35:41 am UTC) from US

Summary HTTP 311 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 20 domains to perform 311 HTTP transactions. The main IP is 184.72.245.68, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.

This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	184.72.245.68 184.72.245.68	14618 (AMAZON-AES) (AMAZON-AES)
35	67.27.235.124 67.27.235.124	3356 (LEVEL3) (LEVEL3)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1 3	54.147.95.22 54.147.95.22	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
8	8.253.204.117 8.253.204.117	3356 (LEVEL3) (LEVEL3)
75	67.27.233.252 67.27.233.252	3356 (LEVEL3) (LEVEL3)
1	2a04:4e42:9::84 2a04:4e42:9::84	54113 (FASTLY) (FASTLY)
2	8.253.204.116 8.253.204.116	3356 (LEVEL3) (LEVEL3)
7	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
18	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:81f::2001	15169 (GOOGLE) (GOOGLE)
65	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3033::ac43:de92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
7	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6812:2a06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	144.217.66.206 144.217.66.206	16276 (OVH) (OVH)
4	51.77.119.11 51.77.119.11	16276 (OVH) (OVH)
22	176.9.154.76 176.9.154.76	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.108.144.214 104.108.144.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
311	34

3 184.72.245.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: www.123greetings.com

www.123greetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 67.27.235.124 (United States)

ASN3356 (LEVEL3, US)

c.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.147.95.22 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-95-22.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.253.204.117 (United States)

ASN3356 (LEVEL3, US)

x.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 67.27.233.252 (United States)

ASN3356 (LEVEL3, US)

i.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:9::84 (Ascension Island)

ASN54113 (FASTLY, US)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.253.204.116 (United States)

ASN3356 (LEVEL3, US)

v.123g.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

53223087bf608c21906b300c0003dc44.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

65 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3033::ac43:de92 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6812:2a06 (United States)

ASN13335 (CLOUDFLARENET, US)

targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.217.66.206 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns535844.ip-144-217-66.net

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.77.119.11 (Warminster, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns31094366.ip-51-77-119.eu

track.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 176.9.154.76 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.76.154.9.176.clients.your-server.de

h.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

vdoai-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.11 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.144.214 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
120	123g.us c.123g.us x.123g.us i.123g.us v.123g.us	2 MB
52	googlesyndication.com 53223087bf608c21906b300c0003dc44.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	981 KB
36	vdo.ai a.vdo.ai targeting.vdo.ai analytics.vdo.ai track.vdo.ai h.vdo.ai	3 MB
26	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	109 KB
17	googletagservices.com www.googletagservices.com	495 KB
11	google-analytics.com www.google-analytics.com	56 KB
8	google.com adservice.google.com	2 KB
8	google.de adservice.google.de	1 KB
7	googleadservices.com partner.googleadservices.com	1 KB
4	googletagmanager.com www.googletagmanager.com	153 KB
3	trkn.us 1 redirects trkn.us	2 KB
3	123greetings.com www.123greetings.com	50 KB
2	adnxs.com ib.adnxs.com acdn.adnxs.com	1 KB
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	119 B
2	openx.net vdoai-d.openx.net u.openx.net	480 B
2	googleapis.com imasdk.googleapis.com	109 KB
2	facebook.com www.facebook.com
2	facebook.net connect.facebook.net	62 KB
1	2mdn.net s0.2mdn.net	11 KB
1	pinterest.com assets.pinterest.com	1 KB
311	20

	Domain	Requested by
75	i.123g.us	www.123greetings.com c.123g.us
35	c.123g.us	www.123greetings.com c.123g.us
34	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com www.googletagservices.com
22	h.vdo.ai	a.vdo.ai
18	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.123greetings.com
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
17	www.googletagservices.com	c.123g.us securepubads.g.doubleclick.net pagead2.googlesyndication.com
11	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
8	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	x.123g.us	c.123g.us
7	partner.googleadservices.com	pagead2.googlesyndication.com
5	a.vdo.ai	www.123greetings.com a.vdo.ai
4	track.vdo.ai
4	analytics.vdo.ai	a.vdo.ai
4	www.googletagmanager.com	www.123greetings.com a.vdo.ai www.googletagmanager.com
3	trkn.us	1 redirects www.123greetings.com
3	www.123greetings.com	c.123g.us
2	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
2	v.123g.us
2	www.facebook.com	connect.facebook.net
2	connect.facebook.net	www.123greetings.com connect.facebook.net
1	acdn.adnxs.com	a.vdo.ai
1	ads.pubmatic.com	a.vdo.ai
1	u.openx.net	a.vdo.ai
1	ib.adnxs.com	a.vdo.ai
1	hbopenbid.pubmatic.com	a.vdo.ai
1	vdoai-d.openx.net	a.vdo.ai
1	s0.2mdn.net	imasdk.googleapis.com
1	targeting.vdo.ai	a.vdo.ai
1	53223087bf608c21906b300c0003dc44.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	assets.pinterest.com
311	33

This site contains links to these domains. Also see Links.

Domain
studio.123greetings.com
nl.123greetings.com
www.addthis.com
info.123greetings.com
blog.123greetings.com
widgets.123greetings.com
help.123greetings.com
vdo.ai

Subject Issuer	Validity	Valid
*.123greetings.com Go Daddy Secure Certificate Authority - G2	`2020-04-29` - `2022-04-29`	2 years	crt.sh
*.123g.us Go Daddy Secure Certificate Authority - G2	`2019-06-21` - `2021-09-16`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2020-03-20` - `2021-03-20`	a year	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-18` - `2021-08-18`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2019-10-15` - `2021-10-15`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh

This page contains 32 frames:

Primary Page: https://www.123greetings.com/send/view/12321520122813534416
Frame ID: 27CC03AB7D6B0B43E795A0DDECA55640
Requests: 178 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e9e15b561682%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff6bbb4d6028a%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fthank_you%2Feveryday%2Fthank_you_note_with_flowers.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Frame ID: A02F33E53D8FAACF46EDCC7D3966E39D
Requests: 1 HTTP requests in this frame

Frame: https://www.123greetings.com/send/fcp_track/3f315f766667612b756376366a436457116e6068/12321520122813534416/summary
Frame ID: 7899A822A397E31B625456F306548800
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXeq9KkTJ4jv7yPseLBdRpCTVHoWMyPaOqtAOwBsOdo_hIh_Ba_08kGu6gKeTRiBUgd--Ooo0GXHHaXlC9wef8TfAFzDz-wMNpvU531f381Tr5ck3pKSGt3D07EG9hjH0YPhC1CGSZdvyBZ8P-57OCugml5gSGdbOdLEw_rGwJjLn6AYlbnpsOm5K-cEXEPMpiDdKOFxti4_IIgx0SDEkAleiv-Uoyt_iEAo8ET-grALTd6fQ4YfLgJRAG1KAFRhYLTJBdG8jd1LFOPu4-Whgqflb5HPEAulljqyx4vEBl_Go2eIxRC049fulRfLOKrmkNYw&sai=AMfl-YQslqqChFLdoPiymd8HNfgZQc1SwwubLAOJaX5xuKniGicQ11jdaAJb4ggdSp-ntXRA756-oieUA8WFnc8hMVrEXDT3BpdXi0_aAVB1jACo1jUhwKOS_20cAu96p-Q&sig=Cg0ArKJSzD9Sog47GQs9EAE&urlfix=1&adurl=
Frame ID: 7D48328F7F80949E38DD7C55463862AC
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR0-DB09w9LinVPRiHqgKQQvkdMeVCbl18CSmGhg4fl7ghnGCETTCj-SH9CCrVzlcYdFjsAILSgN2K0f66a-DmmxYciZTNSGSjnux4ScqmJM06T5qEvCUEOCFdov7XJMaQZVRE3h4Nx8L7El1ePjKaoDWioytaNuqu8Igm2tOStTSh8p2xAdQOoTQC9D19EDta9v905UuEb-EnbWj4Z43nm4rywvlWHLlMDYurFddJ3j2IRq3Ybg28x5nUn62pn5hoVHBWNQYn_ueRum3npkCG2uJGiBDHswV5kIvlrHHWHacmIn50ufzMCrKKyzPIzVXo6LTT&sai=AMfl-YSTGZjK17CJodfkNXqN610tiDZS3XXXn509cmUJvv7jGqlMpAzJtJbIruxStSculVWmdgAp_YB2lMV-W6YU-_7hnumnENEaRN0pd7JNJKKPmbwE2nxoxGh5-zMHes8&sig=Cg0ArKJSzDtM7sYEx9HtEAE&urlfix=1&adurl=
Frame ID: B5E8B58AF9B951F0630D57B664AAECCB
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTT5MXy4DppJxT9jYrYAhreGYJHqqqQYpDw-egIqamPlpMMUU3q9eX3FO3xF5gwBRVDwbSohLgqGIn7jb-IgUGnCP1wMByMsFa7MiJ8LFRpMXCQNPwKoNb3rYe3s3FfwWaNTuRDHb-Gc3FG2cN7XhEKYK-56p9axTaIDhBZxdeQKO0cPaIys18FYSOrIQLPVMbUX7URQ1HPPZZLZyl_kn81Yzw9PUzupmoskS2Ax1TeoSC9Epqwk8R-MaPjmI3GhiqpngYEWRJTayEnS7zF8Qk-Hy4IU69Cgpah-kH07RPlBX6yr_8As4Aqa-oBkRhQEauh_o3RQ8&sai=AMfl-YSRQik1Qp-VPmyj0w-hxabg28pUsN0pixe-6xYwSegfkmXnbwEzob_1BpbdDuDW-zKAxl8X-wPQxscVcty4X7NIbl_eKLRBG2-gILAXBiqeyFj8dMkr9EUi3pkr4Pg&sig=Cg0ArKJSzEA1miPkk1H5EAE&urlfix=1&adurl=
Frame ID: 08B44726BC8ADB2F2CCD189B0FD749B5
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxKe8LslSBQ8Bm5xo1J67FHOIuHXVf-rbBdJxDrMKnor7ahZl5O3rWGD3oLr-g9OqbkL0UZ5B-vhVDRw1ppWOhpl2UHE64p_JxuwtEjLwo7flQO4p436yQ1f40VPj5g8aXgiAAuoN_solQ4HpTGbdLgXSD5DTqZWE5C0qDwfKufgtAF-T-E7gKbJuDD6_efTRJN74N7fDgUaDFQyRJ3bfONxJmZpgUSBeZLPyrBoNF2rnO43FTJX0H4fUvg7_JaMkiGRgSqQVe1vNpxrdUDqrXhBx2X_6FRV7KPaDIBkPWzon6hRCEhT4rXFOZgf7vIkNv7F42YsXfdQ&sai=AMfl-YQ_isHz65EVHYBV1BdtGOcXQGb4i5CDquePgCD7KN4-J2EvPiByALyLu457K419U84muMlhhQG7gs7TmFpy3YUZhWUpbFE20DLzFcSMlRAaXGLni2sQmwjHkLi3aCo&sig=Cg0ArKJSzJc0TrJPetbHEAE&urlfix=1&adurl=
Frame ID: F89B97E710C0AE46920D2A0A14881BC0
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueJDH2FUUrCMlgwxl1uaAyBWeWOjq0AJk71QSje5Ccj8oXrgKTgGPRLlQ6WIormUIiZdib-rNkHuDavw4RfN-bzMC_RFUWL3Hmh0d-rOyEm4oIii6sgvCHLpYMMsroHybfPov2cw169O72-dErANuJ58lpeqzjEpExC_hNEeoKLF3m3wfYgUf_12kwBW_vMsxx2L9Kz9Znfcstq4oa55FWIk4_6o2QXapAakjjZQ3KTpQhq5_aKe9dkSCbkteWliFOmXzrdqIJc4sFdW01zFV-3Pu41aLSeqNYMLepGTiSWK0vQWT6RqvR8ZllD7wQa6fxACnshtCdfwJi&sai=AMfl-YTIbeWP1oeBEHZyRGBWo5rRarm3VqPQmyx-H10obT13Wv8R-pWPWaEIVnNjrPxYMl93Jeh0wVHFifzsjWCBoSBgilfbMzq8IHTf7qpCIwatKZiyRS9csbOJ_3PJWPY&sig=Cg0ArKJSzP2Qp2lviWAHEAE&urlfix=1&adurl=
Frame ID: D9C1DDB64FBF06870220C222C65D4A92
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_rxTMtw28wIsfb8h3e3rZ70zJcZwctQ7UUxdHtgJ5_loy1d2Ljsi9mljNYy1TKjnUtzbd8Lxa3QQa7UsO97HkfJYs8H4hGqoCzJ7xDtG9hR8o_pMxI4wJWTFwTPGTavdPPey-oi8WfSM1T2t2vqnwKOlqtCe0PnRVHbLVGfFHrq4-DtE7oFsa0dY7B_PYQjri4OKGZS08aDszecMhRyKqyhiV64Rm9hfsKIJwULwx2kLeD-LUoeinvbLX1ii_AIBOmC6fQBA3Tso2BPFAUdfz27hKZiMHoj39JwiIr2iMoqRqOyX2GBMy_jKvBuSgV8xa3Fksc60yUN0z&sai=AMfl-YTwIfFhi8jH9rA5-1uC4XgghNokwr8z977zozG_Tll-ip17QMCFY5vr94uqfprp7cqHUenGR0Dhx9KWn76sQHEVJZ9Aj3OCvS9r6CunOV6Ds94EFbH_JHdz2SUq36c&sig=Cg0ArKJSzNSYlZDsLEMSEAE&urlfix=1&adurl=
Frame ID: F6FB62073988270484A0BF17ED617404
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRi97pENn632KSH9ABMcXQs_zSgaCL5Et8raJOeerTsAOG5dGYxFpm12WZKLhGZLM0o527WcxEfm_vL8MM8Jr-QaHX0eHtCwP1vgh5zBzZ7jNzt6x0esMjJKPax-RDSrUeN-IwcnKOBJUCLEw4b1QN5vl0rn7Mpw5NLmXsa8QhSkmbfWsXkUIlw71WY7VoTZyF04TepSCFggJAdfU-vK9MH6xXeGHsnBbNd6lEwaNAEtKnSrTLm3Lg2j3m2YSfR5vS10sUrT7mihPzniI0u20sEWD0rBD9RguJojH9Fgug7rbnqoZ2x1PMoJwPpt4aGZTUYF_RpNCA1glX&sai=AMfl-YQjd3J3mAcYTWPBWYZkB1gogShbDZOqpnpIMOjFnG2DlKnR5H68u88cpEGv4lhrVdwLEDvyZ3NLKQfcrTuV0NDKh-GItyTrmhoGQjdkrd9yukR12LEinad56kKhnyI&sig=Cg0ArKJSzMbzpKgtPM8vEAE&urlfix=1&adurl=
Frame ID: 663B745C716C7F3E457DE44BD3208E34
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoaf6MWYlHb4jaPgtIOchnenFMk4K8WiDRwcvpH-d03gfE4faovPaf2WtpEmLjbfR2B9kplN7-6-D5j-E3LWi5u27M2V4JW6aWX1kGhPsKHEV7jfQQlyyXP6VUVdIq_1WnpyXUaM7c2DQfS2ovUg9tyrzsByKZepMqhcdaynS2nI42ANdBdcFnuQIuDxNjCkXxHHlg8pkzyNTuZGLZbV3Ku3BmthPtafV2JGd4_LrOeH-G_loqWey4w4l3AxFrF9RLEx0nt1jvViJ5t6T9B8uEbwMC44xj5pIMsLw_2vHLmF9gAGpnBdkgEnX2bXo-rP9kTYd_DnI&sai=AMfl-YTvYEUtsJYLC6vQat2Q3PH9sBW04Zt20XOuUBaN730ueceG4i9ooPSSpm0C_q3p8TONQ8h4eAZuz_oYj7MLV6TgFnoNfw78Z0ZzVNQsf7BDmryJdjPrKzht2Ahjtfk&sig=Cg0ArKJSzCETTYFs9YUYEAE&urlfix=1&adurl=
Frame ID: 36E39B7D0D3CFE879B60EB05CDA1E043
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: ECB185CD4649F1BBC3DC1DB42FD2CF2F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=true
Frame ID: EC110C955EB3705EE14088F8250CFD12
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031639&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124194&bpp=32&bdt=104&idt=468&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=2&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=1849767754&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=1813193446&scr_x=0&scr_y=0&eid=21067214%2C21068769&oid=3&pvsid=1829471742742856&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mfz8fxmdlaal&fsb=1&dtd=490
Frame ID: C8D4E0F9F1DC1D4F551C8BE40573B731
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124229&bpp=41&bdt=132&idt=466&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=938398853&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3394649870&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067981%2C21068769&oid=3&pvsid=2910405896898529&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.xxyyp5kldlvp&fsb=1&dtd=1202
Frame ID: E10A27C2F871282B1A971FC6DE8D3294
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124272&bpp=6&bdt=171&idt=1165&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=1096191513&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2210&biw=1600&bih=1200&isw=728&ish=90&ifk=518391363&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&pvsid=2420385843338917&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.vuevmkggsfz&btvi=1&fsb=1&dtd=1171
Frame ID: 2F317A7CFF46A12364DDD6D9D6A26381
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124279&bpp=8&bdt=173&idt=1172&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=1914409277&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=345649411&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=510338562889288&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.lpjg4vxvc5fi&fsb=1&dtd=1177
Frame ID: 05F93C735EB027A82851314F7332D333
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 1521C611171B0B1FD34FA7C05463C7AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=3173046726&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124543&bpp=5&bdt=433&idt=944&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=2&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=879569623&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1392&biw=1600&bih=1200&isw=300&ish=250&ifk=4115409591&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21069710&oid=3&pvsid=3898568608764704&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ed0fod4ag1fl&btvi=1&fsb=1&dtd=950
Frame ID: CBD967BDCD833BD1EDB1A4B18D609E24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124572&bpp=5&bdt=456&idt=926&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444126&ga_hid=254356518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1392&biw=1600&bih=1200&isw=300&ish=250&ifk=2546763746&scr_x=0&scr_y=0&eid=21067982%2C21068769%2C21069756&oid=3&pvsid=3470859620706917&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3fwq76eb5q5o&btvi=1&fsb=1&dtd=932
Frame ID: ED7D0FD6791122C254B174358FE6EFF2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=3173046724&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124597&bpp=4&bdt=476&idt=913&shv=r20210107&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444126&ga_hid=1595283739&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1392&biw=1600&bih=1200&isw=300&ish=250&ifk=3848925924&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21069757&oid=3&pvsid=3636952010822754&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.vzxwlowac21&btvi=1&fsb=1&dtd=967
Frame ID: 87865AD83478A09E514457B588DC6ED1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 55F7A96D4845782B62A1377FA2745AB3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.433.1_en.html
Frame ID: F25F9563D26CC57CABC9358DE34D8961
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: ABA29194BA554A8232B756383EC8E3B3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 20644BB293C6678981FE041F72B8E59D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 6E98126DAB09F8B5C76905F26C236655
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 1D1967041B8719244452E78311193897
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 1E76D2178A5D28B4D0D887D900680840
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 3C811BEDD3CE05A52C23CECB32A5DDCC
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 585A2BEBF6C556885B887C832694E02A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3BF0242CF1BA51B6BBE3199478EA548A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E2B1F5731A018D5735D5C2737395C9FE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CentOS (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /CentOS/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

311
Requests

99 %
HTTPS

52 %
IPv6

20
Domains

33
Subdomains

34
IPs

7
Countries

6756 kB
Transfer

13292 kB
Size

4
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://studio.123greetings.com/
Title: Studio

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/blog/
Title: Editor Bob's Blog

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php

Search URL Search Domain Scan URL

URL: https://info.123greetings.com/company/pressroom/
Title: Press Room

Search URL Search Domain Scan URL

URL: https://blog.123greetings.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://widgets.123greetings.com/
Title: Widgets

Search URL Search Domain Scan URL

URL: https://nl.123greetings.com/tell-a-friend
Title: Recommend Us

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://help.123greetings.com/contact_us.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://vdo.ai/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=4128347943.695969&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&dvis=visible HTTP 302
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=4128347943.695969&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&dvis=visible&ip=185.212.171.67&cuidchk=1

311 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set 12321520122813534416 Show response
www.123greetings.com/send/view/ 44 KB
44 KB 2497ms
2171ms Document
text/html 184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/send/view/12321520122813534416

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

e2d546e626c21759ac1c8fe6b39532f823ee49d7b7e15a116a14bca106e4b718

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.123greetings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Jan 2021 09:35:18 GMT
Server: Apache/2.2.15 (CentOS)
X-Frame-Options: SAMEORIGIN
transfer-encoding: chunked
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

GET
H/1.1 200
OK fcp_R1.css
c.123g.us/css/ 14 KB
4 KB 156ms
28ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/fcp_R1.css
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 30356f4ee7951ecbcb3b3581c7382375d9a6b3f7758387b159161f314b0dcf89

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 08:31:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Apr 2020 06:04:07 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1040620
ETag: "362a-5a23473b823c0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3493
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 08:46:44 GMT

GET
H/1.1 200
OK jquery.js Show response
c.123g.us/js2/ 92 KB
33 KB 157ms
26ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 19:24:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2297438
ETag: "16f3a-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33449
jake_test: Test_Pass
Expires: Thu, 17 Dec 2020 13:39:33 GMT

GET
H/1.1 200
OK swfobject.js Show response
c.123g.us/js2/ 10 KB
4 KB 160ms
28ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/swfobject.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 05:06:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2262518
ETag: "261f-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3868
jake_test: Test_Pass
Expires: Thu, 17 Dec 2020 14:11:06 GMT

GET
H/1.1 200
OK 123g_utils_v1.js Show response
c.123g.us/js2/ 123 KB
30 KB 159ms
26ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_utils_v1.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 123befcec3590e5fac545c132399414c8baffc3e28840d6df912070e2a0fdeff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 02 Jan 2021 10:18:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 10:40:59 GMT
Server: Apache/2.2.15 (CentOS)
Age: 861400
ETag: "2c311-1ed5c-5b3459d6f84c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30530
jake_test: Test_Pass

GET
H/1.1 200
OK utilsopt.js Show response
c.123g.us/js2/ 22 KB
7 KB 161ms
28ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/utilsopt.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 05:06:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 10:40:59 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2262517
ETag: "2c7c8-57b2-5b3459d6f84c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6801
jake_test: Test_Pass

GET
H/1.1 200
OK 123g_static.js Show response
c.123g.us/js2/ 135 KB
25 KB 162ms
28ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/123g_static.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 62920b1fb80cd4c66afd8dc2c721f4f8aa3432ba23018bae94bd7a35835bf680

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 19 Dec 2020 05:36:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Nov 2020 09:38:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2087961
ETag: "2c7d9-21bf5-5b3bd6f3cce00"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24893
jake_test: Test_Pass

GET
H/1.1 200
OK jquery.blockUI.js Show response
c.123g.us/js2/ 8 KB
3 KB 180ms
24ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.blockUI.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 15:09:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1794367
ETag: "1fe9-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3052
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 15:24:17 GMT

GET
H/1.1 200
OK rakpanel.js Show response
c.123g.us/js2/ 3 KB
2 KB 190ms
22ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/rakpanel.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 02 Jan 2021 05:42:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Aug 2018 13:50:00 GMT
Server: Apache/2.2.15 (CentOS)
Age: 877986
ETag: "2c3eb-d4c-57300e738b200"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1626
jake_test: Test_Pass

GET
H/1.1 200
OK addressbook.js Show response
c.123g.us/js2/ 397 KB
75 KB 194ms
25ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/addressbook.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fedb307abb8149c457e5f1df0e2ae11452c2179f57d56a30c5558e0e98fb2d40

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 19 Dec 2020 22:42:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 10:40:59 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2026371
ETag: "2c400-63523-5b3459d6f84c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76755
jake_test: Test_Pass

GET
H/1.1 200
OK date.js Show response
c.123g.us/js2/calendar/ 3 KB
1 KB 202ms
21ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/calendar/date.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 15:31:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Mar 2017 11:41:21 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1706617
ETag: "2c3fe-afa-54a227da71a40"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 974
jake_test: Test_Pass

GET
H/1.1 200
OK jquery.datePicker.js Show response
c.123g.us/js2/calendar/ 15 KB
5 KB 206ms
22ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/calendar/jquery.datePicker.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 15:31:44 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1706617
ETag: "3d65-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4593
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 15:46:44 GMT

GET
H/1.1 200
OK jquery.ajax_autocomplete.js Show response
c.123g.us/js2/ 32 KB
10 KB 210ms
25ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 04:36:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 08:18:53 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2437121
ETag: "7f11-5b19d2e943540"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9770
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 01:25:37 GMT

GET
H/1.1 200
OK jquery.bxslider_new.js Show response
c.123g.us/js2/ 20 KB
5 KB 210ms
22ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.bxslider_new.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 15:29:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1706727
ETag: "50ba-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5210
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 15:44:54 GMT

GET
H/1.1 200
OK styleopt_R1.css
c.123g.us/css/ 80 KB
16 KB 29ms
26ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/styleopt_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e42ded22e1888b43db2267140c74bc8490431dc6e3422ab9a4897d67066f6e30

Request headers

Referer: https://c.123g.us/css/fcp_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 15:30:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Oct 2020 07:35:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1447521
ETag: "13f79-5b19c94bd4600"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16142
jake_test: Test_Pass
Expires: Thu, 07 Jan 2021 22:07:58 GMT

GET
H/1.1 200
OK modal_window_R1.css
c.123g.us/css/ 33 KB
7 KB 28ms
23ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/modal_window_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Referer: https://c.123g.us/css/fcp_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 17 Dec 2020 13:47:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jun 2020 09:39:02 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2231260
ETag: "8220-5a7b79d367980"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6727
jake_test: Test_Pass
Expires: Thu, 17 Dec 2020 14:02:43 GMT

GET
H/1.1 200
OK print_card_R1.css
c.123g.us/css/ 3 KB
1 KB 32ms
22ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/print_card_R1.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb

Request headers

Referer: https://c.123g.us/css/fcp_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 07:57:58 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Jul 2018 11:22:16 GMT
Server: Apache/2.2.15 (CentOS)
Age: 610643
ETag: "2453f-af1-571586437ea00"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 807
jake_test: Test_Pass

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57f1ef48c4b5aa6997223218b3d20b7f363c6c6d940c4f54ee27d62853baba33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gYw1sgXtwfyNAWHtzBmr2w==
cross-origin-resource-policy: cross-origin
expires: Tue, 12 Jan 2021 09:40:23 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: p3yh6yaSjyhB8zxPkdGpxtghhANexcGXw4RSCRhbutX8hOCYrPq9tmYix45Zd47TnXs2ClVCOLdSAHn/G/NbGg==
x-fb-trip-id: 686109401
x-fb-content-md5: eece601ff5724899c46f3e5a7d95edb5
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 12 Jan 2021 09:35:21 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c3147983e25bbca6548cbd169f1f2642"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3076315-1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de1ffb7c8aa09cb7058d4f9e6cbfc697751ab3cdf479f290342d7897f7f8d360

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38950
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Jan 2021 09:35:21 GMT

GET
H/1.1 200
OK ajax-fileuploader.gif
c.123g.us/images/ 11 KB
11 KB 24ms
23ms Image
image/gif 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/ajax-fileuploader.gif
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 07:44:45 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 93036
ETag: "2a43-54da7c7a66000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10819
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 08:00:22 GMT

GET
H/1.1 200
OK 123g_master_bg.png
c.123g.us/images/ 145 B
501 B 22ms
21ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/123g_master_bg.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 18:03:43 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1611098
ETag: "91-54da7c7b5a240"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145
jake_test: Test_Pass
Expires: Sat, 26 Dec 2020 07:27:32 GMT

GET
H/1.1 200
OK master_img_menu.png
c.123g.us/images/ 6 KB
6 KB 26ms
25ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_img_menu.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Dec 2020 04:37:28 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:45 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1400273
ETag: "9d023-1861-54a227b81c940"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6241
jake_test: Test_Pass

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
141 KB 26ms
26ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 11:16:17 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1808344
ETag: "230cb-5979e1c4d2cc0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 11:31:17 GMT

GET
H/1.1 200
OK big_img_sprite.png
c.123g.us/images/ 134 KB
134 KB 30ms
29ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/big_img_sprite.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Dec 2020 12:02:30 GMT
Last-Modified: Wed, 11 Sep 2019 08:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1373571
ETag: "21653-59242fbe2e0c0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136787
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 02:50:06 GMT

GET
H/1.1 200
OK master_icon_set_2.png
c.123g.us/images/ 88 KB
88 KB 26ms
26ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_icon_set_2.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 04 Jan 2021 07:25:22 GMT
Last-Modified: Mon, 04 Jan 2021 07:23:11 GMT
Server: Apache/2.2.15 (CentOS)
Age: 698999
ETag: "15fce-5b80df65e15c0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90062
jake_test: Test_Pass
Expires: Mon, 04 Jan 2021 07:40:22 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 195 KB
59 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=bce2c532c3a7822502f6b9d10916eae2&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d019650ae7d108f0c5861e2d00109c50183aea23ddfac3f3a7d295326a80c998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.123greetings.com
Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: zPgZoQ4rBIzTHrHU5n8uFA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60132
x-fb-rlafr: 0
x-fb-debug: LVQqUXF4x7BkYgfPlyEt1kjSwlJ73uDJRw3BTkT61+YRDunxkb+HNw3PiEZFCdEkvm1ClnFBMEKxuNkUEkMuZg==
x-fb-trip-id: 686109401
x-fb-content-md5: 2f7d9fa36e1616f597c3b9f08bce7559
x-frame-options: DENY
date: Tue, 12 Jan 2021 09:35:21 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ebae2d45c47270c9f708f27a86c22981"
timing-allow-origin: *
expires: Wed, 12 Jan 2022 08:18:29 GMT

GET
H/1.1 200
OK request.js Show response
trkn.us/info/ 2 KB
1 KB 405ms
101ms Script
application/javascript 54.147.95.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=4128347943.695969

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.95.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-95-22.compute-1.amazonaws.com

Software

Apache /

Resource Hash

5f7292e4db376e9d8e554cdb43bb190429fa2ad87ef83977b2893bf471a342b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 09:35:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 733
Expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 201 B
529 B 23ms
22ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Dec 2020 10:53:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2587331
ETag: "c9-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
jake_test: Test_Pass
Expires: Sun, 13 Dec 2020 11:08:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3076315-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 220
date: Tue, 12 Jan 2021 09:31:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 12 Jan 2021 11:31:41 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 48ms
35ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=6268317308&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bce2c532c3a7822502f6b9d10916eae2&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: TcP9RIKwaf2R9TJsFXTPBsjUXIs4Mww6O3kWfENG4WIjwnorWE+4mj/9ExowzgOoQsV5RPwQsMsSpt0Klq/Afg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Tue, 12 Jan 2021 09:35:21 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
70 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1136752795&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1928402526&gjid=1971616136&cid=436450538.1610444121&tid=UA-3076315-1&_gid=338316575.1610444121&_r=1&gtm=2oubu0&z=1492901148

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
trkn.us/info/
Redirect Chain

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=4128347943.695969&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&dvis=visible
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=4128347943.695969&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&dvis=visible&ip=185.212.171.67&cuidc...

42 B
758 B

107ms
107ms

Image
image/gif

54.147.95.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=4128347943.695969&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&dvis=visible&ip=185.212.171.67&cuidchk=1

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.147.95.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-147-95-22.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 09:35:21 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Tue, 12 Jan 2021 09:35:21 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=4128347943.695969&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&dvis=visible&ip=185.212.171.67&cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H/1.1 200
OK 333231_details.js Show response
x.123g.us/json/ 2 KB
1 KB 804ms
679ms Script
text/javascript 8.253.204.117
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/333231_details.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.117 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f26b550759adb51d7ae8c527b468b5e7130962d81c86fd5a0a7bd15f4627cf49

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:35:20 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jan 2021 08:47:39 GMT
Server: Apache/2.2.15 (CentOS)
Age: 3
ETag: "985-5b8b0132ca0c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 864
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 09:50:23 GMT

GET
H/1.1 200
OK menu.js Show response
x.123g.us/json/ 70 KB
13 KB 28ms
27ms Script
text/javascript 8.253.204.117
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/menu.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.117 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d371c52a9637449eabc1b2d89717f4ec1ca412f10fdb978c2c221f2b4d76e4c7

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:19:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jan 2021 08:06:47 GMT
Server: Apache/2.2.15 (CentOS)
Age: 962
ETag: "116e6-5b8af810613c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13098
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 09:34:21 GMT

GET
H/1.1 200
OK 333231_pc.jpg
i.123g.us/c/thank_everyday/pc/ 39 KB
40 KB 108ms
29ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/thank_everyday/pc/333231_pc.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2421b07f1d9158cfca00c3971d71522e5b5700ca481d043f712e07f79f85a40b

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:24:40 GMT
Last-Modified: Mon, 26 Feb 2018 08:08:34 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1804243
ETag: "9cbf-56619042fa480"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40127
jake_test: Test_Pass
Expires: Tue, 29 Dec 2020 21:03:17 GMT

GET
H/1.1 200
OK play-button.png
c.123g.us/images/ 3 KB
3 KB 22ms
21ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/play-button.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 05 Jan 2021 08:03:21 GMT
Last-Modified: Fri, 21 Apr 2017 06:58:08 GMT
Server: Apache/2.2.15 (CentOS)
Age: 610322
ETag: "afd-54da7c7a66000"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2813
jake_test: Test_Pass
Expires: Tue, 05 Jan 2021 08:18:21 GMT

GET
H/1.1 200
OK 333231_bg.jpg
i.123g.us/c/thank_everyday/bg/ 936 B
1 KB 101ms
29ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/thank_everyday/bg/333231_bg.jpg
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 62883b465b44e0da54cc6478a27a292281e62fed7cf4e97e336a42a777c6fcbb

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:24:41 GMT
Last-Modified: Mon, 26 Feb 2018 08:08:21 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1804242
ETag: "3a8-5661903694740"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 936
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:42:27 GMT

GET
H2 200 like.php
www.facebook.com/v2.0/plugins/ Frame A02F 0
0 86ms
86ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e9e15b561682%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff6bbb4d6028a%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fthank_you%2Feveryday%2Fthank_you_note_with_flowers.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=bce2c532c3a7822502f6b9d10916eae2&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1e9e15b561682%26domain%3Dwww.123greetings.com%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ff6bbb4d6028a%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fthank_you%2Feveryday%2Fthank_you_note_with_flowers.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: icMWY/zLjd+loALyso3yhQrgzs2PCHNYgAHfGia8hagQq7fdNnhREVdky34zraNJeGwskFhpYA7KYnvD4McUqw==
date: Tue, 12 Jan 2021 09:35:23 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 PinExt.png
assets.pinterest.com/images/ 936 B
1 KB 98ms
69ms Image
image/png 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.pinterest.com/images/PinExt.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:23 GMT
x-cdn: fastly
etag: "61ed0472dfcbfaf25e7585f119adf76a"
vary: Origin
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-CDN
cache-control: max-age=86400
access-control-max-age: 86400
content-length: 936

GET
H/1.1 206
Partial Content 333231.mp4
v.123g.us/vod/thank_everyday/ 656 KB
0 467ms
328ms Media
video/mp4 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/thank_everyday/333231.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.116 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 12 Jan 2021 09:35:23 GMT
Last-Modified: Thu, 25 Jul 2019 10:44:12 GMT
Server: Footprint Distributor V6.1.1162
Age: 0
ETag: "965916-58e7f1b351640"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 0-9853205/9853206
Connection: keep-alive
Content-Length: 9853206

GET
H/1.1 206
Partial Content 333231.mp4
v.123g.us/vod/thank_everyday/ 16 KB
0 462ms
323ms Media
video/mp4 8.253.204.116
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://v.123g.us/vod/thank_everyday/333231.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.116 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 12 Jan 2021 09:35:23 GMT
Last-Modified: Thu, 25 Jul 2019 10:44:12 GMT
Server: Footprint Distributor V6.1.1162
Age: 0
ETag: "965916-58e7f1b351640"
Vary: Accept-Encoding
Content-Type: video/mp4
Content-Range: bytes 0-9853205/9853206
Connection: keep-alive
Content-Length: 9853206

GET
H/1.1 200
OK master_img_menu.png
c.123g.us/images/ 6 KB
6 KB 22ms
22ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/master_img_menu.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Dec 2020 04:37:28 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:45 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1400275
ETag: "9d023-1861-54a227b81c940"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6241
jake_test: Test_Pass

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
141 KB 22ms
22ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer: https://c.123g.us/css/styleopt_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 11:16:17 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1808346
ETag: "230cb-5979e1c4d2cc0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 11:31:17 GMT

GET
H/1.1 200
OK tagclouds_cards.js Show response
x.123g.us/json/ 3 KB
1 KB 24ms
23ms Script
text/javascript 8.253.204.117
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/tagclouds_cards.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.117 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1a8ecdd8744d5df927ec422d8be57813e23f786187338c9cde993b8f7bd1fead

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:10:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jan 2021 08:46:50 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1494
ETag: "b2c-5b8b01040f280"
Vary: Accept-Encoding
Content-Type: text/javascript
access-control-allow-origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 688
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 09:25:29 GMT

GET
H/1.1 200
OK check_js_file.pl Show response
www.123greetings.com/usr-bin/ 19 B
285 B 596ms
595ms XHR
text/html 184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/usr-bin/check_js_file.pl?card_number=333231

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

b9fe9d301c5f7f881a54ec269d5824eb2504bd2b634e2e5d38033c5f0b23fdec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.123greetings.com/send/view/12321520122813534416
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:35:23 GMT
Server: Apache/2.2.15 (CentOS)
X-Frame-Options: SAMEORIGIN
transfer-encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK connect_config.js Show response
c.123g.us/js2/ 201 B
529 B 22ms
22ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/connect_config.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 13 Dec 2020 10:53:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2587333
ETag: "c9-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 120
jake_test: Test_Pass
Expires: Sun, 13 Dec 2020 11:08:10 GMT

GET
H/1.1 200
OK Cookie set summary Show response
www.123greetings.com/send/fcp_track/3f315f766667612b756376366a436457116e6068/12321520122813534416/ Frame 7899 5 KB
5 KB 1451ms
1243ms Document
text/html 184.72.245.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.123greetings.com/send/fcp_track/3f315f766667612b756376366a436457116e6068/12321520122813534416/summary

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.72.245.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

www.123greetings.com

Software

Apache/2.2.15 (CentOS) /

Resource Hash

a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.123greetings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.123greetings.com/send/view/12321520122813534416
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: config_data=CADB=1|CLG=1|CBR=1|CUB=1|CCC=1|CFLC=1|CPFR=1|CBRR=1|TCP=1|TAP=1|TCAP=1|TRE=1|QkDshLgd=0|FBCon=1; _ga=GA1.2.436450538.1610444121; _gid=GA1.2.338316575.1610444121; _gat_gtag_UA_3076315_1=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

Cache-control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Jan 2021 09:35:23 GMT
Server: Apache/2.2.15 (CentOS)
X-Frame-Options: SAMEORIGIN
transfer-encoding: chunked
Set-Cookie: SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
19 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9a6f3d078c1287730cbad75c1729cdb086c9c597e4592b8c1de71944e144fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "752 / 135 of 1000 / last-modified: 1610406577"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18846
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:23 GMT

GET
H2 200 pubads_impl_2021010903.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 83ms
33ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 10 Jan 2021 01:35:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99142
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:23 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 16ms
16ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
247 B 15ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
12 KB 551ms
522ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3757066002022402&correlator=3291227847192440&output=ldjh&impl=fifs&eid=21068601%2C21068773%2C21069111&vrg=2021010903&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210112&iu_parts=46400095%2CDesktopWeb_Finalcard_LB%2CDesktopWeb_Finalcard_Sky%2CDesktopWeb_Finalcard_LowerLB%2CDesktopWeb_Finalcard_Preroll%2CDesktopWeb_Finalcard_FCPLarge1%2CDesktopWeb_Finalcard_FCPLarge2%2CDesktopWeb_Finalcard_FCPLarge3%2CDesktopWeb_Finalcard_Video&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=728x90%2C160x600%2C970x90%7C728x90%7C970x250%2C300x250%7C336x280%7C360x300%2C300x250%2C300x250%2C300x250%2C1x1&cust_params=site%3D123greetings.com%26section%3Dthank_everyday%26page%3Dfinalcard&cookie_enabled=1&bc=31&abxe=1&lmt=1610444123&dt=1610444123499&dlt=1610444121064&idt=2413&frm=20&biw=1600&bih=1200&oid=3&adxs=560%2C1114%2C310%2C410%2C332%2C650%2C968%2C0&adys=47%2C236%2C1658%2C535%2C1090%2C1090%2C1090%2C1942&adks=3337616149%2C1542450727%2C4029745640%2C3714999025%2C3462125275%2C1838853332%2C2455301282%2C2411661447&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90%7C172x612%7C980x127%7C470x316%7C980x300%7C980x300%7C980x300%7C1600x1933&msz=728x90%7C160x600%7C980x90%7C470x270%7C314x264%7C314x264%7C314x264%7C1600x1&ga_vid=436450538.1610444121&ga_sid=1610444124&ga_hid=1136752795&fws=4%2C4%2C0%2C0%2C0%2C0%2C0%2C0&ohw=728%2C160%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

37ac401dccb1c0426fb6cef5f7cac07a9678a4f3798ff92844b4b3ea7d6568bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11258
x-xss-protection: 0
google-lineitem-id: 5075419110,287186655,237051975,5075596738,5339830282,5339838610,5339866447,5484456697
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138271367694,113980516335,99278302815,138271368528,138307808418,138308197669,138307796510,138324624061
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
53223087bf608c21906b300c0003dc44.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 61ms
14ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://53223087bf608c21906b300c0003dc44.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 30ms
6ms Other
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK fcp_thankyou.js Show response
x.123g.us/json/ 4 KB
1 KB 26ms
25ms Script
text/javascript 8.253.204.117
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/fcp_thankyou.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.117 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:07:02 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 May 2020 08:02:46 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1701
ETag: "f55-5a5bf5ae75580"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1026
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 09:22:02 GMT

GET
H/1.1 200
OK thank_sendcard_v3.js Show response
x.123g.us/json/ 622 B
793 B 24ms
24ms Script
text/javascript 8.253.204.117
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/thank_sendcard_v3.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.117 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 19a505556b18dc0a68bc83ce070ae655768c6b0730767291758decfef157d38d

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:13:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jan 2021 09:00:49 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1292
ETag: "26e-5b8b042431240"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 354
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 09:28:53 GMT

GET
H/1.1 200
OK thank_everyday.js Show response
x.123g.us/json/ 554 KB
68 KB 31ms
30ms Script
text/javascript 8.253.204.117
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/thank_everyday.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.117 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9db70773a7cf20af3943b3ccf31c49abec5b8c3da7f32e7d11d308280f005c7f

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:28:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jan 2021 06:37:23 GMT
Server: Apache/2.2.15 (CentOS)
Age: 406
ETag: "8a721-5b8ae414deec0"
Vary: Accept-Encoding
Content-Type: text/javascript
access-control-allow-origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68688
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 09:48:28 GMT

GET
H/1.1 200
OK ejan_thankyoucards.js Show response
x.123g.us/json/ 70 KB
9 KB 46ms
46ms Script
text/javascript 8.253.204.117
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/ejan_thankyoucards.js
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.117 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4f15f5d864898fa006b384296dbf6c6e468cc320199342ee02a771c856f2d00c

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:25:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jan 2021 08:46:52 GMT
Server: Apache/2.2.15 (CentOS)
Age: 579
ETag: "11736-5b8b0105f7700"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8386
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 09:41:52 GMT

GET
H/1.1 200
OK carousel_thank.json Show response
x.123g.us/json/ 5 KB
5 KB 108ms
30ms XHR
application/json 8.253.204.117
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://x.123g.us/json/carousel_thank.json
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.253.204.117 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3d89a614e45ac1789e4baa21c9be47681071690c3f1ed7eb79c22b02fdeca1c9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:30:34 GMT
Last-Modified: Tue, 12 Jan 2021 09:21:25 GMT
Server: Apache/2.2.15 (CentOS)
Age: 290
ETag: "139f-5b8b08beeef40"
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5023
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 09:45:56 GMT

GET
H/1.1 200
OK 345467_th.gif
i.123g.us/c/ejan_thankyoucards/th/ 8 KB
8 KB 27ms
25ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/345467_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: c74058ada3541c6e2a56a59e44a729b9c3974469d7387b43481fc53a7805cb95

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 08 Jan 2021 10:58:56 GMT
Last-Modified: Fri, 08 Jan 2021 07:19:18 GMT
Server: Apache/2.2.15 (CentOS)
Age: 340588
ETag: "1f7d-5b85e5fd84980"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8061
jake_test: Test_Pass
Expires: Sun, 10 Jan 2021 01:31:03 GMT

GET
H/1.1 200
OK 121385_th.gif
i.123g.us/c/ejan_thankyoucards/th/ 8 KB
8 KB 26ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/121385_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eda11c9193950556c5c996d33524cd9d9dc08f742d43460efe2193083b93f0c4

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:32:56 GMT
Last-Modified: Mon, 24 Feb 2014 09:37:24 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1803748
ETag: "1f90-4f323b80b5d00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8080
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 17:05:16 GMT

GET
H/1.1 200
OK 327391_th.jpg
i.123g.us/c/ejan_thankyoucards/th/ 6 KB
6 KB 58ms
23ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_thankyoucards/th/327391_th.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 296c6bd6917f2f53b667c1585ead7a7ce58d5355de269e442bf32fc2c96326ca

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 01:20:26 GMT
Last-Modified: Tue, 10 Jan 2017 13:47:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 202498
ETag: "1659-545bdb9915c00"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5721
jake_test: Test_Pass
Expires: Sun, 10 Jan 2021 01:35:26 GMT

GET
H/1.1 200
OK closeBtn_h.png
c.123g.us/images/ 1 KB
1 KB 25ms
24ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/closeBtn_h.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 06 Jan 2021 14:02:12 GMT
Last-Modified: Tue, 07 Mar 2017 11:40:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 502392
ETag: "9cf1d-42a-54a227b6344c0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1066
jake_test: Test_Pass

GET
H/1.1 200
OK big_img_sprite.png
c.123g.us/images/ 134 KB
134 KB 24ms
22ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/big_img_sprite.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer: https://c.123g.us/css/fcp_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Dec 2020 12:02:30 GMT
Last-Modified: Wed, 11 Sep 2019 08:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1373574
ETag: "21653-59242fbe2e0c0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136787
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 02:50:06 GMT

GET
H/1.1 200
OK icon_set_R1.png
c.123g.us/images/ 140 KB
141 KB 23ms
22ms Image
image/png 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.123g.us/images/icon_set_R1.png
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer: https://c.123g.us/css/fcp_R1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 11:16:17 GMT
Last-Modified: Mon, 18 Nov 2019 12:30:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1808347
ETag: "230cb-5979e1c4d2cc0"
Content-Type: image/png
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143563
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 11:31:17 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7D48 0
0 33ms
32ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXeq9KkTJ4jv7yPseLBdRpCTVHoWMyPaOqtAOwBsOdo_hIh_Ba_08kGu6gKeTRiBUgd--Ooo0GXHHaXlC9wef8TfAFzDz-wMNpvU531f381Tr5ck3pKSGt3D07EG9hjH0YPhC1CGSZdvyBZ8P-57OCugml5gSGdbOdLEw_rGwJjLn6AYlbnpsOm5K-cEXEPMpiDdKOFxti4_IIgx0SDEkAleiv-Uoyt_iEAo8ET-grALTd6fQ4YfLgJRAG1KAFRhYLTJBdG8jd1LFOPu4-Whgqflb5HPEAulljqyx4vEBl_Go2eIxRC049fulRfLOKrmkNYw&sai=AMfl-YQslqqChFLdoPiymd8HNfgZQc1SwwubLAOJaX5xuKniGicQ11jdaAJb4ggdSp-ntXRA756-oieUA8WFnc8hMVrEXDT3BpdXi0_aAVB1jACo1jUhwKOS_20cAu96p-Q&sig=Cg0ArKJSzD9Sog47GQs9EAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7D48 91 KB
33 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d574eebf7245803b6945ae767932141b12ef893a5643bc19b7000e2d47e00a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33065
x-xss-protection: 0
server: cafe
etag: 8777699175963109430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D48 104 KB
32 KB 48ms
32ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5E8 0
0 34ms
32ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR0-DB09w9LinVPRiHqgKQQvkdMeVCbl18CSmGhg4fl7ghnGCETTCj-SH9CCrVzlcYdFjsAILSgN2K0f66a-DmmxYciZTNSGSjnux4ScqmJM06T5qEvCUEOCFdov7XJMaQZVRE3h4Nx8L7El1ePjKaoDWioytaNuqu8Igm2tOStTSh8p2xAdQOoTQC9D19EDta9v905UuEb-EnbWj4Z43nm4rywvlWHLlMDYurFddJ3j2IRq3Ybg28x5nUn62pn5hoVHBWNQYn_ueRum3npkCG2uJGiBDHswV5kIvlrHHWHacmIn50ufzMCrKKyzPIzVXo6LTT&sai=AMfl-YSTGZjK17CJodfkNXqN610tiDZS3XXXn509cmUJvv7jGqlMpAzJtJbIruxStSculVWmdgAp_YB2lMV-W6YU-_7hnumnENEaRN0pd7JNJKKPmbwE2nxoxGh5-zMHes8&sig=Cg0ArKJSzDtM7sYEx9HtEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B5E8 91 KB
32 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f30bde4adc2607a9863e5c1e165009cd0b195574a89779596c438fd3b9928b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33066
x-xss-protection: 0
server: cafe
etag: 4722356279057405686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5E8 104 KB
32 KB 41ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08B4 0
0 32ms
31ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTT5MXy4DppJxT9jYrYAhreGYJHqqqQYpDw-egIqamPlpMMUU3q9eX3FO3xF5gwBRVDwbSohLgqGIn7jb-IgUGnCP1wMByMsFa7MiJ8LFRpMXCQNPwKoNb3rYe3s3FfwWaNTuRDHb-Gc3FG2cN7XhEKYK-56p9axTaIDhBZxdeQKO0cPaIys18FYSOrIQLPVMbUX7URQ1HPPZZLZyl_kn81Yzw9PUzupmoskS2Ax1TeoSC9Epqwk8R-MaPjmI3GhiqpngYEWRJTayEnS7zF8Qk-Hy4IU69Cgpah-kH07RPlBX6yr_8As4Aqa-oBkRhQEauh_o3RQ8&sai=AMfl-YSRQik1Qp-VPmyj0w-hxabg28pUsN0pixe-6xYwSegfkmXnbwEzob_1BpbdDuDW-zKAxl8X-wPQxscVcty4X7NIbl_eKLRBG2-gILAXBiqeyFj8dMkr9EUi3pkr4Pg&sig=Cg0ArKJSzEA1miPkk1H5EAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 08B4 91 KB
32 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d574eebf7245803b6945ae767932141b12ef893a5643bc19b7000e2d47e00a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33065
x-xss-protection: 0
server: cafe
etag: 8777699175963109430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08B4 104 KB
32 KB 34ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F89B 0
0 35ms
34ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxKe8LslSBQ8Bm5xo1J67FHOIuHXVf-rbBdJxDrMKnor7ahZl5O3rWGD3oLr-g9OqbkL0UZ5B-vhVDRw1ppWOhpl2UHE64p_JxuwtEjLwo7flQO4p436yQ1f40VPj5g8aXgiAAuoN_solQ4HpTGbdLgXSD5DTqZWE5C0qDwfKufgtAF-T-E7gKbJuDD6_efTRJN74N7fDgUaDFQyRJ3bfONxJmZpgUSBeZLPyrBoNF2rnO43FTJX0H4fUvg7_JaMkiGRgSqQVe1vNpxrdUDqrXhBx2X_6FRV7KPaDIBkPWzon6hRCEhT4rXFOZgf7vIkNv7F42YsXfdQ&sai=AMfl-YQ_isHz65EVHYBV1BdtGOcXQGb4i5CDquePgCD7KN4-J2EvPiByALyLu457K419U84muMlhhQG7gs7TmFpy3YUZhWUpbFE20DLzFcSMlRAaXGLni2sQmwjHkLi3aCo&sig=Cg0ArKJSzJc0TrJPetbHEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame F89B 91 KB
32 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d574eebf7245803b6945ae767932141b12ef893a5643bc19b7000e2d47e00a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33065
x-xss-protection: 0
server: cafe
etag: 8777699175963109430
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F89B 104 KB
32 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D9C1 0
0 35ms
34ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsueJDH2FUUrCMlgwxl1uaAyBWeWOjq0AJk71QSje5Ccj8oXrgKTgGPRLlQ6WIormUIiZdib-rNkHuDavw4RfN-bzMC_RFUWL3Hmh0d-rOyEm4oIii6sgvCHLpYMMsroHybfPov2cw169O72-dErANuJ58lpeqzjEpExC_hNEeoKLF3m3wfYgUf_12kwBW_vMsxx2L9Kz9Znfcstq4oa55FWIk4_6o2QXapAakjjZQ3KTpQhq5_aKe9dkSCbkteWliFOmXzrdqIJc4sFdW01zFV-3Pu41aLSeqNYMLepGTiSWK0vQWT6RqvR8ZllD7wQa6fxACnshtCdfwJi&sai=AMfl-YTIbeWP1oeBEHZyRGBWo5rRarm3VqPQmyx-H10obT13Wv8R-pWPWaEIVnNjrPxYMl93Jeh0wVHFifzsjWCBoSBgilfbMzq8IHTf7qpCIwatKZiyRS9csbOJ_3PJWPY&sig=Cg0ArKJSzP2Qp2lviWAHEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D9C1 132 KB
46 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a357b7145cf9cb6702a0045e07c898860e18baa0989ca9c5f7460733fe1b1b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47064
x-xss-protection: 0
server: cafe
etag: 9489384909010990628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9C1 104 KB
32 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6FB 0
0 40ms
38ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_rxTMtw28wIsfb8h3e3rZ70zJcZwctQ7UUxdHtgJ5_loy1d2Ljsi9mljNYy1TKjnUtzbd8Lxa3QQa7UsO97HkfJYs8H4hGqoCzJ7xDtG9hR8o_pMxI4wJWTFwTPGTavdPPey-oi8WfSM1T2t2vqnwKOlqtCe0PnRVHbLVGfFHrq4-DtE7oFsa0dY7B_PYQjri4OKGZS08aDszecMhRyKqyhiV64Rm9hfsKIJwULwx2kLeD-LUoeinvbLX1ii_AIBOmC6fQBA3Tso2BPFAUdfz27hKZiMHoj39JwiIr2iMoqRqOyX2GBMy_jKvBuSgV8xa3Fksc60yUN0z&sai=AMfl-YTwIfFhi8jH9rA5-1uC4XgghNokwr8z977zozG_Tll-ip17QMCFY5vr94uqfprp7cqHUenGR0Dhx9KWn76sQHEVJZ9Aj3OCvS9r6CunOV6Ds94EFbH_JHdz2SUq36c&sig=Cg0ArKJSzNSYlZDsLEMSEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F6FB 132 KB
46 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c55f085dd30b7f07b3b0d2d40bf36e6f226750d16cbb7ed75d0e29dc84f93c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47053
x-xss-protection: 0
server: cafe
etag: 2243074958797800702
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6FB 104 KB
32 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 663B 0
0 37ms
36ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRi97pENn632KSH9ABMcXQs_zSgaCL5Et8raJOeerTsAOG5dGYxFpm12WZKLhGZLM0o527WcxEfm_vL8MM8Jr-QaHX0eHtCwP1vgh5zBzZ7jNzt6x0esMjJKPax-RDSrUeN-IwcnKOBJUCLEw4b1QN5vl0rn7Mpw5NLmXsa8QhSkmbfWsXkUIlw71WY7VoTZyF04TepSCFggJAdfU-vK9MH6xXeGHsnBbNd6lEwaNAEtKnSrTLm3Lg2j3m2YSfR5vS10sUrT7mihPzniI0u20sEWD0rBD9RguJojH9Fgug7rbnqoZ2x1PMoJwPpt4aGZTUYF_RpNCA1glX&sai=AMfl-YQjd3J3mAcYTWPBWYZkB1gogShbDZOqpnpIMOjFnG2DlKnR5H68u88cpEGv4lhrVdwLEDvyZ3NLKQfcrTuV0NDKh-GItyTrmhoGQjdkrd9yukR12LEinad56kKhnyI&sig=Cg0ArKJSzMbzpKgtPM8vEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 663B 134 KB
47 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c908a287be5297337a4516cf899eca2023de83254ae4edbbcbc5a0fec68e4cfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47588
x-xss-protection: 0
server: cafe
etag: 16364074688873936899
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 663B 104 KB
32 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36E3 0
0 38ms
32ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoaf6MWYlHb4jaPgtIOchnenFMk4K8WiDRwcvpH-d03gfE4faovPaf2WtpEmLjbfR2B9kplN7-6-D5j-E3LWi5u27M2V4JW6aWX1kGhPsKHEV7jfQQlyyXP6VUVdIq_1WnpyXUaM7c2DQfS2ovUg9tyrzsByKZepMqhcdaynS2nI42ANdBdcFnuQIuDxNjCkXxHHlg8pkzyNTuZGLZbV3Ku3BmthPtafV2JGd4_LrOeH-G_loqWey4w4l3AxFrF9RLEx0nt1jvViJ5t6T9B8uEbwMC44xj5pIMsLw_2vHLmF9gAGpnBdkgEnX2bXo-rP9kTYd_DnI&sai=AMfl-YTvYEUtsJYLC6vQat2Q3PH9sBW04Zt20XOuUBaN730ueceG4i9ooPSSpm0C_q3p8TONQ8h4eAZuz_oYj7MLV6TgFnoNfw78Z0ZzVNQsf7BDmryJdjPrKzht2Ahjtfk&sig=Cg0ArKJSzCETTYFs9YUYEAE&urlfix=1&adurl=

Requested by

Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/123greetings/ Frame 36E3 13 KB
4 KB 250ms
214ms Script
text/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/123greetings/vdo.ai.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/12321520122813534416
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 399b650614578811a506fe1ae3d218f45c93acd33d843a7deeb7c194f3bee08e

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: HIT
vdo-server: Tag1
content-encoding: br
cf-request-id: 07978c48040000c2ae4f804000000001
x-varnish: 140832 229644
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pMDpAE1baZOxe%2FdGGp0y4bqxR7oslX4e64Ez45IgvgW9t7LKn2cLM2uHD9BlEtKp%2F6V5ViomNJtujB5ivmlAdpEQ7SJQ3zADfPDsG6couw8iQTuhqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6105e3200fe7c2ae-FRA

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36E3 104 KB
32 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936934338688"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32510
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 56ms
34ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021010903&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2a289a09c95244a95bccd16f34058a3014f3d552170150a9dda72ecfdc64bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6771
x-xss-protection: 0

GET
H/1.1 200
OK 113136_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 8 KB
8 KB 29ms
26ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/113136_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21c2ce0c98b0f7b6b90d4683b7858f8f40abf49411dd607e17215842b5b6c802

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 15:58:05 GMT
Last-Modified: Mon, 24 Feb 2014 08:21:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1791439
ETag: "1f88-4f322a9ad7f00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8072
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 14:06:28 GMT

GET
H/1.1 200
OK 103623_th.gif
i.123g.us/c/ejan_dreamstrueday/th/ 6 KB
6 KB 26ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_dreamstrueday/th/103623_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ba22d0b269314eb891998bf6db82b8dd17ad4ba11455987a4e011830f702581e

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 23:00:06 GMT
Last-Modified: Mon, 24 Feb 2014 08:22:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1593318
ETag: "16db-4f322aaedee40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5851
Expires: Fri, 25 Dec 2020 16:59:09 GMT

GET
H/1.1 200
OK 107616_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 8 KB
8 KB 28ms
26ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/107616_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fdf7422ceba3a07b4e4fe76275760f96d632968d7a43a1488f9064b14ae944f4

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 11:36:29 GMT
Last-Modified: Mon, 24 Feb 2014 08:21:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1720735
ETag: "1eae-4f322a9ad7f00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7854
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 11:51:29 GMT

GET
H/1.1 200
OK 116570_th.gif
i.123g.us/c/ejan_dreamstrueday/th/ 8 KB
8 KB 57ms
28ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_dreamstrueday/th/116570_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4e8c4ff774d831d08f3828db225cb03e2f3786a536a087ab867572b992af1379

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 21:43:54 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1425090
ETag: "1f3e-4f323cdccd240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7998
jake_test: Test_Pass
Expires: Mon, 04 Jan 2021 17:40:52 GMT

GET
H/1.1 200
OK 107610_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 7 KB
7 KB 57ms
27ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/107610_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1c3fe0df998b15cf7acc3a57567cc82f33ca5dc9f039c02ad814917d5485ca7c

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 19:46:46 GMT
Last-Modified: Wed, 05 Aug 2015 12:19:49 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1691318
ETag: "1b4f-51c8f6b42e340"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6991
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 10:21:21 GMT

GET
H/1.1 200
OK 345371_th.jpg
i.123g.us/c/ejan_orthodoxnew_year/th/ 4 KB
4 KB 55ms
25ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/345371_th.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 19201fcf6f6f62a8f4d9f6655b9e2354198fff6b821429aa636c7c87bf848691

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 09:14:03 GMT
Last-Modified: Thu, 31 Dec 2020 07:43:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1038081
ETag: "107d-5b7bdc77b45c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4221
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 10:23:50 GMT

GET
H/1.1 200
OK 127091_th.gif
i.123g.us/c/ejan_orthodoxnew_year/th/ 7 KB
7 KB 63ms
30ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/127091_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1fe66016ed957cc78385df19142ee6951c2ac94935d6817c19df08ebdef49562

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 11:19:27 GMT
Last-Modified: Mon, 28 Dec 2020 10:26:51 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1289757
ETag: "1c42-5b783b65250c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7234
jake_test: Test_Pass
Expires: Tue, 29 Dec 2020 07:12:51 GMT

GET
H/1.1 200
OK 104134_th.gif
i.123g.us/c/ejan_chococakeday/th/ 7 KB
7 KB 56ms
25ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_chococakeday/th/104134_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb94186d8d47079927d0328e23541daac235008fd8559f75400944a140ec094b

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 17:49:51 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 56733
ETag: "1bb8-4f323cdbd9000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7096
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 18:04:52 GMT

GET
H/1.1 200
OK 125583_th.gif
i.123g.us/c/ejan_strawberryicecream/th/ 8 KB
8 KB 56ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_strawberryicecream/th/125583_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 02866c6f4a1bbaa4c3bcfc674c76c39b269808b49e7c8d5a8783c7720d6fb006

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 19:05:23 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:46 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1002601
ETag: "1f33-4f323d98acd80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7987
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 17:08:28 GMT

GET
H/1.1 200
OK 113000_th.gif
i.123g.us/c/ejan_chococakeday/th/ 7 KB
7 KB 54ms
26ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_chococakeday/th/113000_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 06a433408ea118ce748d8466bc535126595c9f7d5f3ebae497a9724f9aa06974

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:21:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1804423
ETag: "1b08-4f323cdbd9000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6920
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:19 GMT

GET
H/1.1 200
OK 337178_th.jpg
i.123g.us/c/ejan_australiaday/th/ 6 KB
7 KB 54ms
26ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_australiaday/th/337178_th.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e13e82666765e22af19a953fcbeee4b328cbc481c606a08755a90b0d9ddf6ea1

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 05:54:06 GMT
Last-Modified: Wed, 23 Jan 2019 09:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 13278
ETag: "190e-5801ce51ee4c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6414
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 06:09:07 GMT

GET
H/1.1 200
OK 320936_th.jpg
i.123g.us/c/ejan_daisyday/th/ 7 KB
7 KB 54ms
26ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_daisyday/th/320936_th.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 608a85065045a5e5edd7536c73feddba9e249b44d26f1642f6979337f990bd97

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 01:51:19 GMT
Last-Modified: Fri, 15 Jan 2016 12:56:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 114245
ETag: "1adc-5295eef5bf8c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6876
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 08:11:18 GMT

GET
H/1.1 200
OK 337099_th.jpg
i.123g.us/c/ejan_indrepublicday/th/ 7 KB
8 KB 27ms
23ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_indrepublicday/th/337099_th.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3d8d3815663659caa50333cfcc6669a990968da43c94cf9fa40daa3b3b9941cb

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 14:35:15 GMT
Last-Modified: Thu, 17 Jan 2019 13:18:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1796409
ETag: "1cfc-57fa73a5d1cc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7420
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 11:40:02 GMT

GET
H/1.1 200
OK 332516_th.gif
i.123g.us/c/ejan_strawberryicecream/th/ 6 KB
7 KB 27ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_strawberryicecream/th/332516_th.gif
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fb49ee0af8a625fea9b37dd4dfb67f15e4249fc9b09b7d8ad15f9709e01edea2

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 20:36:40 GMT
Last-Modified: Thu, 11 Jan 2018 12:55:42 GMT
Server: Apache/2.2.15 (CentOS)
Age: 997124
ETag: "19cf-5627faa5acf80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6607
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 05:34:47 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame 7D48 234 KB
87 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame ECB1 0
0 25ms
21ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmGcql43Zs-cQRD_K2JDqfSiW_6mF_rKXP66TyiES9liFXC5ssiesh043aq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 11 Jan 2021 12:24:21 GMT
expires: Mon, 25 Jan 2021 12:24:21 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 76263
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame B5E8 234 KB
87 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame 08B4 234 KB
87 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame F89B 234 KB
87 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
DATA 200
OK truncated
/ Frame 08B4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 919965f8d772efaeb7a4bc7a248742ac0f853bada0d9a6f4dfa47f6da1aca95a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B5E8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9f7483aff1732eb491adac168a193b9202139eb5b9c3ab2799ffdfcc4ec4d86

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F89B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f10b2f6d3b206ea76209e1742bb3200fa8990962a19b6146785fad8f89ae3c4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7D48 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f05bfceea8e883978a23fd1ff3cbb2268be676c3c4b22a8eaf0d715a62cd408a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 663B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8df1566b28a47f798757e83b74ff9980991caa6ae711d27824584e2b5e18d42c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010903.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
DATA 200
OK truncated
/ Frame 36E3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58a5dd120b43d76f8228f68b5fa75c7c541bc6f2ee01e0704973c197445acd4f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F6FB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e134f205cd943be2167961083b6020e2580e8ca182b5b588d1a6f3ed04cd699c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D9C1 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 225dbae1a24b5250587d1e6a4783879ee9dcc3b4c8b1d1e47c5859fcba08366b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EC11 0
0 15ms
14ms Document
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rmvasftr&type=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/gen_204?id=rmvasftr&type=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 12 Jan 2021 09:35:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame D9C1 234 KB
87 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ Frame F6FB 234 KB
87 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/ Frame 663B 226 KB
84 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9cdc6393e9b4c9a23e7d7c94ae3b58562509dda50b4345793ad7c7e7aaa9212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86362
x-xss-protection: 0
server: cafe
etag: 10863011108655135941
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7D48 12 B
480 B 82ms
30ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7D48 109 B
127 B 46ms
30ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7D48 109 B
781 B 45ms
30ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C8D4 0
0 286ms
285ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031639&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124194&bpp=32&bdt=104&idt=468&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=2&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=1849767754&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=1813193446&scr_x=0&scr_y=0&eid=21067214%2C21068769&oid=3&pvsid=1829471742742856&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mfz8fxmdlaal&fsb=1&dtd=490

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_16069X&adk=1213354831&adf=816031639&pi=t.ma~as.Google_LB_16069X&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124194&bpp=32&bdt=104&idt=468&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=2&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=1849767754&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=1813193446&scr_x=0&scr_y=0&eid=21067214%2C21068769&oid=3&pvsid=1829471742742856&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.mfz8fxmdlaal&fsb=1&dtd=490
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmGcql43Zs-cQRD_K2JDqfSiW_6mF_rKXP66TyiES9liFXC5ssiesh043aq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 12 Jan 2021 09:35:25 GMT
server: cafe
content-length: 22484
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D48 74 KB
28 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:24 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B5E8 12 B
55 B 69ms
39ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame B5E8 109 B
150 B 17ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame B5E8 109 B
127 B 22ms
22ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E10A 0
0 328ms
327ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124229&bpp=41&bdt=132&idt=466&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=938398853&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3394649870&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067981%2C21068769&oid=3&pvsid=2910405896898529&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.xxyyp5kldlvp&fsb=1&dtd=1202

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031632&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124229&bpp=41&bdt=132&idt=466&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=938398853&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=3394649870&scr_x=0&scr_y=0&eid=42530672%2C21066429%2C21067981%2C21068769&oid=3&pvsid=2910405896898529&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.xxyyp5kldlvp&fsb=1&dtd=1202
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmGcql43Zs-cQRD_K2JDqfSiW_6mF_rKXP66TyiES9liFXC5ssiesh043aq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 12 Jan 2021 09:35:25 GMT
server: cafe
content-length: 22601
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5E8 74 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:25 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 08B4 12 B
55 B 56ms
39ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 08B4 109 B
127 B 17ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 08B4 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2F31 0
0 115ms
114ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124272&bpp=6&bdt=171&idt=1165&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=1096191513&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2210&biw=1600&bih=1200&isw=728&ish=90&ifk=518391363&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&pvsid=2420385843338917&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.vuevmkggsfz&btvi=1&fsb=1&dtd=1171

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031633&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124272&bpp=6&bdt=171&idt=1165&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=1096191513&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2210&biw=1600&bih=1200&isw=728&ish=90&ifk=518391363&scr_x=0&scr_y=0&eid=21068769%2C21069109&oid=3&pvsid=2420385843338917&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.vuevmkggsfz&btvi=1&fsb=1&dtd=1171
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmGcql43Zs-cQRD_K2JDqfSiW_6mF_rKXP66TyiES9liFXC5ssiesh043aq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 12 Jan 2021 09:35:25 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08B4 74 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:25 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame F89B 12 B
458 B 42ms
39ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame F89B 109 B
127 B 15ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame F89B 109 B
127 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 05F9 0
0 328ms
326ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124279&bpp=8&bdt=173&idt=1172&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=1914409277&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=345649411&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=510338562889288&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.lpjg4vxvc5fi&fsb=1&dtd=1177

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031634&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124279&bpp=8&bdt=173&idt=1172&shv=r20201203&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=1914409277&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=345649411&scr_x=0&scr_y=0&eid=21068769%2C21069110&oid=3&pvsid=510338562889288&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.lpjg4vxvc5fi&fsb=1&dtd=1177
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmGcql43Zs-cQRD_K2JDqfSiW_6mF_rKXP66TyiES9liFXC5ssiesh043aq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 12 Jan 2021 09:35:25 GMT
server: cafe
content-length: 13460
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F89B 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:25 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame 36E3 96 KB
38 KB 44ms
29ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-29

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/123greetings/vdo.ai.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

880da0603e57ef6499eeadf35cf86da0962f96ec4cefbb16d73af0b4ac9f1c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38972
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Jan 2021 09:35:25 GMT

GET
H2 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4/ 305 KB
98 KB 43ms
42ms Script
application/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/123greetings/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 830e604430aa3a6e4debf869fcd928331edace9ae740090b08f986f0c6ba70d3

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 134
cf-ray: 6105e3281cc6c2ae-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
cf-request-id: 07978c4d140000c2ae54a2f000000001
last-modified: Tue, 12 Jan 2021 09:14:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tF1gw4GNEfnp4ULqW3v%2B9jSwyUTY%2Bw2XIaQ8Y3oSUvcg%2F2VkYtMCbTlQiVdKpLcokmyP2n2iikPhQmJZYci%2Fw%2FrUbV2Z0YLTFu5%2F8QAlT5c7mJT6Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 1900593 196646
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 316 KB
109 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/123greetings/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f116b1dfa880b849490966cdfe4716bf9c2b7a04f5b7671fa9840f736bc370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111353
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:25 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 1521 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 11 Jan 2021 23:13:55 GMT
expires: Tue, 11 Jan 2022 23:13:55 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37290
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D9C1 12 B
55 B 69ms
68ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame D9C1 109 B
127 B 18ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame D9C1 109 B
127 B 18ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame CBD9 0
0 267ms
264ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=3173046726&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124543&bpp=5&bdt=433&idt=944&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=2&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=879569623&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1392&biw=1600&bih=1200&isw=300&ish=250&ifk=4115409591&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21069710&oid=3&pvsid=3898568608764704&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ed0fod4ag1fl&btvi=1&fsb=1&dtd=950

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=3173046726&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124543&bpp=5&bdt=433&idt=944&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=2&ga_vid=436450538.1610444121&ga_sid=1610444125&ga_hid=879569623&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1392&biw=1600&bih=1200&isw=300&ish=250&ifk=4115409591&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21069710&oid=3&pvsid=3898568608764704&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ed0fod4ag1fl&btvi=1&fsb=1&dtd=950
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmGcql43Zs-cQRD_K2JDqfSiW_6mF_rKXP66TyiES9liFXC5ssiesh043aq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 12 Jan 2021 09:35:25 GMT
server: cafe
content-length: 21176
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9C1 74 KB
28 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:25 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame F6FB 12 B
55 B 59ms
58ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame F6FB 109 B
127 B 18ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame F6FB 109 B
127 B 17ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame ED7D 0
0 266ms
265ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124572&bpp=5&bdt=456&idt=926&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444126&ga_hid=254356518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1392&biw=1600&bih=1200&isw=300&ish=250&ifk=2546763746&scr_x=0&scr_y=0&eid=21067982%2C21068769%2C21069756&oid=3&pvsid=3470859620706917&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3fwq76eb5q5o&btvi=1&fsb=1&dtd=932

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=3173046725&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124572&bpp=5&bdt=456&idt=926&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444126&ga_hid=254356518&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1392&biw=1600&bih=1200&isw=300&ish=250&ifk=2546763746&scr_x=0&scr_y=0&eid=21067982%2C21068769%2C21069756&oid=3&pvsid=3470859620706917&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3fwq76eb5q5o&btvi=1&fsb=1&dtd=932
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmGcql43Zs-cQRD_K2JDqfSiW_6mF_rKXP66TyiES9liFXC5ssiesh043aq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 12 Jan 2021 09:35:25 GMT
server: cafe
content-length: 22718
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame F6FB 74 KB
28 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:25 GMT

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 663B 12 B
55 B 71ms
31ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame 663B 109 B
127 B 57ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 663B 109 B
127 B 18ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8786 0
0 230ms
229ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=3173046724&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124597&bpp=4&bdt=476&idt=913&shv=r20210107&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444126&ga_hid=1595283739&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1392&biw=1600&bih=1200&isw=300&ish=250&ifk=3848925924&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21069757&oid=3&pvsid=3636952010822754&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.vzxwlowac21&btvi=1&fsb=1&dtd=967

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=3173046724&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ea=0&flash=0&wgl=1&dt=1610444124597&bpp=4&bdt=476&idt=913&shv=r20210107&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6aa9d5f4c47d5d3c-2251455c8bb90023%3AT%3D1610444123%3AS%3DALNI_MYCbNPf4W8W0k7QDONGd7lTgdV51g&correlator=6736918050826&frm=23&ife=4&pv=1&ga_vid=436450538.1610444121&ga_sid=1610444126&ga_hid=1595283739&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1392&biw=1600&bih=1200&isw=300&ish=250&ifk=3848925924&scr_x=0&scr_y=0&eid=42530672%2C21068769%2C21069757&oid=3&pvsid=3636952010822754&pem=390&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.vzxwlowac21&btvi=1&fsb=1&dtd=967
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmGcql43Zs-cQRD_K2JDqfSiW_6mF_rKXP66TyiES9liFXC5ssiesh043aq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 12 Jan 2021 09:35:25 GMT
server: cafe
content-length: 22733
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 663B 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:25 GMT

GET
H/1.1 200
OK fcp.css
c.123g.us/css/ Frame 7899 7 KB
2 KB 51ms
50ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/fcp.css
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/3f315f766667612b756376366a436457116e6068/12321520122813534416/summary
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063

Request headers

Referer: https://www.123greetings.com/send/fcp_track/3f315f766667612b756376366a436457116e6068/12321520122813534416/summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 09 Jan 2021 12:27:12 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Jul 2018 10:30:13 GMT
Server: Apache/2.2.15 (CentOS)
Age: 248893
ETag: "2462e-1b92-57234f253d740"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2003
jake_test: Test_Pass

GET
H/1.1 200
OK jquery.js Show response
c.123g.us/js2/ Frame 7899 92 KB
33 KB 50ms
50ms Script
text/javascript 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/js2/jquery.js
Requested by: Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/3f315f766667612b756376366a436457116e6068/12321520122813534416/summary
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer: https://www.123greetings.com/send/fcp_track/3f315f766667612b756376366a436457116e6068/12321520122813534416/summary
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 19:24:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:31 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2297442
ETag: "16f3a-54da7c90553c0"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33449
jake_test: Test_Pass
Expires: Thu, 17 Dec 2020 13:39:33 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 25ms
17ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-29

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

880da0603e57ef6499eeadf35cf86da0962f96ec4cefbb16d73af0b4ac9f1c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38972
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Jan 2021 09:35:25 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 22ms
14ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-29&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3076315-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3305f0bca70368ce830fbe3f9ef105509c80431c9abaeb48556fd3042084dce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38987
x-xss-protection: 0
last-modified: Tue, 12 Jan 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Jan 2021 09:35:25 GMT

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 98 B
902 B 85ms
15ms XHR
application/json 2606:4700:3034::6812:2a06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=123greetings.com%2Fsend%2Fview%2F12321520122813534416&tag=123greetings&domain=123greetings.com
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6812:2a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15e01342d6b0f44b84f4886a6c363241b298e85fb7b3c6323bd183cc40511ce

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CD9476Rp%2FQoWGI%2BY2TwYV0XV8uZghqS7Xc8KrEfoAJPYnGnGtMr0eyxnTSjNP2XvaFh1Ioc5w9fTqv%2B%2F3IW3zW6xGZOtL0d5KJazypPsBgwMR45pSPRfK12NmWAD"}],"group":"cf-nel","max_age":604800}
cf-ray: 6105e32ab8c84a9d-FRA
cf-request-id: 07978c4eb100004a9df4a88000000001

GET
H/1.1 200
OK styleopt_v2.css
c.123g.us/css/ Frame 7899 45 KB
9 KB 23ms
22ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/styleopt_v2.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9

Request headers

Referer: https://c.123g.us/css/fcp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 15 Dec 2020 06:54:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Feb 2019 10:50:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 2428835
ETag: "24665-b2be-582511f153a40"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8955
jake_test: Test_Pass

GET
H/1.1 200
OK modal_window.css
c.123g.us/css/ Frame 7899 29 KB
6 KB 24ms
23ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/modal_window.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de

Request headers

Referer: https://c.123g.us/css/fcp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 01 Jan 2021 16:35:41 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 925184
ETag: "746b-54da7c8112fc0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6107
jake_test: Test_Pass
Expires: Mon, 04 Jan 2021 11:02:47 GMT

GET
H/1.1 200
OK print_card.css
c.123g.us/css/ Frame 7899 3 KB
1 KB 24ms
23ms Stylesheet
text/css 67.27.235.124
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://c.123g.us/css/print_card.css
Requested by: Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.235.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969

Request headers

Referer: https://c.123g.us/css/fcp.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 27 Dec 2020 13:28:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Apr 2017 06:58:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1368422
ETag: "bbf-54da7c8112fc0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 824
jake_test: Test_Pass
Expires: Sun, 27 Dec 2020 13:43:24 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 08B4 9 KB
7 KB 19ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b1d36d82b8b0659c405546310b9711e4d41c8c34801a4dfdc98541614f5f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6689
x-xss-protection: 0

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 36E3 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-29

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 953
date: Tue, 12 Jan 2021 09:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 12 Jan 2021 11:19:32 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08B4 0
0 92ms
62ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIfgrsc19zLpaUOohz0FWAfjW-Ab2tTKBDqDLdnSi4AHH2Je2Qk6bqAIEZWeV6KefHTz4sLErWV4kunf44i0VuKWRQ2jziAOXOGqGJ54HbfDtrfcZjBHdWwhvQK4OGJUHKk9aWh2hmWelXII_IxkPsIBnyO1FuOi75PLh7msqS7BNtJIb2WzmxwE0DCnBQUAyEd-nykbhnj55xRcBF_QvboRJWiY-5D23dR0pnFxsIqz_CEJnNXRBtJ6h4rNerkJaWNadFID0ADcJC9ziNagwPxh3lAu7DrK2zCWVGjDdR9uTWeKPic5UyYz-w3QwaHFv2tf9AmKlqAw&sai=AMfl-YRgoSe3NUllObanM8wzVIlqXYg0ztJtNDwSohuwPzbEuqGgEArkKOtBMf_ioyNGsZ1gHbPMLIko8WmzFTm8VWD60s12gP8mrhpOtjqUqr5KNz_Hy77vgVEYhuRMQRE&sig=Cg0ArKJSzIqxMleVaOEPEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:26 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 36E3 0
0 91ms
62ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstD_zBON5frlRVY472R8b-OOAZ3y91tE12ujcPFZHEbq1hBQDGihK-hMUEWmJNEzEs4qwubTfNme_FJZaiRG89Dvh82hEu3jtV75iUUs628QgdcbXpkgBD7LBzV331hq2HZOZe9cKtxCJXG2uBSdXB2YZLa_6vXAf1I7ouAmfXaqd14H5T6PhlFnes5iTrOtmIr-oEu6tWSSLU4Vw2Kt8oem4aBouMI7bAKoPJH6zzOkPNLzWqbxPu6BlEVA-JnYQcmCdL_iwquZ5vQbc7EBpdrbvxGjGX4imjJp2aij1Q4aaX-HC6pQyDFaC4c-x_G_Js1igcwQVZZZA&sai=AMfl-YSWi1BEjKgpPaIlFT7gOjWclhZ1Ss5rcr1k6mE3EbF5Yp-zjy0tR_D-Wi2QuXnE_8q3F1O3j0egOkSaKNOLz_4pkJzVSU_DzxD9URbwoi1PpB_n0sGkO2PauNezwDM&sig=Cg0ArKJSzCsLVNE63MLiEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:26 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 08B4 16 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:25 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 328ms
108ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 12 Jan 2021 09:35:26 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H2 200 vdo.player.js Show response
a.vdo.ai/core/assets/ 575 KB
144 KB 50ms
49ms Script
application/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d3d3d99ec2d1da823e792b3024b24ae723c89a29d46d9cffe4b1d4ba935c0da

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:26 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 127
cf-ray: 6105e32c2b21c2ae-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
cf-request-id: 07978c4f9e0000c2ae7fac5000000001
last-modified: Mon, 14 Sep 2020 22:24:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AqRmIPL8%2FN5DMnE5eTRTsAtZqbyXTPCSZohiHRvz9gox4%2FW0qQsaOFQarXuJ%2FnYKcsz0R7ZOBa9Km4ZIcdvWEhIDKyha15UpqGa9d9BcuTh6dSgl4g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 985925 393239
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 prebid.js Show response
a.vdo.ai/core/assets/ 339 KB
95 KB 47ms
47ms Script
application/javascript 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/prebid.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ac98091f04d8e654cfa6e1bae62ef59a9de93168f8d0e0b266ef6a9e79e10a4

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:26 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 127
cf-ray: 6105e32c2b24c2ae-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
cf-request-id: 07978c4f9f0000c2ae6a3e3000000001
last-modified: Thu, 10 Dec 2020 11:35:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qp%2FzRDtFXEhPYolDiEWQIVcqpB37PAqT0gT7Bia9CJ0yKflKOzAxMx0B537Gip5HCt%2FRtPXqksoBomFfvIi9aILncUDDio4ob%2FcFqKbmTSTlmQ7E7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 854703 327721
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 147ms
63ms Image
image/gif 51.77.119.11
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=initVdo&uid=18c87ea8-dfa3-4ac2-8417-938ce5dd3b23&t=1610444126108
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.77.119.11 Warminster, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns31094366.ip-51-77-119.eu
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:35:26 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7D48 9 KB
7 KB 19ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44467b3f0cd7bac700218f406686b931b13783dc8d8a6f8afee8178c8c47cb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6753
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 16ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021010903&jk=3757066002022402&bg=!k5ClkNPNAAUochWtKDsAKQB2-DxaLAP-glpMAUfdEbhqskwljP3D4WD8xn1j13u42T-3bZqMkb3IAgAAAT1SAAAATGgBBwoAz3H3OW_eNaTzEdjeSF_tr1NLCaiNt0stlojPV2UKvgI7kzNtDwO-5nj-lTiAmBvbIJmzeDcG7Ic1zJgqidZYzXxOwRN1bBT5hLPqlfOXT695LkbF7gaPg9wPmKmLahHY98MU8pc8eUabplSuG2MxyzuMpwAzRpU0mU0_eMgWDIBxgHd6yQNY8Z2xnyYmGvOHUqgzOhodSWCyl0OxRFm_H7VWUJZsFzEh3vKf-TR2mueD8cC6JmijkE4alZNhVQ-xMyvkamITuWhSmWW6s5qZpZkB4DQIa-c1qYnmX340A2IpfLW75XxSdSl9ziD22uF94e9gGIl0-0fku7zr08ySv5BvrtK6i3QUlb5yIJGfpQms6CdSAprO-bzuNVPSOKzQZ0OZVcuqTiwMCUHGbzy9ic6r-5HxTPlUvoKK25DeYPL9fEnweKKqDEoFCeoGpN3G2gkkeDjaXYbn9FOBNciaw_T3vatNvIxQZrarkPmkJUNpMtjV8wRsjCTQI6LRD65Yd4N8wDNEYOCUc3EULdCM68UflTax5Zsr39YkGHjOJ_coWjbTEotrqyeEPo_xEoM1Q-GJWE30yZLC2w24s6CgivmZ4EkiUc5nBqUm17ITzc4ucnIF-o_d-B2KEAnRXqMlzuF9EQ0S4762KaDNlul7UaTyO9XEpHVSQ0iDOPEHxs1pyG1BTYOuAtvGEVCZ4nzg-rquLnZuJUTGjJfdejjkPeVDktI5qpiyXT8xDTjj6r1br-GFrs8PtgEXgUQoyoMJOQ36NHJjkQI_g2qqQy00aLkemJBT_txoeNTTGw2NWRB-4KA49TrbFvSghkv8vbcV5Z8kYw21WNaMZIfwQTVYo800rr25wOaF1ujUwy5x05dH6T1D8CzEx9HkqtXWELf6qF23r5MvV3oF-WliTlBOXrlx8w

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
47 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1136752795&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Tony%20White%20from%20Donnetta%20Kennedy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAUABAAAAAC~&jid=57958813&gjid=1690899878&cid=436450538.1610444121&tid=UA-113932176-29&_gid=338316575.1610444121&_r=1&gtm=2oubu0&z=1512834019

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.123greetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113932176-29&l=dataLayer&cx=c

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 954
date: Tue, 12 Jan 2021 09:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 12 Jan 2021 11:19:32 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1136752795&t=event&_s=2&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Tony%20White%20from%20Donnetta%20Kennedy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=c332dfb&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=436450538.1610444121&tid=UA-113932176-29&_gid=338316575.1610444121&gtm=2oubu0&z=1596085761

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 21:23:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43939
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
7ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1136752795&t=event&_s=3&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Tony%20White%20from%20Donnetta%20Kennedy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=banner_blocked_size&el=c332dfb&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=436450538.1610444121&tid=UA-113932176-29&_gid=338316575.1610444121&gtm=2oubu0&z=878060272

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 21:23:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43939
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ Frame 36E3 35 B
58 B 39ms
38ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1826636081&t=event&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1x1&je=0&ec=vdoaijs&ea=loaded&ev=1&_u=AACAAUAB~&jid=&gjid=&cid=436450538.1610444121&tid=UA-113932176-29&_gid=338316575.1610444121&gtm=2oubu0&z=1118110453

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 21:23:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43939
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7D48 0
0 37ms
36ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_6v3evhK3ahpTHxyIgXuYIXJeBOfFVTafsAB3kq15r30rqQpWRUPE5I3bb8e6eeZmRvuhxq4RAO0r10dgxS3GTHAqRTcl0AoeR1-FWmdQiGci1o9oscjSQS5uwyZmh2mXUBRaDKqj4mpn1qiLNFAHeYOjV3kBh0oj7MDkk4tcU06ACcvMJxw4FNX7e3C45cUFapqFkO60BsOUbCq77TFiVuVxyG0OTyhEd2JYUwBE0u1u0bpikk5MfwJwwaf09KvXy6jBIp2YpwbvDBbyxD14uowg9Ayo0fMgds0vePSiniDD0drdhPo2RjNH17VM64XfVMFl&sai=AMfl-YSnORVJNtX2YR93nzPZjoiCUDrtJkT6dvhbHX6H8AutryMUIRziW1gPcOspDOYDERssleOj5yumdewdh7-PIx7WmtrHLKwylSunDPPv5oV9dK4LEwZGKr3XGK_lDFM&sig=Cg0ArKJSzJcKfkpmgzojEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:26 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7D48 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:26 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 55F7 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 11 Jan 2021 23:13:55 GMT
expires: Tue, 11 Jan 2022 23:13:55 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37291
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK f2554b55-bad9-436f-9310-160726a6052c
https://www.123greetings.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.123greetings.com/f2554b55-bad9-436f-9310-160726a6052c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B5E8 9 KB
7 KB 23ms
23ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9729ebe16d0cbf2b478083a7af9e1f64a50867048d6d2f133e52cba9668f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6845
x-xss-protection: 0

OPTIONS
H/1.1 204
No Content ent14.m3u8
h.vdo.ai/videos/categories/ Frame 0
0 129ms
25ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.m3u8
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:26 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK ent14.m3u8 Show response
h.vdo.ai/videos/categories/ 1 KB
2 KB 63ms
61ms XHR
application/vnd.apple.mpegurl 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 22ddded712180f3543f924ff31561295422cb23561271062a46faf296301a590

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
vdoai: true

Response headers

Date: Tue, 12 Jan 2021 09:35:26 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:36 GMT
Server: nginx/1.16.1
ETag: "5f96e494-503"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1283

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B5E8 0
0 32ms
32ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPBuGVpp5bbvLMrXvx12oKhyh4lFJwciqT4Mf8XnpV7EGvPe49wyT6f3t8fjpTc-m5KNpIVn_cjaHKdyoFk6tIGn54mb_abwmZX89UU7Tkf72SZBn-3TPHQXXO7ddD3U4Gm5AzcnIyZ0JFBaTOxM_MSRUfVnrOzPm9OTyyojJqTeMusIaJVuM8-kxxhRXxXwkHa3npYusDU3z1A0nElOcMkPeSJ6Oels3CMPHUSsL3BgXrriIMV9NzuRE1aTwYnNGwSo79oFkrRFDe01yERwHsC5PDuC7wHyEVKx_2aCShp4H4aggP2mb8aq85Z7QM1YCKf2Oeixg&sai=AMfl-YRl1jk7J5HbFDfkbHvMKNgtJL8qN5pYA-L6uLDc1H3wb8oXxfXEhDVqMbk16C9-or0--tsRHae07ol2uY4ObAjW1S_Gw7svSZK46k--LQqwxqGYFfOWqamra7IJd-c&sig=Cg0ArKJSzK-5DAmd3eODEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:26 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B5E8 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:26 GMT

GET
BLOB 200
OK cd71f5ac-d2d2-44e1-bc89-415bdd2ecb10
https://www.123greetings.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.123greetings.com/cd71f5ac-d2d2-44e1-bc89-415bdd2ecb10
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0d2bb46c68e084f258f3728375c0351cb47075647142ba7df6f0059ae0b2581

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H3-Q050 200 bridge3.433.1_en.html
imasdk.googleapis.com/js/core/ Frame F25F 0
0 81ms
67ms Document
text/html 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.433.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.433.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191997
date: Thu, 07 Jan 2021 20:55:20 GMT
expires: Fri, 07 Jan 2022 20:55:20 GMT
last-modified: Thu, 07 Jan 2021 20:50:43 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 391206
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 73ms
49ms Script
text/javascript 2a00:1450:4001:800::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:26 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 109ms
108ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 12 Jan 2021 09:35:26 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H2 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
1 KB 21ms
20ms Image
image/svg+xml 2606:4700:3033::ac43:de92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:de92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:26 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 130
cf-ray: 6105e32e8f0cc2ae-FRA
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
cf-request-id: 07978c511a0000c2ae7183c000000001
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8llrX2p2ZcX7ecLUTcI7wZN2foPpt4rfQR58WTLCZrfxHr8YF%2FguAgPCarDZhfB9Tm5w%2FXeGX%2BEHg7lNiXnN2XJD0%2B1NtSSQwLb%2B6OZwONpY7hDRHw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 428866 32797
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: public, max-age=1800
access-control-allow-credentials: true
content-type: image/svg+xml
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 70ms
69ms Image
image/gif 51.77.119.11
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=forceplay&uid=18c87ea8-dfa3-4ac2-8417-938ce5dd3b23&t=1610444126487
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.77.119.11 Warminster, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns31094366.ip-51-77-119.eu
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:35:26 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame ABA2 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 11 Jan 2021 23:13:55 GMT
expires: Tue, 11 Jan 2022 23:13:55 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37291
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 202ms
108ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 12 Jan 2021 09:35:26 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
242 B 362ms
108ms XHR
text/html 144.217.66.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.217.66.206 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns535844.ip-144-217-66.net
Software: nginx/1.19.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 12 Jan 2021 09:35:26 GMT
Server: nginx/1.19.2
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 92ms
32ms Image
image/gif 51.77.119.11
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=pageview&uid=18c87ea8-dfa3-4ac2-8417-938ce5dd3b23&t=1610444126503
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.77.119.11 Warminster, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns31094366.ip-51-77-119.eu
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:35:26 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 53ms
52ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1136752795&t=event&_s=4&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Tony%20White%20from%20Donnetta%20Kennedy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=c332dfb&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=436450538.1610444121&tid=UA-113932176-29&_gid=338316575.1610444121&gtm=2oubu0&z=886437469

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 21:23:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43939
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel.gif
track.vdo.ai/ 43 B
236 B 148ms
66ms Image
image/gif 51.77.119.11
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.vdo.ai/pixel.gif?domainName=www.123greetings.com&tagName=123greetings&event=website_pageview&uid=18c87ea8-dfa3-4ac2-8417-938ce5dd3b23&t=1610444126505
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.77.119.11 Warminster, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns31094366.ip-51-77-119.eu
Software: nginx/1.12.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 09:35:26 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 53ms
52ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1136752795&t=event&_s=5&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Tony%20White%20from%20Donnetta%20Kennedy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=website_pageview&el=c332dfb&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=436450538.1610444121&tid=UA-113932176-29&_gid=338316575.1610444121&gtm=2oubu0&z=535684155

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 21:23:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43939
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 16ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1136752795&t=event&_s=6&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ul=en-us&de=UTF-8&dt=A%20Greeting%20card%20for%20Tony%20White%20from%20Donnetta%20Kennedy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=c332dfb&_u=KEDAAUABAAAAAC~&jid=&gjid=&cid=436450538.1610444121&tid=UA-113932176-29&_gid=338316575.1610444121&gtm=2oubu0&z=354155254

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jan 2021 21:23:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43939
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 2064 0
0 14ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 11 Jan 2021 23:13:55 GMT
expires: Tue, 11 Jan 2022 23:13:55 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37291
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK 0ce8885d-64fa-40bb-947a-395f1cc05320
https://www.123greetings.com/ 52 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.123greetings.com/0ce8885d-64fa-40bb-947a-395f1cc05320
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27b6996a0f7ea420886fcb7b079d023a65391f41b283c92c38b60e8a157d6559

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 52893
Content-Type: application/javascript

GET
H/1.1 206
Partial Content ent14.ts Show response
h.vdo.ai/videos/categories/ 237 KB
238 KB 38ms
37ms XHR
video/mp2t 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 761f119d19b90554771ffb0b12b88bf7990045a04a70bab1988a7e7c4e76034a

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-243083

Response headers

Date: Tue, 12 Jan 2021 09:35:26 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:38 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f96e496-4f95c4"
Content-Type: video/mp2t
Content-Range: bytes 0-243083/5215684
Connection: keep-alive
Content-Length: 243084

OPTIONS
H/1.1 204
No Content ent14.ts
h.vdo.ai/videos/categories/ Frame 0
0 26ms
25ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:26 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F6FB 9 KB
7 KB 23ms
22ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8d4458571ef55c4bcbf1283c2c471b28e467c5094c02e14d39fe52542baf9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6775
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D9C1 9 KB
7 KB 62ms
62ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6166224a37f650296f814046233d81c5495070ff82ef2a863736b2664aa6758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6896
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F6FB 0
0 65ms
64ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF_PlZgq_DW_ItlHhNUbHyYwSjbLyuRlvAhJCrKhHJT5OEyH3MqhunLk_njjgR1Z5R-PZdZqThq7mzzrayeh-tV6E1kW3HF_ejc84QQHhXgxjq8dP5WxF2HzGydNkUFTOs5hVprpWUPvuJ1GAFcLGFYl_lVFgnmDAv32Zh2ZyLGUb7sJNINPyjHCF8icL_x7S0wdhY8AU21iNyxth9g61Vp92UZBlTgCA0JPFGKv3QWkYp41jvBhbq9QONGpGhzWBOvsDvolcFceBRJF54GyRftFMZJr2e1XFpZBlLwLRjQQtUd3MRNG4skcXu8WU68MFwO6VinHbKMSHvzIQ&sai=AMfl-YQ0yYiLOmIPNtW6uee6tePTTrcBx7lJjiS6ifWmEu-9EYa1gF_YXLSBq-4ZRYwxdFf-VlNrIYUARoXZG2JizQeuGYQCQr73a14-N5ackJZc33dug4ojYDB0AoMowFY&sig=Cg0ArKJSzKsHqTYUNNqoEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:26 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame D9C1 0
0 69ms
68ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFWbxL8eiViF1-Wvnk8_9J1j7AnZLA_xxcOOvsLZi32YB07yn6b5NspSGwxI2Bn7gL0SjGApaeozpAxkBByGtoOFe1m458vOOyskLOS9TCFqBZsd9IHZbKlca8arR3HJdX5prYUMRc4mxZhdJyPUedInNnAmDnDs8q4s8siLwt_cMKsE71DSFiZWYO4u153tyiq5nJY_aSEkLDQmZRFtPcribPGCQRG9SXghaOHOLOr2_LHB4kL1NZnyZOpk-Dr0AmDgjpdoGe42BUHWjbibM-UhE0hyrcZbPvMxiZQxKD7jnlRHC5IL9xpf752ClC2VGbbEgDyNdqIVXCpug&sai=AMfl-YSStAu8CERI3i0S5T0pyPPr97bwJoz5KsLK6cyzRtrUxTkKg5nettu0FlqN8vNBIvzKA_SUqzV3qHbrztLn0mwoFdkG-96JEjemZ0cvY9G2wbfx8HF67MoXLuX5JiM&sig=Cg0ArKJSzAFOpNBnpH9IEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:26 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 663B 9 KB
7 KB 88ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210107&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ccae6d285052853581a41f66e4a7d28b48b046afb29a0fca28585337014b3d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6782
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 663B 0
0 92ms
81ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYyVd1PU9iQehsn62mM6Qiv4ZrK6jedQWehL09s87N1snfImqXTQjQvptpcVYlCPDCWk8FLyWBsnhLf-ppim8aJV3nsNU4A1yf1G60q2E0I4nIwxZjnpIfe6r2D8_5nNNOfz7_JrTtu-Lf6-c4o2fsGgjEJaTV6qqnLe-ZBLPgcyHtedzkxuLOALP8Ok50R4TqZiMm3hRwAIuK5fjGPqykXgSfrNSAiYRcmjn5j0b5iQ-VsY2jpA85_TgH0sh9fBpCb_X7tFzy0WF41gld1mMPsCUJx66nkZ54X5FS3xeiLrJHhHWEPOUSQW97rpsqxkBknjiqTLnJAo1fYJM&sai=AMfl-YQSeb1QPWa7fyViqQ4jWCdA3IIDrl9qL1EWcRDHyVMUX1Hbch_tucmwHH9INK1UNl4TWtA5mnxD1qq6xnc8HGc5C6UKLbxCDLvrjJnSoHykX2RlxrEtqcnXRs7D4ew&sig=Cg0ArKJSzJDWf94gxEv7EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:26 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F89B 9 KB
7 KB 30ms
24ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca31008a6dcd862e37f8c557d1f16c26240271de059117be070f01516f355837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6753
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame F89B 0
0 78ms
77ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaECeZ7mqhVt5DKw0iFtKMRrucP5mYA0ctnBv71MM2XtwGum44ShKb9rLekemJOvrfhUUr-82BMALCGpLVinAmh21vNsiub3QQvKH8wmArvZoIkQ4ZYvxXFRaeyBefVC8ffF2-FXV4_rR43gMFLaFFBU9BFI-fnj7aF3MmlOctEhnIe-QLnOUTh4uC8kWz9Jrzg9II1wC1eoREKEyrdbRFvUa8sdVjqlnh3A8I1cT6CVZPHUxO0D5pzfcbKm3GsC4zTNeCPWlq-xXOkcykY88Z2Ws1FQz4bIjpmwDjslV2CSgQcqjZKquGZR93jx61dpaLhVFMZWoDO2AL&sai=AMfl-YQ9-gCTklz7fRQ1JqsXZpe7sMWvWdVkuy-KcWB6eVrqpJx25L0VuOQY-8iY1qFFRWtw365Eip7de9hD2x89kGOXNeqZU6KuwSWGAnV3xQnLsHCZYloAfx6zKD2wI14&sig=Cg0ArKJSzLZCdRjlIMJBEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Jan 2021 09:35:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:27 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F6FB 16 KB
6 KB 63ms
60ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:27 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D9C1 16 KB
6 KB 69ms
66ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:27 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 663B 16 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210107/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:27 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F89B 16 KB
6 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 12 Jan 2021 09:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Tue, 12 Jan 2021 09:35:27 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 6E98 0
0 9ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 11 Jan 2021 23:13:55 GMT
expires: Tue, 11 Jan 2022 23:13:55 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37292
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 1D19 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 11 Jan 2021 23:13:55 GMT
expires: Tue, 11 Jan 2022 23:13:55 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37292
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 1E76 0
0 9ms
8ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 11 Jan 2021 23:13:55 GMT
expires: Tue, 11 Jan 2022 23:13:55 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37292
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 3C81 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 11 Jan 2021 23:13:55 GMT
expires: Tue, 11 Jan 2022 23:13:55 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37292
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 104134_th.gif
i.123g.us/c/ejan_chococakeday/th/ 7 KB
7 KB 29ms
26ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_chococakeday/th/104134_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb94186d8d47079927d0328e23541daac235008fd8559f75400944a140ec094b

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 17:49:51 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 56736
ETag: "1bb8-4f323cdbd9000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7096
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 18:04:52 GMT

GET
H/1.1 200
OK 113136_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 8 KB
8 KB 27ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/113136_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21c2ce0c98b0f7b6b90d4683b7858f8f40abf49411dd607e17215842b5b6c802

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 15:58:05 GMT
Last-Modified: Mon, 24 Feb 2014 08:21:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1791442
ETag: "1f88-4f322a9ad7f00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8072
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 14:06:28 GMT

GET
H/1.1 200
OK 103623_th.gif
i.123g.us/c/ejan_dreamstrueday/th/ 6 KB
6 KB 26ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_dreamstrueday/th/103623_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ba22d0b269314eb891998bf6db82b8dd17ad4ba11455987a4e011830f702581e

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 23:00:06 GMT
Last-Modified: Mon, 24 Feb 2014 08:22:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1593321
ETag: "16db-4f322aaedee40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5851
Expires: Fri, 25 Dec 2020 16:59:09 GMT

GET
H/1.1 200
OK 107616_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 8 KB
8 KB 33ms
30ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/107616_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fdf7422ceba3a07b4e4fe76275760f96d632968d7a43a1488f9064b14ae944f4

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 11:36:29 GMT
Last-Modified: Mon, 24 Feb 2014 08:21:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1720738
ETag: "1eae-4f322a9ad7f00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7854
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 11:51:29 GMT

GET
H/1.1 200
OK 116570_th.gif
i.123g.us/c/ejan_dreamstrueday/th/ 8 KB
8 KB 30ms
27ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_dreamstrueday/th/116570_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4e8c4ff774d831d08f3828db225cb03e2f3786a536a087ab867572b992af1379

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 21:43:54 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1425093
ETag: "1f3e-4f323cdccd240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7998
jake_test: Test_Pass
Expires: Mon, 04 Jan 2021 17:40:52 GMT

GET
H/1.1 200
OK 107610_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 7 KB
7 KB 30ms
28ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/107610_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1c3fe0df998b15cf7acc3a57567cc82f33ca5dc9f039c02ad814917d5485ca7c

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 19:46:46 GMT
Last-Modified: Wed, 05 Aug 2015 12:19:49 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1691321
ETag: "1b4f-51c8f6b42e340"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6991
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 10:21:21 GMT

GET
H/1.1 200
OK 345371_th.jpg
i.123g.us/c/ejan_orthodoxnew_year/th/ 4 KB
4 KB 79ms
77ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/345371_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 19201fcf6f6f62a8f4d9f6655b9e2354198fff6b821429aa636c7c87bf848691

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 09:14:03 GMT
Last-Modified: Thu, 31 Dec 2020 07:43:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1038084
ETag: "107d-5b7bdc77b45c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4221
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 10:23:50 GMT

GET
H/1.1 200
OK 127091_th.gif
i.123g.us/c/ejan_orthodoxnew_year/th/ 7 KB
7 KB 52ms
51ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/127091_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1fe66016ed957cc78385df19142ee6951c2ac94935d6817c19df08ebdef49562

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 11:19:27 GMT
Last-Modified: Mon, 28 Dec 2020 10:26:51 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1289760
ETag: "1c42-5b783b65250c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7234
jake_test: Test_Pass
Expires: Tue, 29 Dec 2020 07:12:51 GMT

GET
H/1.1 200
OK 332516_th.gif
i.123g.us/c/ejan_strawberryicecream/th/ 6 KB
7 KB 51ms
51ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_strawberryicecream/th/332516_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fb49ee0af8a625fea9b37dd4dfb67f15e4249fc9b09b7d8ad15f9709e01edea2

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 20:36:40 GMT
Last-Modified: Thu, 11 Jan 2018 12:55:42 GMT
Server: Apache/2.2.15 (CentOS)
Age: 997127
ETag: "19cf-5627faa5acf80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6607
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 05:34:47 GMT

GET
H/1.1 200
OK 337099_th.jpg
i.123g.us/c/ejan_indrepublicday/th/ 7 KB
8 KB 89ms
88ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_indrepublicday/th/337099_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3d8d3815663659caa50333cfcc6669a990968da43c94cf9fa40daa3b3b9941cb

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 14:35:15 GMT
Last-Modified: Thu, 17 Jan 2019 13:18:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1796412
ETag: "1cfc-57fa73a5d1cc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7420
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 11:40:02 GMT

GET
H/1.1 200
OK 320936_th.jpg
i.123g.us/c/ejan_daisyday/th/ 7 KB
7 KB 49ms
48ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_daisyday/th/320936_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 608a85065045a5e5edd7536c73feddba9e249b44d26f1642f6979337f990bd97

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 01:51:19 GMT
Last-Modified: Fri, 15 Jan 2016 12:56:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 114248
ETag: "1adc-5295eef5bf8c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6876
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 08:11:18 GMT

GET
H/1.1 200
OK 337178_th.jpg
i.123g.us/c/ejan_australiaday/th/ 6 KB
7 KB 86ms
36ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_australiaday/th/337178_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e13e82666765e22af19a953fcbeee4b328cbc481c606a08755a90b0d9ddf6ea1

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 05:54:06 GMT
Last-Modified: Wed, 23 Jan 2019 09:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 13281
ETag: "190e-5801ce51ee4c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6414
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 06:09:07 GMT

GET
H/1.1 200
OK 113000_th.gif
i.123g.us/c/ejan_chococakeday/th/ 7 KB
7 KB 24ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_chococakeday/th/113000_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 06a433408ea118ce748d8466bc535126595c9f7d5f3ebae497a9724f9aa06974

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:21:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1804426
ETag: "1b08-4f323cdbd9000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6920
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:19 GMT

GET
H/1.1 200
OK 125583_th.gif
i.123g.us/c/ejan_strawberryicecream/th/ 8 KB
8 KB 38ms
37ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_strawberryicecream/th/125583_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 02866c6f4a1bbaa4c3bcfc674c76c39b269808b49e7c8d5a8783c7720d6fb006

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 19:05:23 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:46 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1002604
ETag: "1f33-4f323d98acd80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7987
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 17:08:28 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7D48 42 B
155 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukeF_gtzY-fUXeBChG2B0OXf_W2-0xq3ipxCin8f6_VoErnCGyYr3j3s7xthu9Jzg5nmqSnhG3egmq0LXgN-B1SggBw_F2fkAbZUbDOsI&sig=Cg0ArKJSzE758D53__GIEAE&id=osdim&mcvt=1008&p=47,560,137,1288&mtos=1008,1008,1008,1008,2909&tos=1008,0,0,0,1901&v=20210106&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3337616149&rs=4&met=ie&la=0&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B5E8 42 B
66 B 67ms
67ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-4iqFxu3H4ViNFdS77cwhaB-o0pXN8uhQQuDwmhf39Jc2la10w_nfi1iD2haxYJGxQvjiWeXKalCVluBvruzccT382IimBXlRKdJoE5I&sig=Cg0ArKJSzG1e5lU5ebhGEAE&id=osdim&mcvt=1010&p=236,1114,836,1274&mtos=1010,1010,1010,1010,3149&tos=1010,0,0,0,2139&v=20210106&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1542450727&rs=4&met=ie&la=0&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content ent14.ts Show response
h.vdo.ai/videos/categories/ 270 KB
270 KB 26ms
25ms XHR
video/mp2t 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 8bb3054223ad3bd06339f0c8566d105c7cc08c0e6b0c91634608b252085c0340

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=243084-519255

Response headers

Date: Tue, 12 Jan 2021 09:35:27 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:38 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f96e496-4f95c4"
Content-Type: video/mp2t
Content-Range: bytes 243084-519255/5215684
Connection: keep-alive
Content-Length: 276172

OPTIONS
H/1.1 204
No Content ent14.ts
h.vdo.ai/videos/categories/ Frame 0
0 25ms
25ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5E8 0
160 B 79ms
77ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=2910405896898529&bg=!4eKl4qHNAAUochWtKDsAKQB2-DxaWOZfb184yiW8WEg51FK9FKs3t0QLxiBByJvmuToOaPZkAiPKAgAAA4JSAAAAV2gBBwoBLUqGX0DqOpC2tu5UYhlLMsQURGg_Y5uKo2g_0CmTTUy0RfKLCBOaCGKI0d5iS0PW85ygTSb4S7x4wiz9OpTxyVXj7nasAN5j96u90axacRpPJIfaKmsQC0rHkhO2KGIN2BXe4HsFyiwzDLG5V4BLXb8T-tCUkeeq9SH0sZ-Bm9HwRxLM8mFyJhQIcmy0Sokd5baH21ksyPwrS3YsYRTQfPqOuPnHTxA2f8p25iLTmYAOMZXdt4GePzgmoxR1hUiMeORjVUwYE0jZROcLPZKmew7NuXvrkwvjh3BTVdRVPeL9XCwG03WzoIVrpKWk7c-Re0DbFxxMi6qhmimqZzGr5KHI-a9t04XQlsXhMz2iIfXFt4LJmlpEX51kQbs5o0refLG3SejXDy--zx1k6fGZAeUNlvv1wapiVmH4lSBqNxt58PLG79WStag34GSgwv3bzOdyVgI69PtaO06uMwLzggvvD04FyfjX6jcISAhfclpQUHCnjU3G79SmfPkCuA-yGkWfWooj45a2H0gwK9MvSMO-fy94sK5QGL4jsiDiMWyttoekoJ-jZ6xPt3H6_c2e1h7E1Js_cMb5rH9OuUPfwmtwVJ_yy7KXjBDv4FsqCql9Knl1o7KNy2uWILJOig-tlNg-5JVjX90WvTsYjdgBPoauPmXHXwTTlH8obmQTbhrReTI5DesLSfd73b-4fujpsjnqkRI38kSK-6ahHT2CudpGk9HfLzJPbGkLSBhd7HXiR9wtcQlqcFGClAEBk0N-y8b3md8Y-L8sBKqHPlwcqCdDZOwRNt8jY_sQwFzC5SeSz1UaJqovV7jods3-csc1qjEt0rDKSvId-9WKMHBiR-NrT1jfXHLDdJfIX9X-2h72EiEgm66o7amytuaEP1BZJK2NnqZVtWE2VlVCS4ZgaNaTMEQZ54vx6hPaKxrycvzT3i2d00RfGPeMLhUprLg1b1I8SfAyl1ckBJ2CQhbnvOOFo5rH5TrIzWccluR99n9VgYfl56X72OaG-OAKRtP44ecO7ZooGXWdY_tyBZBeW1IJJH2Jbw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D48 0
23 B 79ms
77ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=1829471742742856&bg=!LC-lL2zNAAUochWtKDsAKQB2-DxaIJgUDNis2Gitke9EEz0IbdRdKP2KOhNKuvYuN4blWUa7FbGyAgAAA5VSAAAAq2gBBwoBY_tvbeJG61V5kTVmiC15BfXtwkYuyfvXT0WRNpygw9fFG3lN4Pq3EPBHqCNphb1szzDfTt5e1DEDc9ulu2PBWhAtjMAqShomqclXtQklQD2B37zUPrSeNtRXC1LpmVgl86-b4GLg0eK6PbEIa-a1AcA71t2h6qEWAg23jJSdGuNEUGiUVjh8LTWV--CDFaCQOmAT0F7EzWfn3ipdCLPeBwKnXm2CmYpTu8yiy8S0WmQfgzZFrVYFUhHYBomo0Vxvts-ZvX8hOKmYk2oicm_8BL8QDbg6qPsb3sDSFMCphllRZvzvyTuwHXFzWZGzDagmbi7wAKW-qAPgF178B7aGs6pkENyaJiKQJWl0fqx6A2n1fy8QX9tFKGNUYzgAseG673KOdoLr9s2MRuxXFLlvwzAEQ7KkqrK3l9uJQP0VOKiSkq4V4OWiEZOtpFQQ1dcI0hEb2-WEjmOns0_Yjc9ETgOEBOWZAeD8Hjg2p60zCw2tSMFnbCVB6ii4Ybk7ePUjLJKH-kLeUCiA1jVZDcoZK7UzjziuhjiLMxf_Yek4YGTsP7sxeenJwqSSXyHF3_75waWBi3OyTyQePVE5OnMXtPJlLUaiZaNaUJzTXIw032jR2p9599Sskh0UFUneMYTgXI1EL1iAVjZxmR08cd3fuekRjoX0tv9ouxfUiEswidW5Gromm49RAFol3719bOg6UxT5h3uodRctCXs56tUKnuSb1uGnlRtnk0jPe4iB4qv3U-biS37QVkqB6GdQy7oQUaLAkVYz5li1S-s88tSDyo1O1BTStcl3fYKJFJHbvUwx8UDzoFBYNo4eQVc84lN-1L2YPSAvkc7qnpC_pe4A47VMeP9LEwSc943pd7G5lYbSxxee1BBXOQcuXq8mrJSZd1t0vaLPAv9VUiNW3lCUwc7I-qwbvczw30EvBJdTTADcxxAFn1bSlRsIQ2oG_mjT_Bnskvn1SdHLdj_WchtwbrND3TIL03sMLteW1lQCemkiKUTlhb0upcb9XUfyarVBNmqovkFCT3K8NLRxLHM8D80JewoGVpTz_OYlPTXWV_pNYH5FVPrjO27Tv9jOGCexLntjUHQSKLIXyAraxxDOfDU7DtERQik

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08B4 0
23 B 19ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=2420385843338917&bg=!BQalBkXNAAUochWtKDsAKQB2-DxayavQQHclmzDVmBbip4UkSFI13keeaTc_69NXUc4ygYn-xxXyAgAAA_1SAAAAsGgBBwoAZ4903Q8VlceQi8dKKzwJ1_SeOFAqmpEcjKAz_tDDXVGIjwyMjgwnUn8Ptar7ktguM1AExBXMiJb8YMrQyEfKahd-l35cG6SpTw7ExEaSemEs3k4K-IhR9PkOzo_PrinUIYc2QRpiyq-ZAdvvM9YxNj7-w5KnFScgA99Z-i2YDg6lCFqPd661zcz7Kqy5cIpYhyYmx5EhCnUS8Kh3nvMUrMW2Nfl0UlO4U1E145uEDPcZkquo2tkJWs5XRonijCDT_cH6gQCBupmfuUfAkM1mwr1-xCqKjhRDodYyL2E9dRSG0ns15JBpO-pxWnaN4GSJkA9fClDmg_dnaACmdRqbon-OwgkEbmet2r-ZJ-vsPzbeFVssjBiPJkJSU4KoIoISdnb_M_IZPhG-dDELvPCUhcZ6GLDopVpbG3zKy9eUIPrnM4PbZ5GarL6HeCWvLr2Kh6iMgT7H6xo4LWs3Ou-Qg7BznVle_JlNNa7dufjRunz-KBEbz1V85waJJJFldzg-yKC1dZtEwZ71KyEFO1jDcbHOecl1XeoTXxTq54DI6avw8SR83wbTgh3bCor2SCn_e5h8LzQ7btPwTvJ8P-LAOMJfkeyuTya3hvF4KW21r9TWiO_MGBSNTpSNud_guRCD7uJ0fQ7dGyw2q0T-ajMem1W8qm5txdTWYiBKa89MeycTfoXPTBDeEn7vlxTVVl2u2pUw40ENio0vMMgEPP6zMHqoQh3b9V7bXH_Jgzrfhb9G8gscgWYbvdXk9C3nJmcc5jd74pnO

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content ent14.ts Show response
h.vdo.ai/videos/categories/ 267 KB
268 KB 26ms
26ms XHR
video/mp2t 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: d550635fbe7d4ff85bed4c57c3cda2a33cdcaabd0b3a637f1c6304763c85c44e

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=519256-792983

Response headers

Date: Tue, 12 Jan 2021 09:35:27 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:38 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f96e496-4f95c4"
Content-Type: video/mp2t
Content-Range: bytes 519256-792983/5215684
Connection: keep-alive
Content-Length: 273728

OPTIONS
H/1.1 204
No Content ent14.ts
h.vdo.ai/videos/categories/ Frame 0
0 26ms
25ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:27 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

OPTIONS
H/1.1 204
No Content ent14.ts
h.vdo.ai/videos/categories/ Frame 0
0 30ms
26ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:28 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content ent14.ts Show response
h.vdo.ai/videos/categories/ 283 KB
283 KB 26ms
25ms XHR
video/mp2t 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: b18c2e9e67822c4f744774f05bafa44befd9f6e193534b5e2c77c8cae1dc7fc7

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=792984-1082691

Response headers

Date: Tue, 12 Jan 2021 09:35:28 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:38 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f96e496-4f95c4"
Content-Type: video/mp2t
Content-Range: bytes 792984-1082691/5215684
Connection: keep-alive
Content-Length: 289708

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F89B 42 B
66 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuokPzuxQHfddC_7J1YsUSLLk3s5rj1UYhFIiG79KuGMmzx0KAHBfuhy0sfF7jxr1ZFVANNqCBUi768JGTOU1xGxZtgaOvbHCpbVVnuPZw&sig=Cg0ArKJSzIt66CfAEgmQEAE&id=osdim&mcvt=1001&p=535,495,785,795&mtos=1001,1001,1001,1001,3640&tos=1001,0,0,0,2639&v=20210106&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3714999025&rs=4&met=ie&la=0&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content ent14.ts Show response
h.vdo.ai/videos/categories/ 261 KB
261 KB 26ms
26ms XHR
video/mp2t 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: b53874269b22ed216a5a866c4a78108bd8ec4325bdf8a4c303dfd0d1bc801beb

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=1082692-1349463

Response headers

Date: Tue, 12 Jan 2021 09:35:28 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:38 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f96e496-4f95c4"
Content-Type: video/mp2t
Content-Range: bytes 1082692-1349463/5215684
Connection: keep-alive
Content-Length: 266772

OPTIONS
H/1.1 204
No Content ent14.ts
h.vdo.ai/videos/categories/ Frame 0
0 25ms
25ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:28 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content ent14.ts Show response
h.vdo.ai/videos/categories/ 261 KB
261 KB 27ms
26ms XHR
video/mp2t 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 3f76f4e6c6ab00c6e9e931a9103c3b2bc477333718a6a0dd58859ddc4d79dd78

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=1349464-1616423

Response headers

Date: Tue, 12 Jan 2021 09:35:28 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:38 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f96e496-4f95c4"
Content-Type: video/mp2t
Content-Range: bytes 1349464-1616423/5215684
Connection: keep-alive
Content-Length: 266960

OPTIONS
H/1.1 204
No Content ent14.ts
h.vdo.ai/videos/categories/ Frame 0
0 25ms
25ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:28 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content ent14.ts Show response
h.vdo.ai/videos/categories/ 246 KB
246 KB 26ms
25ms XHR
video/mp2t 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 53b0d56fa2034dd1d4028c687c232b225211e2d21b3b3db89af10b21c7d2f61a

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=1616424-1868155

Response headers

Date: Tue, 12 Jan 2021 09:35:28 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:38 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f96e496-4f95c4"
Content-Type: video/mp2t
Content-Range: bytes 1616424-1868155/5215684
Connection: keep-alive
Content-Length: 251732

OPTIONS
H/1.1 204
No Content ent14.ts
h.vdo.ai/videos/categories/ Frame 0
0 25ms
25ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:28 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D9C1 0
23 B 17ms
16ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=3898568608764704&bg=!_f6l_r3NAAWEbmp2hDsAKQB2-DxaigItYDiTlZyfCOC6NvFCD-fXOaVyxDFux3kWSW_GGsliFNEzAgAAAXVSAAAAQGgBBwoAXBokTL4BMQYKFgNy6p1mEGsOLl6moDQS8iYCsEDvsgLk2sC0qiZXNGoaXIMKE2ezG2N5EGr3uwO1KioSWS5JRXTUnNHySMB5QJdaDrz3BB0mf98Q4OA0o4hkhJ_XmQHfQm_NPTXB5re9JWNfuvAdHuITJ1Ej1l7_m3bW7q72rHTsYArzxzn4khFsdT1I332VnWAJn2ddHGUF3qqFFTL6VrcYr0-td3C25xR0tHIQDKKsx5UnBdf2MX8cYlY9hBZoEDnvL64ZrhPkXZs_enJwc4P-nYsNu5w6tEW4KlB58gCaQQPl5x4-ZFmwDo9B14NFx4siKSE735_uV092tKzyQTNWwApxX1qoHadGaMQB0UcurNatgDrStcjJBFktaFsh5gw1HOb3_uViyZPvivIJyr8gJdLjZtm6cguR_cknITbBRPWTwH3-y_JIstCTYL26auibCRNHrHLG_PH038KttP5KLuV1liLGt1kOj_XuPKOYy9nEjfWWNvNoQ5syScC4lEY0kEP_LrdV0XGM8jEsBNm3fIFCw-jA1cL0jW_rK0HXSwuBcLzeSWCcmsEOlHCcnY_SRXUyG5991uJJD5mw2wXDcfcZHhsiT_3Euq1PWudZHobLZDlpjYpGEnoSRwCj69Ds2-j8h4Qjsu4IrFSxDAXPXV7ZcVcgj9cEDCj5AOhgd2rM4i74TrjPNb9QUvuMCQgWzHD3kdMo-rqTWTF1FOhEGC0DHzTzHnk2pa_8uH097A7qb5YnqWahQvBszwo

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F89B 0
23 B 16ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=510338562889288&bg=!EhGlEVLNAAWEbmp2hDsAKQB2-DxasQT0w7fsSk7nO0SaJ-DlgR6l1dU6iLF2uxeP7YcASQGlbEt9AgAAAUBSAAAAV2gBBwoBrLozggP0T-I7CZ9KMo1PcY7aX88aw9Egt07RxwXlPDVxABJ-pSu_Q6HnVgfGHd3IdcoBOH3plWh36IWfPMQZPaTK6o-CmQgQxd2dv617jdhgTCE2pZwwiL3I0ww1fhpOCKdkggpmiL6JZbHcd6cWqMg6A7m-A0sOUKeep1d5qu1kmNi5UjcVeGM6k3LmNLu-JjfPgS-DAyCDulk8QaYUDRWz_UwwkY3rlFCkkTmVBm4nDtCxGb3XbgFWljAmputu6LUrA3gNmT4Hn97lrdPhmvsqwAaUprfrSGS4Y5qsYaJILEZ2uade8NqtHDcN4PEWvEzMBeU6Cv40s0lK55VeD38DnLM041OQGTv764s5Pnnzkm22lxNnmEmGhaNU4QzvHKgRrJjJbDxe93E0oE3tQxteGrFB58Gw4kF-roXwCERaRl97oSnSaLy65M-9_L_QD9zAc5FS3gLNIjzUy7vmmWGqlwariAWVXZjBZqK636C4LWUbOMFeLWH7GdFJ7iSjq3ppXC8c7AebI8BdRcNtJ0kyumkT3CNQ4BY4MS25WvKndeTWccTiyvPl3R3-mQHWd_4seP7X7WKaK4hskSEYH_Y0R0FQZIsWWTGiGZHor8uyU7tT3j2ygRlghqaFWmaMfedoulf3PQyovL1Na_i4jg13S2eJ9T5KGoH3q27NAtH3mSN6p0GVHpHaRJUYUiC72Ps4lPSHoT0nF26PsgLrE4zV43BGm8tFrlMz3QuahghreXAGihVxweQUdp4QsWvjNJZAWQnJriCE8fpT9Jg8skVpJGQnsRbEHI1KsAHQxt769oqFhewXOqe4VER17Pf6_1WG3i_JIkm6bQYiOjN-WB0tW2PPI60Ro0fl-CAW8iiBH5Ri_lxeK0TY6zM6pO-BAVrpAaKtT2hcAJqxoJuBrsunjEBKiW_149Ir2ByN4uJW4EFolGxEtwy4s4j3UmHXNZDcjkqEU6Dm3d4zZmwfyWlXhNej2nf8F_wI6YXcsyjkdgDOjxWNWTCAMImqqJ8FZBw2GSiPJR8tXMjTzeWJLRitmHg2UslBO8BDkZwsX9Kx7OCB73DNw1-4bMgY93s_Lh46RfpuWyaYOZoeETS6r5ojT51kub_aixBmZtQEdxeWBBwT3GeZpDzsLV3nIr-NMkytsheuXLbiNHuBaeqyU7Bskom0UL5FkhZeB0mjcm6FQ7O681M

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6FB 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=3470859620706917&bg=!3N-l35zNAAWEbmp2hDsAKQB2-DxapTdn6Z5QXRjNnzcZAVuPw6UnORdnwc-PslWwV_qi96dDxhzSAgAAAZNSAAAAR2gBBwoA_3rIzntSk2LDMZDeHRiiS0DskfB5Zj8Zivh2GcQAw8IbfH24xR_btt6i_dWZudnlFLg_u7IFQAo0avES1bL0IqBgZK36j4eOIhwdDvCrdjMss-LuVNys27JcCzaonJYZVYON5KGRNecquJI03H2Wpuzz5i8bq-zXu0AXS35SVnstxWLD5PUe4NQV0kEGJQMYZfcyfMdLdVVkFSzWHkYqch_tlRdX65u7iOxIjDUzjKt13J8_FIP9vQ_78SVzqIyvrflYwfKIUgO1Dx7ZUS2u-I_k804GyONQcA4DNUELme1rDJOdzu7CwTvM-s78nbe69mIJXroro379ObVbywTKvpkB2A5-8S76dDyXWgcdEjsMrMqjfj1NlC6Yro5NKkfpAxIo0dNOaOIlzh0fHXvWzoScsLTnNGOB0cSQdz37SOacMxIwYqZL3cV5eMooarTcAAaJI6owvaHWD53_fP99Nl--a434X52yti90EnfDpR8TdMLA8k4-vrrDGBAssYlNFsdpfpgjyQlfCkQtBJRlWvsU9rhPKSNeVhkgTxbijF8q-GFB68tWxjRMV_kNPxxy6SjpKnRtRoMgqNPcqWb72M0r9FKPSjvaQJikX-COXJvx6IeWGHGRQLqWlNZaiA2o98CViKipoGDVzfk4KOV_40PulCcNkUcBHcBntpBbn7ivtTgF_u8BgWtkduutebo9DLJsv6Mh-9sqLR3rXLmZvpaTseAoGKOidmhf50ymlFWG21M1L9cm5IMxcdDAZ0ZzmSq0l_-umHKfMYBgbDxCh19wWbPD-_Mm3x2yFMrvOpgaBnJhmk-pJHKqXbDzLfbbSEC_JjFxTHDyR405B1QN8bsyc_dolpdJG4gkAP5cmomdyNZqbaEpC2f2c4JF7S1MB6LDCJ4AZ8v86IScEY54v6bGk7eB3Sjm6ec9Rm5bqyWTQrgQ35qtFeEhkKuPMYBTmTPBLCI-11aEKqU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 663B 0
23 B 16ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20210107&jk=3636952010822754&bg=!bW6lbi3NAAUochWtKDsAKQB2-DxaHKv3Uhx5EpsoXxZyWGMnL8falJVPLUwCMuUG6uoVhnKBjk1_AgAAAdBSAAAAHmgBBwoBrQmdoO-cBNZgoUzXZt1_pmXDEeiw8fgu75oumjhXm-e9WcNWIuu0KfuuDAEp2VOaFz6ygRdKXfINWC8SZzmNwii29X4_apZQUyCAvcjfiVsbeTIlsnx1WombiA-_E9OiCv2vMYXnmACY8nxdi9cMbTvQeZKdTKGz3Q5SufH5t0QBWWRHiuOjPQuPOJ3rAt0joRmLTQI2dYZMte08ALZFv3AvlnLYTx2SSO5kWZwo5em7a0ibAsUWcz-wI-wNQpWefrEvCjl_R65wSqgN7lFYmABjaMisdm3WFp2eap2oDjztFUr6k1J33c_6AB7y0TEG4Zd7OQ8GO6XEy2XwNpZ-4VZhO-wJMS3pgPIxn92Tryoi0iImVlmx4bPfzghQKRb8RdkVcxmXgHApFhka22Dg39hSXlXMwidBXADTKzG6BRQyfHYgKBGuJ7PNuPv56ucts4RzOxH-mLuMYBJcxQgs0U8kO5LMwOgF8eq3AqUYk_G_qFsWuZJaOaZiVMUT0PpnMTt1kKafRJ7fAghYqkP5wPVALBxboezlws7mTtrsHqOwTg4uHss6MxLZCN3wkpkB1kmrbGg8g8EXohlbUtMIY9uGumYKmLEBAUJEiMkWCxskWy072Lg8VfFfiIg7Tqph8-w0DAjUWptUVa3pLu6SeUE4eVutUu3RkyxfJKnt6ojDVRC4XfxtUdrv66veMQJSHNy4mdypHTNoI-1Gx5SnJu_iNRortTxqK64ji3EGEtE6yi-eOV0oeHRYF7KashrsXElhysX7x66VP-djaNtAcC2I3O3wpLGHhBOafAbo1uIIFp_OokhLUomojBnW4o8QyFCji4M89PG45L-cUpZBkIPHWv5LT_yTMjNQF8wRkhV4B2wNOKZasjq3IsCqy5_gaRHLAjQXCdalLz0jDudN-nzt0Rrd37vKOGJIgV_lfls5UyadTFk6AJ-WH_rOAsYScQH5H8TnsiKKo32kJEp6ZK47uNvhXR_5d2y0McqlChelKegemd-r8rmOVRFX29yYVpXr3F7qCYOxty_Xqlvf28WVx2eMO1Sk43voUnkVpaK6bnVtyUX4LFgzrud5WSkLaTU_YJPdC_h4_VR4c6gqXseJt8kj_bH1t5stOvC1Yzu5Kk7w2Bg4piKlnku6rGhMBDGSHzTEmEAQ8a4N1xGQ_FuGZtLbHias9MMdrUC7UrqnULTCxTVj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 avjp Show response
vdoai-d.openx.net/v/1.0/ 106 B
480 B 106ms
72ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vdoai-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F12321520122813534416&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0806a521-fece-4e8a-aabb-b5c76dc55c94&nocache=1610444128487&pubcid=e25450d0-f1de-4b25-9b78-23058ed2f5e4&schain=1.0%2C1!vdo.ai%2C1560%2C1%2C%2C%2C&minduration=1&maxduration=200&mimes=video%2Fmp4%2Capplication%2Fjavascript%2Cvideo%2Fx-flv%2Cvideo%2Fx-ms-wmv%2Capplication%2Fvnd.apple.mpegurl%2Capplication%2Fx-mpegurl%2Cvideo%2F3gpp%2Cvideo%2Fmpeg%2Cvideo%2Fogg%2Cvideo%2Fquicktime%2Cvideo%2Fwebm%2Cvideo%2Fx-m4v%2Cvideo%2Fms-asf%2Cvideo%2Fx-msvideo&protocols=1%2C2%2C3%2C4%2C5%2C6&startdelay=0&playbackmethod=3&api=1%2C2&skip=1&skipafter=5&w=419&h=236&auid=543832131&vwd=419&vht=236&vmimes=video%2Fmp4%2Capplication%2Fjavascript%2Cvideo%2Fx-flv%2Cvideo%2Fx-ms-wmv%2Capplication%2Fvnd.apple.mpegurl%2Capplication%2Fx-mpegurl%2Cvideo%2F3gpp%2Cvideo%2Fmpeg%2Cvideo%2Fogg%2Cvideo%2Fquicktime%2Cvideo%2Fwebm%2Cvideo%2Fx-m4v%2Cvideo%2Fms-asf%2Cvideo%2Fx-msvideo
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Jan 2021 09:35:28 GMT
via: 1.1 google
server: OXGW/16.200.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.123greetings.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 91ms
58ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.123greetings.com
date: Tue, 12 Jan 2021 09:35:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 70ms
35ms XHR
application/json 185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

70df1af2ea8c461a60d4e572290c9841b7bdb98d9fd94df0575fef50b4258f9a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 12 Jan 2021 09:35:28 GMT
X-Proxy-Origin: 185.212.171.67; 185.212.171.67; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.57:80
AN-X-Request-Uuid: fc7d97bb-5bf7-465c-bfde-a20e84807d30
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.123greetings.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 125583_th.gif
i.123g.us/c/ejan_strawberryicecream/th/ 8 KB
8 KB 24ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_strawberryicecream/th/125583_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 02866c6f4a1bbaa4c3bcfc674c76c39b269808b49e7c8d5a8783c7720d6fb006

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 19:05:23 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:46 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1002607
ETag: "1f33-4f323d98acd80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7987
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 17:08:28 GMT

GET
H/1.1 200
OK 104134_th.gif
i.123g.us/c/ejan_chococakeday/th/ 7 KB
7 KB 27ms
26ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_chococakeday/th/104134_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb94186d8d47079927d0328e23541daac235008fd8559f75400944a140ec094b

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 17:49:51 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 56739
ETag: "1bb8-4f323cdbd9000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7096
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 18:04:52 GMT

GET
H/1.1 200
OK 113136_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 8 KB
8 KB 26ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/113136_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21c2ce0c98b0f7b6b90d4683b7858f8f40abf49411dd607e17215842b5b6c802

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 15:58:05 GMT
Last-Modified: Mon, 24 Feb 2014 08:21:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1791445
ETag: "1f88-4f322a9ad7f00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8072
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 14:06:28 GMT

GET
H/1.1 200
OK 103623_th.gif
i.123g.us/c/ejan_dreamstrueday/th/ 6 KB
6 KB 27ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_dreamstrueday/th/103623_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ba22d0b269314eb891998bf6db82b8dd17ad4ba11455987a4e011830f702581e

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 23:00:06 GMT
Last-Modified: Mon, 24 Feb 2014 08:22:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1593324
ETag: "16db-4f322aaedee40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5851
Expires: Fri, 25 Dec 2020 16:59:09 GMT

GET
H/1.1 200
OK 107616_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 8 KB
8 KB 28ms
26ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/107616_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fdf7422ceba3a07b4e4fe76275760f96d632968d7a43a1488f9064b14ae944f4

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 11:36:29 GMT
Last-Modified: Mon, 24 Feb 2014 08:21:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1720741
ETag: "1eae-4f322a9ad7f00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7854
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 11:51:29 GMT

GET
H/1.1 200
OK 116570_th.gif
i.123g.us/c/ejan_dreamstrueday/th/ 8 KB
8 KB 26ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_dreamstrueday/th/116570_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4e8c4ff774d831d08f3828db225cb03e2f3786a536a087ab867572b992af1379

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 21:43:54 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1425096
ETag: "1f3e-4f323cdccd240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7998
jake_test: Test_Pass
Expires: Mon, 04 Jan 2021 17:40:52 GMT

GET
H/1.1 200
OK 107610_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 7 KB
7 KB 24ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/107610_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1c3fe0df998b15cf7acc3a57567cc82f33ca5dc9f039c02ad814917d5485ca7c

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 19:46:46 GMT
Last-Modified: Wed, 05 Aug 2015 12:19:49 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1691324
ETag: "1b4f-51c8f6b42e340"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6991
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 10:21:21 GMT

GET
H/1.1 200
OK 345371_th.jpg
i.123g.us/c/ejan_orthodoxnew_year/th/ 4 KB
4 KB 27ms
24ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/345371_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 19201fcf6f6f62a8f4d9f6655b9e2354198fff6b821429aa636c7c87bf848691

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 09:14:03 GMT
Last-Modified: Thu, 31 Dec 2020 07:43:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1038087
ETag: "107d-5b7bdc77b45c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4221
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 10:23:50 GMT

GET
H/1.1 200
OK 127091_th.gif
i.123g.us/c/ejan_orthodoxnew_year/th/ 7 KB
7 KB 24ms
22ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/127091_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1fe66016ed957cc78385df19142ee6951c2ac94935d6817c19df08ebdef49562

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 11:19:27 GMT
Last-Modified: Mon, 28 Dec 2020 10:26:51 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1289763
ETag: "1c42-5b783b65250c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7234
jake_test: Test_Pass
Expires: Tue, 29 Dec 2020 07:12:51 GMT

GET
H/1.1 200
OK 332516_th.gif
i.123g.us/c/ejan_strawberryicecream/th/ 6 KB
7 KB 26ms
25ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_strawberryicecream/th/332516_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fb49ee0af8a625fea9b37dd4dfb67f15e4249fc9b09b7d8ad15f9709e01edea2

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 20:36:40 GMT
Last-Modified: Thu, 11 Jan 2018 12:55:42 GMT
Server: Apache/2.2.15 (CentOS)
Age: 997130
ETag: "19cf-5627faa5acf80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6607
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 05:34:47 GMT

GET
H/1.1 200
OK 337099_th.jpg
i.123g.us/c/ejan_indrepublicday/th/ 7 KB
8 KB 24ms
23ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_indrepublicday/th/337099_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3d8d3815663659caa50333cfcc6669a990968da43c94cf9fa40daa3b3b9941cb

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 14:35:15 GMT
Last-Modified: Thu, 17 Jan 2019 13:18:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1796415
ETag: "1cfc-57fa73a5d1cc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7420
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 11:40:02 GMT

GET
H/1.1 200
OK 320936_th.jpg
i.123g.us/c/ejan_daisyday/th/ 7 KB
7 KB 24ms
23ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_daisyday/th/320936_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 608a85065045a5e5edd7536c73feddba9e249b44d26f1642f6979337f990bd97

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 01:51:19 GMT
Last-Modified: Fri, 15 Jan 2016 12:56:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 114251
ETag: "1adc-5295eef5bf8c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6876
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 08:11:18 GMT

GET
H/1.1 200
OK 337178_th.jpg
i.123g.us/c/ejan_australiaday/th/ 6 KB
7 KB 26ms
26ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_australiaday/th/337178_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e13e82666765e22af19a953fcbeee4b328cbc481c606a08755a90b0d9ddf6ea1

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 05:54:06 GMT
Last-Modified: Wed, 23 Jan 2019 09:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 13284
ETag: "190e-5801ce51ee4c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6414
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 06:09:07 GMT

GET
H/1.1 200
OK 113000_th.gif
i.123g.us/c/ejan_chococakeday/th/ 7 KB
7 KB 29ms
25ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_chococakeday/th/113000_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 06a433408ea118ce748d8466bc535126595c9f7d5f3ebae497a9724f9aa06974

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:21:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1804429
ETag: "1b08-4f323cdbd9000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6920
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:19 GMT

OPTIONS
H/1.1 204
No Content ent14.ts
h.vdo.ai/videos/categories/ Frame 0
0 25ms
25ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:30 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content ent14.ts Show response
h.vdo.ai/videos/categories/ 268 KB
268 KB 38ms
37ms XHR
video/mp2t 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 63f0a3d6bc8ff453e953609111af71ff2112b2653fa993776c9cc23739341e56

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=1868156-2142259

Response headers

Date: Tue, 12 Jan 2021 09:35:30 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:38 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f96e496-4f95c4"
Content-Type: video/mp2t
Content-Range: bytes 1868156-2142259/5215684
Connection: keep-alive
Content-Length: 274104

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 585A 0
0 32ms
23ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.123greetings.com/send/view/12321520122813534416
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=e25450d0-f1de-4b25-9b78-23058ed2f5e4|1610444128
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=e25450d0-f1de-4b25-9b78-23058ed2f5e4|1610444128; Version=1; Expires=Wed, 12-Jan-2022 09:35:31 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1610444131|gekin0vNiygu; Version=1; Expires=Wed, 27-Jan-2021 09:35:31 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.200.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 12 Jan 2021 09:35:31 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 3BF0 0
0 88ms
37ms Document
text/html 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.123greetings.com/send/view/12321520122813534416
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=99847
Expires: Wed, 13 Jan 2021 13:19:38 GMT
Date: Tue, 12 Jan 2021 09:35:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame E2B1 0
0 67ms
21ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.123greetings.com/send/view/12321520122813534416
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIochrEAoYASABKAEw4Nr1_wU4AUABSAEQ4Nr1_wUYAA..; uuid2=1009303055320475396
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.123greetings.com/send/view/12321520122813534416

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 03 Dec 2020 21:09:36 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 12 Jan 2021 09:35:31 GMT
Age: 44675
X-Served-By: cache-lga21957-LGA, cache-fra19162-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 185125
X-Timer: S1610444132.667285,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 206
Partial Content ent14.ts Show response
h.vdo.ai/videos/categories/ 288 KB
288 KB 38ms
37ms XHR
video/mp2t 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 9730dd48e90b836b7e7d4cb931356f0dda2acf091ff6f72ab22c3301515d0a30

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=2142260-2436855

Response headers

Date: Tue, 12 Jan 2021 09:35:32 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:38 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f96e496-4f95c4"
Content-Type: video/mp2t
Content-Range: bytes 2142260-2436855/5215684
Connection: keep-alive
Content-Length: 294596

OPTIONS
H/1.1 204
No Content ent14.ts
h.vdo.ai/videos/categories/ Frame 0
0 25ms
25ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:32 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK 113000_th.gif
i.123g.us/c/ejan_chococakeday/th/ 7 KB
7 KB 37ms
36ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_chococakeday/th/113000_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 06a433408ea118ce748d8466bc535126595c9f7d5f3ebae497a9724f9aa06974

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:21:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1804432
ETag: "1b08-4f323cdbd9000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6920
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:19 GMT

GET
H/1.1 200
OK 125583_th.gif
i.123g.us/c/ejan_strawberryicecream/th/ 8 KB
8 KB 25ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_strawberryicecream/th/125583_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 02866c6f4a1bbaa4c3bcfc674c76c39b269808b49e7c8d5a8783c7720d6fb006

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 19:05:23 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:46 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1002610
ETag: "1f33-4f323d98acd80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7987
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 17:08:28 GMT

GET
H/1.1 200
OK 104134_th.gif
i.123g.us/c/ejan_chococakeday/th/ 7 KB
7 KB 25ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_chococakeday/th/104134_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb94186d8d47079927d0328e23541daac235008fd8559f75400944a140ec094b

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 17:49:51 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 56742
ETag: "1bb8-4f323cdbd9000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7096
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 18:04:52 GMT

GET
H/1.1 200
OK 113136_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 8 KB
8 KB 38ms
35ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/113136_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21c2ce0c98b0f7b6b90d4683b7858f8f40abf49411dd607e17215842b5b6c802

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 15:58:05 GMT
Last-Modified: Mon, 24 Feb 2014 08:21:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1791448
ETag: "1f88-4f322a9ad7f00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8072
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 14:06:28 GMT

GET
H/1.1 200
OK 103623_th.gif
i.123g.us/c/ejan_dreamstrueday/th/ 6 KB
6 KB 25ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_dreamstrueday/th/103623_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ba22d0b269314eb891998bf6db82b8dd17ad4ba11455987a4e011830f702581e

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 23:00:06 GMT
Last-Modified: Mon, 24 Feb 2014 08:22:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1593327
ETag: "16db-4f322aaedee40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5851
Expires: Fri, 25 Dec 2020 16:59:09 GMT

GET
H/1.1 200
OK 107616_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 8 KB
8 KB 28ms
26ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/107616_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fdf7422ceba3a07b4e4fe76275760f96d632968d7a43a1488f9064b14ae944f4

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 11:36:29 GMT
Last-Modified: Mon, 24 Feb 2014 08:21:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1720744
ETag: "1eae-4f322a9ad7f00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7854
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 11:51:29 GMT

GET
H/1.1 200
OK 116570_th.gif
i.123g.us/c/ejan_dreamstrueday/th/ 8 KB
8 KB 24ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_dreamstrueday/th/116570_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4e8c4ff774d831d08f3828db225cb03e2f3786a536a087ab867572b992af1379

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 21:43:54 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1425099
ETag: "1f3e-4f323cdccd240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7998
jake_test: Test_Pass
Expires: Mon, 04 Jan 2021 17:40:52 GMT

GET
H/1.1 200
OK 107610_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 7 KB
7 KB 24ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/107610_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1c3fe0df998b15cf7acc3a57567cc82f33ca5dc9f039c02ad814917d5485ca7c

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 19:46:46 GMT
Last-Modified: Wed, 05 Aug 2015 12:19:49 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1691327
ETag: "1b4f-51c8f6b42e340"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6991
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 10:21:21 GMT

GET
H/1.1 200
OK 345371_th.jpg
i.123g.us/c/ejan_orthodoxnew_year/th/ 4 KB
4 KB 24ms
24ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/345371_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 19201fcf6f6f62a8f4d9f6655b9e2354198fff6b821429aa636c7c87bf848691

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 09:14:03 GMT
Last-Modified: Thu, 31 Dec 2020 07:43:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1038090
ETag: "107d-5b7bdc77b45c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4221
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 10:23:50 GMT

GET
H/1.1 200
OK 127091_th.gif
i.123g.us/c/ejan_orthodoxnew_year/th/ 7 KB
7 KB 23ms
22ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/127091_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1fe66016ed957cc78385df19142ee6951c2ac94935d6817c19df08ebdef49562

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 11:19:27 GMT
Last-Modified: Mon, 28 Dec 2020 10:26:51 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1289766
ETag: "1c42-5b783b65250c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7234
jake_test: Test_Pass
Expires: Tue, 29 Dec 2020 07:12:51 GMT

GET
H/1.1 200
OK 332516_th.gif
i.123g.us/c/ejan_strawberryicecream/th/ 6 KB
7 KB 25ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_strawberryicecream/th/332516_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fb49ee0af8a625fea9b37dd4dfb67f15e4249fc9b09b7d8ad15f9709e01edea2

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 20:36:40 GMT
Last-Modified: Thu, 11 Jan 2018 12:55:42 GMT
Server: Apache/2.2.15 (CentOS)
Age: 997133
ETag: "19cf-5627faa5acf80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6607
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 05:34:47 GMT

GET
H/1.1 200
OK 337099_th.jpg
i.123g.us/c/ejan_indrepublicday/th/ 7 KB
8 KB 24ms
24ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_indrepublicday/th/337099_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3d8d3815663659caa50333cfcc6669a990968da43c94cf9fa40daa3b3b9941cb

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 14:35:15 GMT
Last-Modified: Thu, 17 Jan 2019 13:18:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1796418
ETag: "1cfc-57fa73a5d1cc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7420
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 11:40:02 GMT

GET
H/1.1 200
OK 320936_th.jpg
i.123g.us/c/ejan_daisyday/th/ 7 KB
7 KB 24ms
23ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_daisyday/th/320936_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 608a85065045a5e5edd7536c73feddba9e249b44d26f1642f6979337f990bd97

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 01:51:19 GMT
Last-Modified: Fri, 15 Jan 2016 12:56:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 114254
ETag: "1adc-5295eef5bf8c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6876
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 08:11:18 GMT

GET
H/1.1 200
OK 337178_th.jpg
i.123g.us/c/ejan_australiaday/th/ 6 KB
7 KB 26ms
25ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_australiaday/th/337178_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e13e82666765e22af19a953fcbeee4b328cbc481c606a08755a90b0d9ddf6ea1

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 05:54:06 GMT
Last-Modified: Wed, 23 Jan 2019 09:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 13287
ETag: "190e-5801ce51ee4c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6414
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 06:09:07 GMT

OPTIONS
H/1.1 204
No Content ent14.ts
h.vdo.ai/videos/categories/ Frame 0
0 26ms
25ms Other
text/plain 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Protocol: HTTP/1.1
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://www.123greetings.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.16.1
Date: Tue, 12 Jan 2021 09:35:35 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content ent14.ts Show response
h.vdo.ai/videos/categories/ 240 KB
241 KB 37ms
37ms XHR
video/mp2t 176.9.154.76
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://h.vdo.ai/videos/categories/ent14.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.154.76 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.76.154.9.176.clients.your-server.de
Software: nginx/1.16.1 /
Resource Hash: 6b4accb4d827bec9f1fb417767f143805e82eed752c39f42c45613be6c7e863e

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
vdoai: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=2436856-2682947

Response headers

Date: Tue, 12 Jan 2021 09:35:35 GMT
Last-Modified: Mon, 26 Oct 2020 15:00:38 GMT
Server: nginx/1.16.1
Access-Control-Allow-Origin: *
ETag: "5f96e496-4f95c4"
Content-Type: video/mp2t
Content-Range: bytes 2436856-2682947/5215684
Connection: keep-alive
Content-Length: 246092

GET
H/1.1 200
OK 337178_th.jpg
i.123g.us/c/ejan_australiaday/th/ 6 KB
7 KB 26ms
24ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_australiaday/th/337178_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e13e82666765e22af19a953fcbeee4b328cbc481c606a08755a90b0d9ddf6ea1

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 12 Jan 2021 05:54:06 GMT
Last-Modified: Wed, 23 Jan 2019 09:41:15 GMT
Server: Apache/2.2.15 (CentOS)
Age: 13290
ETag: "190e-5801ce51ee4c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6414
jake_test: Test_Pass
Expires: Tue, 12 Jan 2021 06:09:07 GMT

GET
H/1.1 200
OK 113000_th.gif
i.123g.us/c/ejan_chococakeday/th/ 7 KB
7 KB 24ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_chococakeday/th/113000_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 06a433408ea118ce748d8466bc535126595c9f7d5f3ebae497a9724f9aa06974

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 12:21:41 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1804435
ETag: "1b08-4f323cdbd9000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6920
jake_test: Test_Pass
Expires: Tue, 22 Dec 2020 12:37:19 GMT

GET
H/1.1 200
OK 125583_th.gif
i.123g.us/c/ejan_strawberryicecream/th/ 8 KB
8 KB 26ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_strawberryicecream/th/125583_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 02866c6f4a1bbaa4c3bcfc674c76c39b269808b49e7c8d5a8783c7720d6fb006

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 19:05:23 GMT
Last-Modified: Mon, 24 Feb 2014 09:46:46 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1002613
ETag: "1f33-4f323d98acd80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7987
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 17:08:28 GMT

GET
H/1.1 200
OK 104134_th.gif
i.123g.us/c/ejan_chococakeday/th/ 7 KB
7 KB 25ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_chococakeday/th/104134_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: eb94186d8d47079927d0328e23541daac235008fd8559f75400944a140ec094b

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 17:49:51 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:28 GMT
Server: Apache/2.2.15 (CentOS)
Age: 56745
ETag: "1bb8-4f323cdbd9000"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7096
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 18:04:52 GMT

GET
H/1.1 200
OK 113136_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 8 KB
8 KB 26ms
24ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/113136_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 21c2ce0c98b0f7b6b90d4683b7858f8f40abf49411dd607e17215842b5b6c802

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 15:58:05 GMT
Last-Modified: Mon, 24 Feb 2014 08:21:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1791451
ETag: "1f88-4f322a9ad7f00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8072
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 14:06:28 GMT

GET
H/1.1 200
OK 103623_th.gif
i.123g.us/c/ejan_dreamstrueday/th/ 6 KB
6 KB 25ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_dreamstrueday/th/103623_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ba22d0b269314eb891998bf6db82b8dd17ad4ba11455987a4e011830f702581e

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Dec 2020 23:00:06 GMT
Last-Modified: Mon, 24 Feb 2014 08:22:09 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1593330
ETag: "16db-4f322aaedee40"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5851
Expires: Fri, 25 Dec 2020 16:59:09 GMT

GET
H/1.1 200
OK 107616_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 8 KB
8 KB 30ms
26ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/107616_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fdf7422ceba3a07b4e4fe76275760f96d632968d7a43a1488f9064b14ae944f4

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 11:36:29 GMT
Last-Modified: Mon, 24 Feb 2014 08:21:48 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1720747
ETag: "1eae-4f322a9ad7f00"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7854
jake_test: Test_Pass
Expires: Wed, 23 Dec 2020 11:51:29 GMT

GET
H/1.1 200
OK 116570_th.gif
i.123g.us/c/ejan_dreamstrueday/th/ 8 KB
8 KB 25ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_dreamstrueday/th/116570_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4e8c4ff774d831d08f3828db225cb03e2f3786a536a087ab867572b992af1379

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Dec 2020 21:43:54 GMT
Last-Modified: Mon, 24 Feb 2014 09:43:29 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1425102
ETag: "1f3e-4f323cdccd240"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7998
jake_test: Test_Pass
Expires: Mon, 04 Jan 2021 17:40:52 GMT

GET
H/1.1 200
OK 107610_th.gif
i.123g.us/c/ejan_sendahugday_love/th/ 7 KB
7 KB 25ms
23ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_sendahugday_love/th/107610_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1c3fe0df998b15cf7acc3a57567cc82f33ca5dc9f039c02ad814917d5485ca7c

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 23 Dec 2020 19:46:46 GMT
Last-Modified: Wed, 05 Aug 2015 12:19:49 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1691330
ETag: "1b4f-51c8f6b42e340"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6991
jake_test: Test_Pass
Expires: Sat, 02 Jan 2021 10:21:21 GMT

GET
H/1.1 200
OK 345371_th.jpg
i.123g.us/c/ejan_orthodoxnew_year/th/ 4 KB
4 KB 26ms
24ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/345371_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 19201fcf6f6f62a8f4d9f6655b9e2354198fff6b821429aa636c7c87bf848691

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 09:14:03 GMT
Last-Modified: Thu, 31 Dec 2020 07:43:27 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1038093
ETag: "107d-5b7bdc77b45c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4221
jake_test: Test_Pass
Expires: Thu, 31 Dec 2020 10:23:50 GMT

GET
H/1.1 200
OK 127091_th.gif
i.123g.us/c/ejan_orthodoxnew_year/th/ 7 KB
7 KB 23ms
22ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_orthodoxnew_year/th/127091_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 1fe66016ed957cc78385df19142ee6951c2ac94935d6817c19df08ebdef49562

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 28 Dec 2020 11:19:27 GMT
Last-Modified: Mon, 28 Dec 2020 10:26:51 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1289769
ETag: "1c42-5b783b65250c0"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7234
jake_test: Test_Pass
Expires: Tue, 29 Dec 2020 07:12:51 GMT

GET
H/1.1 200
OK 332516_th.gif
i.123g.us/c/ejan_strawberryicecream/th/ 6 KB
7 KB 27ms
25ms Image
image/gif 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_strawberryicecream/th/332516_th.gif
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: fb49ee0af8a625fea9b37dd4dfb67f15e4249fc9b09b7d8ad15f9709e01edea2

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 31 Dec 2020 20:36:40 GMT
Last-Modified: Thu, 11 Jan 2018 12:55:42 GMT
Server: Apache/2.2.15 (CentOS)
Age: 997136
ETag: "19cf-5627faa5acf80"
Content-Type: image/gif
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6607
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 05:34:47 GMT

GET
H/1.1 200
OK 337099_th.jpg
i.123g.us/c/ejan_indrepublicday/th/ 7 KB
8 KB 22ms
22ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_indrepublicday/th/337099_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3d8d3815663659caa50333cfcc6669a990968da43c94cf9fa40daa3b3b9941cb

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Dec 2020 14:35:15 GMT
Last-Modified: Thu, 17 Jan 2019 13:18:19 GMT
Server: Apache/2.2.15 (CentOS)
Age: 1796421
ETag: "1cfc-57fa73a5d1cc0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7420
jake_test: Test_Pass
Expires: Mon, 28 Dec 2020 11:40:02 GMT

GET
H/1.1 200
OK 320936_th.jpg
i.123g.us/c/ejan_daisyday/th/ 7 KB
7 KB 24ms
23ms Image
image/jpeg 67.27.233.252
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.123g.us/c/ejan_daisyday/th/320936_th.jpg
Requested by: Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 608a85065045a5e5edd7536c73feddba9e249b44d26f1642f6979337f990bd97

Request headers

Referer: https://www.123greetings.com/send/view/12321520122813534416
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 11 Jan 2021 01:51:19 GMT
Last-Modified: Fri, 15 Jan 2016 12:56:43 GMT
Server: Apache/2.2.15 (CentOS)
Age: 114257
ETag: "1adc-5295eef5bf8c0"
Content-Type: image/jpeg
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6876
jake_test: Test_Pass
Expires: Mon, 11 Jan 2021 08:11:18 GMT

Verdicts & Comments Add Verdict or Comment

493 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.123greetings.com/	1970-01-19 15:20:44	Name: _gat_gtag_UA_3076315_1 Value: 1
.123greetings.com/	1970-01-19 15:22:10	Name: _gid Value: GA1.2.338316575.1610444121
.123greetings.com/	1970-01-20 08:51:56	Name: _ga Value: GA1.2.436450538.1610444121
www.123greetings.com/	1970-01-19 15:20:44	Name: config_data Value: CADB=1\|CLG=1\|CBR=1\|CUB=1\|CCC=1\|CFLC=1\|CPFR=1\|CBRR=1\|TCP=1\|TAP=1\|TCAP=1\|TRE=1\|QkDshLgd=0\|FBCon=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

53223087bf608c21906b300c0003dc44.safeframe.googlesyndication.com
a.vdo.ai
acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
analytics.vdo.ai
assets.pinterest.com
c.123g.us
connect.facebook.net
googleads.g.doubleclick.net
h.vdo.ai
hbopenbid.pubmatic.com
i.123g.us
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
targeting.vdo.ai
tpc.googlesyndication.com
track.vdo.ai
trkn.us
u.openx.net
v.123g.us
vdoai-d.openx.net
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.123g.us
104.108.144.214
144.217.66.206
151.101.13.108
172.217.16.130
176.9.154.76
184.72.245.68
185.33.221.11
185.64.189.112
216.58.212.130
2606:4700:3033::ac43:de92
2606:4700:3034::6812:2a06
2a00:1450:4001:800::2006
2a00:1450:4001:806::2008
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:816::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:81f::2001
2a00:1450:4001:820::2002
2a00:1450:4001:820::200a
2a00:1450:4001:825::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:9::84
34.98.64.218
51.77.119.11
54.147.95.22
67.27.233.252
67.27.235.124
8.253.204.116
8.253.204.117
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
02866c6f4a1bbaa4c3bcfc674c76c39b269808b49e7c8d5a8783c7720d6fb006
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06a433408ea118ce748d8466bc535126595c9f7d5f3ebae497a9724f9aa06974
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0d3d3d99ec2d1da823e792b3024b24ae723c89a29d46d9cffe4b1d4ba935c0da
123befcec3590e5fac545c132399414c8baffc3e28840d6df912070e2a0fdeff
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
19201fcf6f6f62a8f4d9f6655b9e2354198fff6b821429aa636c7c87bf848691
19a505556b18dc0a68bc83ce070ae655768c6b0730767291758decfef157d38d
1a8ecdd8744d5df927ec422d8be57813e23f786187338c9cde993b8f7bd1fead
1c3fe0df998b15cf7acc3a57567cc82f33ca5dc9f039c02ad814917d5485ca7c
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
1f10b2f6d3b206ea76209e1742bb3200fa8990962a19b6146785fad8f89ae3c4
1fe66016ed957cc78385df19142ee6951c2ac94935d6817c19df08ebdef49562
21c2ce0c98b0f7b6b90d4683b7858f8f40abf49411dd607e17215842b5b6c802
22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063
225dbae1a24b5250587d1e6a4783879ee9dcc3b4c8b1d1e47c5859fcba08366b
22ddded712180f3543f924ff31561295422cb23561271062a46faf296301a590
2421b07f1d9158cfca00c3971d71522e5b5700ca481d043f712e07f79f85a40b
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693
273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07
27b6996a0f7ea420886fcb7b079d023a65391f41b283c92c38b60e8a157d6559
296c6bd6917f2f53b667c1585ead7a7ce58d5355de269e442bf32fc2c96326ca
2ac98091f04d8e654cfa6e1bae62ef59a9de93168f8d0e0b266ef6a9e79e10a4
30356f4ee7951ecbcb3b3581c7382375d9a6b3f7758387b159161f314b0dcf89
3305f0bca70368ce830fbe3f9ef105509c80431c9abaeb48556fd3042084dce3
37ac401dccb1c0426fb6cef5f7cac07a9678a4f3798ff92844b4b3ea7d6568bd
399b650614578811a506fe1ae3d218f45c93acd33d843a7deeb7c194f3bee08e
3ccae6d285052853581a41f66e4a7d28b48b046afb29a0fca28585337014b3d2
3d89a614e45ac1789e4baa21c9be47681071690c3f1ed7eb79c22b02fdeca1c9
3d8d3815663659caa50333cfcc6669a990968da43c94cf9fa40daa3b3b9941cb
3f76f4e6c6ab00c6e9e931a9103c3b2bc477333718a6a0dd58859ddc4d79dd78
44467b3f0cd7bac700218f406686b931b13783dc8d8a6f8afee8178c8c47cb36
4a357b7145cf9cb6702a0045e07c898860e18baa0989ca9c5f7460733fe1b1b2
4c9729ebe16d0cbf2b478083a7af9e1f64a50867048d6d2f133e52cba9668f4d
4e8c4ff774d831d08f3828db225cb03e2f3786a536a087ab867572b992af1379
4f15f5d864898fa006b384296dbf6c6e468cc320199342ee02a771c856f2d00c
53b0d56fa2034dd1d4028c687c232b225211e2d21b3b3db89af10b21c7d2f61a
57f1ef48c4b5aa6997223218b3d20b7f363c6c6d940c4f54ee27d62853baba33
58a5dd120b43d76f8228f68b5fa75c7c541bc6f2ee01e0704973c197445acd4f
5f7292e4db376e9d8e554cdb43bb190429fa2ad87ef83977b2893bf471a342b2
608a85065045a5e5edd7536c73feddba9e249b44d26f1642f6979337f990bd97
62883b465b44e0da54cc6478a27a292281e62fed7cf4e97e336a42a777c6fcbb
62920b1fb80cd4c66afd8dc2c721f4f8aa3432ba23018bae94bd7a35835bf680
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
63f0a3d6bc8ff453e953609111af71ff2112b2653fa993776c9cc23739341e56
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b
6b4accb4d827bec9f1fb417767f143805e82eed752c39f42c45613be6c7e863e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70df1af2ea8c461a60d4e572290c9841b7bdb98d9fd94df0575fef50b4258f9a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
761f119d19b90554771ffb0b12b88bf7990045a04a70bab1988a7e7c4e76034a
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
7b1d36d82b8b0659c405546310b9711e4d41c8c34801a4dfdc98541614f5f47d
830e604430aa3a6e4debf869fcd928331edace9ae740090b08f986f0c6ba70d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb
87f116b1dfa880b849490966cdfe4716bf9c2b7a04f5b7671fa9840f736bc370
880da0603e57ef6499eeadf35cf86da0962f96ec4cefbb16d73af0b4ac9f1c23
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4
8bb3054223ad3bd06339f0c8566d105c7cc08c0e6b0c91634608b252085c0340
8df1566b28a47f798757e83b74ff9980991caa6ae711d27824584e2b5e18d42c
90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905
919965f8d772efaeb7a4bc7a248742ac0f853bada0d9a6f4dfa47f6da1aca95a
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944
9730dd48e90b836b7e7d4cb931356f0dda2acf091ff6f72ab22c3301515d0a30
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9daba360fcb1a652044af1056d44769ef7e71b010f2492989bfd583158be0ea0
9db70773a7cf20af3943b3ccf31c49abec5b8c3da7f32e7d11d308280f005c7f
9f30bde4adc2607a9863e5c1e165009cd0b195574a89779596c438fd3b9928b7
a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb
a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969
a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b18c2e9e67822c4f744774f05bafa44befd9f6e193534b5e2c77c8cae1dc7fc7
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b53874269b22ed216a5a866c4a78108bd8ec4325bdf8a4c303dfd0d1bc801beb
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01
b9a6f3d078c1287730cbad75c1729cdb086c9c597e4592b8c1de71944e144fe5
b9cdc6393e9b4c9a23e7d7c94ae3b58562509dda50b4345793ad7c7e7aaa9212
b9fe9d301c5f7f881a54ec269d5824eb2504bd2b634e2e5d38033c5f0b23fdec
ba22d0b269314eb891998bf6db82b8dd17ad4ba11455987a4e011830f702581e
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
c0d2bb46c68e084f258f3728375c0351cb47075647142ba7df6f0059ae0b2581
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c55f085dd30b7f07b3b0d2d40bf36e6f226750d16cbb7ed75d0e29dc84f93c8c
c6166224a37f650296f814046233d81c5495070ff82ef2a863736b2664aa6758
c74058ada3541c6e2a56a59e44a729b9c3974469d7387b43481fc53a7805cb95
c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb
c908a287be5297337a4516cf899eca2023de83254ae4edbbcbc5a0fec68e4cfe
ca31008a6dcd862e37f8c557d1f16c26240271de059117be070f01516f355837
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d019650ae7d108f0c5861e2d00109c50183aea23ddfac3f3a7d295326a80c998
d2a289a09c95244a95bccd16f34058a3014f3d552170150a9dda72ecfdc64bb4
d371c52a9637449eabc1b2d89717f4ec1ca412f10fdb978c2c221f2b4d76e4c7
d3883f68873f90990477e30fd92c238a8427dd44d552b024db13b715dde6a7ba
d550635fbe7d4ff85bed4c57c3cda2a33cdcaabd0b3a637f1c6304763c85c44e
d574eebf7245803b6945ae767932141b12ef893a5643bc19b7000e2d47e00a63
d8d4458571ef55c4bcbf1283c2c471b28e467c5094c02e14d39fe52542baf9bd
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de1ffb7c8aa09cb7058d4f9e6cbfc697751ab3cdf479f290342d7897f7f8d360
e134f205cd943be2167961083b6020e2580e8ca182b5b588d1a6f3ed04cd699c
e13e82666765e22af19a953fcbeee4b328cbc481c606a08755a90b0d9ddf6ea1
e2d546e626c21759ac1c8fe6b39532f823ee49d7b7e15a116a14bca106e4b718
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42ded22e1888b43db2267140c74bc8490431dc6e3422ab9a4897d67066f6e30
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eb94186d8d47079927d0328e23541daac235008fd8559f75400944a140ec094b
eda11c9193950556c5c996d33524cd9d9dc08f742d43460efe2193083b93f0c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05bfceea8e883978a23fd1ff3cbb2268be676c3c4b22a8eaf0d715a62cd408a
f15e01342d6b0f44b84f4886a6c363241b298e85fb7b3c6323bd183cc40511ce
f26b550759adb51d7ae8c527b468b5e7130962d81c86fd5a0a7bd15f4627cf49
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f9f7483aff1732eb491adac168a193b9202139eb5b9c3ab2799ffdfcc4ec4d86
fb49ee0af8a625fea9b37dd4dfb67f15e4249fc9b09b7d8ad15f9709e01edea2
fdf7422ceba3a07b4e4fe76275760f96d632968d7a43a1488f9064b14ae944f4
fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
fedb307abb8149c457e5f1df0e2ae11452c2179f57d56a30c5558e0e98fb2d40

www.123greetings.com Open in urlscan Pro 184.72.245.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

311 Requests

99 %HTTPS

52 %IPv6

20 Domains

33 Subdomains

34 IPs

7 Countries

6756 kBTransfer

13292 kBSize

4 Cookies

11 Outgoing links

Redirected requests

311 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.123greetings.com Open in urlscan Pro
184.72.245.68 Public Scan

Screenshot
Live screenshot

Full Image

311
Requests

99 %
HTTPS

52 %
IPv6

20
Domains

33
Subdomains

34
IPs

7
Countries

6756 kB
Transfer

13292 kB
Size

4
Cookies

311 HTTP transactions
8 data transactions