URL: https://www.123greetings.com/send/view/08121021606904939246
Submission: On August 23 via manual from US

Summary

This website contacted 51 IPs in 5 countries across 33 domains to perform 436 HTTP transactions. The main IP is 184.72.244.154, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.123greetings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 29th 2020. Valid for: 2 years.
This is the only time www.123greetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 184.72.244.154 14618 (AMAZON-AES)
49 67.27.233.252 3356 (LEVEL3)
44 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 52.70.122.68 14618 (AMAZON-AES)
23 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
38 142.250.186.66 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 8.253.95.245 3356 (LEVEL3)
76 8.248.139.252 3356 (LEVEL3)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2a04:4e42:1f::84 54113 (FASTLY)
4 67.27.157.124 3356 (LEVEL3)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:215... 16509 (AMAZON-02)
2 2600:9000:219... 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:219... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
39 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 10 2a00:1450:400... 15169 (GOOGLE)
4 52.34.57.2 16509 (AMAZON-02)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
6 184.73.215.136 14618 (AMAZON-AES)
1 52.1.46.74 14618 (AMAZON-AES)
2 2 37.252.172.37 29990 (ASN-APPNEX)
1 44.194.158.136 14618 (AMAZON-AES)
2 185.33.220.241 29990 (ASN-APPNEX)
2 2.17.5.147 16625 (AKAMAI-AS)
2 3.120.211.246 16509 (AMAZON-02)
2 185.94.180.124 35220 (SPOTX-AMS)
2 35.156.230.193 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 142.250.181.226 15169 (GOOGLE)
1 104.17.119.107 13335 (CLOUDFLAR...)
2 9 2.18.69.96 16625 (AKAMAI-AS)
2 3 13.248.242.197 16509 (AMAZON-02)
3 7 3.126.56.137 16509 (AMAZON-02)
2 2 151.101.14.49 54113 (FASTLY)
4 4 18.197.99.6 16509 (AMAZON-02)
3 3 142.250.184.194 15169 (GOOGLE)
1 2 209.54.177.54 16509 (AMAZON-02)
2 3 92.123.21.100 16625 (AKAMAI-AS)
2 2 3.123.143.157 16509 (AMAZON-02)
1 1 66.155.71.149 13768 (COGECO-PEER1)
436 51
Apex Domain
Subdomains
Transfer
137 123g.us
c.123g.us
x.123g.us
i.123g.us
v.123g.us
2 MB
95 googlesyndication.com
pagead2.googlesyndication.com
59e2045d79da705643c99e35fc7da487.safeframe.googlesyndication.com
tpc.googlesyndication.com
2 MB
46 doubleclick.net
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
cm.g.doubleclick.net
259 KB
27 google.com
adservice.google.com
www.google.com
7 KB
22 googletagservices.com
www.googletagservices.com
727 KB
19 avantisvideo.com
cdn.avantisvideo.com
static.avantisvideo.com
cdn1.avantisvideo.com
avm.avantisvideo.com
events1.avantisvideo.com
287 KB
13 aniview.com
play.aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
233 KB
11 googleapis.com
fonts.googleapis.com
imasdk.googleapis.com
1 MB
9 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
9 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
147 KB
9 google.de
adservice.google.de
1 KB
8 googleadservices.com
partner.googleadservices.com
2 KB
7 yahoo.com
ups.analytics.yahoo.com
5 KB
6 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
2 KB
4 2mdn.net
s0.2mdn.net
66 KB
4 adnxs.com
secure.adnxs.com
ib.adnxs.com
3 KB
3 owneriq.net
px.owneriq.net
1 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 trkn.us
trkn.us
2 KB
3 123greetings.com
www.123greetings.com
36 KB
2 w55c.net
pm.w55c.net
2 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
596 B
2 indexww.com
js-sec.indexww.com
2 KB
2 emxdgt.com
hb.emxdgt.com
323 B
2 spotxchange.com
search.spotxchange.com
2 KB
2 facebook.com
www.facebook.com
500 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 facebook.net
connect.facebook.net
69 KB
1 sitescout.com
pixel-sync.sitescout.com
299 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 pinterest.com
assets.pinterest.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
40 KB
436 33
Domain Requested by
76 i.123g.us www.123greetings.com
c.123g.us
55 pagead2.googlesyndication.com www.123greetings.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
srcdoc
49 c.123g.us www.123greetings.com
c.123g.us
39 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
22 www.googletagservices.com pagead2.googlesyndication.com
c.123g.us
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
19 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.123greetings.com
14 www.google.com 4 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
13 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
9 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
8 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
8 x.123g.us c.123g.us
8 partner.googleadservices.com pagead2.googlesyndication.com
7 ups.analytics.yahoo.com 3 redirects ssum-sec.casalemedia.com
6 track1.aniview.com player.aniview.com
6 fonts.gstatic.com fonts.googleapis.com
6 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
5 cdn.avantisvideo.com securepubads.g.doubleclick.net
cdn.avantisvideo.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 pixel.advertising.com 4 redirects
4 pubads.g.doubleclick.net imasdk.googleapis.com
4 s0.2mdn.net imasdk.googleapis.com
4 player.aniview.com cdn.avantisvideo.com
player.aniview.com
4 events1.avantisvideo.com cdn.avantisvideo.com
4 v.123g.us www.123greetings.com
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 cm.g.doubleclick.net 3 redirects
3 match.adsrvr.org 2 redirects ssum-sec.casalemedia.com
3 www.gstatic.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 trkn.us 1 redirects www.123greetings.com
3 www.123greetings.com c.123g.us
2 pm.w55c.net 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 sync-tm.everesttech.net 2 redirects
2 js-sec.indexww.com player.aniview.com
ssum-sec.casalemedia.com
2 hb.emxdgt.com player.aniview.com
2 search.spotxchange.com player.aniview.com
2 ads.adaptv.advertising.com player.aniview.com
2 htlb.casalemedia.com player.aniview.com
2 ib.adnxs.com player.aniview.com
2 secure.adnxs.com 2 redirects
2 cdn1.avantisvideo.com cdn.avantisvideo.com
2 static.avantisvideo.com cdn.avantisvideo.com
2 www.facebook.com connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net www.123greetings.com
connect.facebook.net
1 pixel-sync.sitescout.com 1 redirects
1 biddr.brealtime.com player.aniview.com
1 sync.aniview.com player.aniview.com
1 go1.aniview.com player.aniview.com
1 play.aniview.com cdn.avantisvideo.com
1 59e2045d79da705643c99e35fc7da487.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 assets.pinterest.com www.123greetings.com
1 www.googletagmanager.com www.123greetings.com
436 56
Subject Issuer Validity Valid
*.123greetings.com
Go Daddy Secure Certificate Authority - G2
2020-04-29 -
2022-04-29
2 years crt.sh
*.123g.us
Go Daddy Secure Certificate Authority - G2
2021-08-11 -
2022-09-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
trkn.us
Go Daddy Secure Certificate Authority - G2
2021-01-19 -
2022-02-20
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.google.de
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.google.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-27 -
2022-08-05
a year crt.sh
*.avantisvideo.com
Amazon
2020-12-24 -
2022-01-22
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-07-26 -
2021-10-18
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
www.google.com
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-02-23 -
2022-02-27
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-05-24 -
2021-11-17
6 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018
2021-03-10 -
2022-03-29
a year crt.sh
*.emxdgt.com
Amazon
2021-07-02 -
2022-07-31
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2021-07-26 -
2021-10-18
3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2
2020-01-22 -
2022-03-22
2 years crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2021-08-17 -
2022-02-09
6 months crt.sh
s.amazon-adsystem.com
Amazon
2021-07-14 -
2022-06-27
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018
2021-01-29 -
2022-02-02
a year crt.sh

This page contains 65 frames:

Primary Page: https://www.123greetings.com/send/view/08121021606904939246
Frame ID: D31B97AF97B461C5E32751179D4D7944
Requests: 191 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html
Frame ID: 59985F62197CD141720B1E196C38B007
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1629724130&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724129867&bpp=7&bdt=788&idt=124&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5126043630996&frm=20&pv=2&ga_vid=1800966580.1629724130&ga_sid=1629724130&ga_hid=490822073&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062181%2C31062297&oid=3&pvsid=1708076251351380&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=159
Frame ID: 532669F47C4149FAC773474236D92B38
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e4411c781d338%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ffc24357e102a5c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fbirthday%2Fhappy_birthday%2Fbirthday144.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Frame ID: 2675E2D897365C98AD88508956DE4A25
Requests: 1 HTTP requests in this frame

Frame: https://www.123greetings.com/send/fcp_track/2d2b4e686c276a6c646e5f23636f64545668617d6c7a5269623b0f0003/08121021606904939246/summary
Frame ID: AC68E254629B43EABE6C0894398DCFBA
Requests: 6 HTTP requests in this frame

Frame: https://59e2045d79da705643c99e35fc7da487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A7FCA714A4200160992C1A75B7FE67F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu91TbOm9AASinhs724SB9d6NHG8-Guy_BTjajfVT3ysO1o2q5NpHkIeZiT9nva7GKeyKxyi8Bz6dA8j42HTxCX3_0GL8JHJf74UHteH-KiMlIgF8KC7ttuNjxwv4DLs79ceKGG5HV_vYNIiN-4VMLJ3HhJhnDMyp5EG2lWbgnqRdhBRUKsBz0JPXq-REJ2SBxvDIDIifNzNnpxkKaGwKDKcGFo8QftShTRooqI8ghEkAWQDyBQQ3tzhGISlFaeRTmZVczDwAqxL9bX99IF77YICfnAhU615W5OSgsQTNOeEQoGil_2LRWumWBG-9AQ7-f7kMPKc2unZA1V6mNdRQ&sai=AMfl-YT-QVw11f36HQc9Ts4xx9_-CfTazB_KWkix0hMUJqdWAKiaE618ZAmbUH-x1mTl8tSQCQil1erHZdms9e7Cp4H8gJNWuVuIC3o7WFXulP8qGkNlesE9P97ttrApn4M&sig=Cg0ArKJSzPbw-UxQ8sH7EAE&urlfix=1&adurl=
Frame ID: 5AAFEC40FFA18D32389F3BD1805BDC2E
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm8WTwAbppTv7fKZjoT1sIFfq5DWYZLaVOPTUfZNKNUIHyPrbJEMX36HT3Ss6cVLSjPSHGMg6qxu4v0HBYImgJbUz70Aqp7CCHGP6wHV5KTWseVOIsIhG7L-gXJUEa57F4jaYnlkHC6diHGWtrhLnnMhV185xF0zCpVnb-0wYaOddQDYUg2rh2JpHdAlVEqE5ajrH0MyfQgGsDP8olKmx-zGWFVz1bo1VnxuwE_n5wk_8UifDdwmgHC0QtoZAGr77KiqmfDquDqd3SmnAw5_STAie5ozUPIzY_DHZ9_0MNdTd41XYI3a9RLMuMUoYlns8xH9edR2G8RMGC2ZKaPy4&sai=AMfl-YQopr6z24bwcm_-Y7Ef78XjVPfhqg_BcB-aVdDk60rukjbXSZ2xpomreBULj0WF9XpLY8XnQevsYZR8yKFCSd76unOHblTnGWek2LUIZ-qLMRnrQEGG-TxKbI8_Lv0&sig=Cg0ArKJSzIu8LxnoDxiGEAE&urlfix=1&adurl=
Frame ID: 811B28BD0DA541EC6D8C5BA35416A363
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3hYrDvjG38st5bjxCZBSRw32JIdFhZHmH540h-T6A1jYJzegNPK1BC_ua8MnzJL_m4CryB6k4YR8KUucyklrHKpJy1ziGjE2fciCmUarcYYi_yYrEkuV-PhzcIM5iGRUk0tyv_Xn5S04J7ifBvvX-J6xI9oz13BhLCWvTnzCPyWOXBZWw2TQx5Y_AHhF5lfHwpgX6VCzj_JJFdSRZ5o57PEwIW5AKyUAXr8v9mrILK5a7WxCNEe-L-NZaXu8UAD5EEwjNVqk0EA9PnFkHHI_X2xLR3k1Pl5sW5sv_jo6YvKg9lZkmWidE8I2msbvBwoAaag_bjZVC8KaYsb1Em2mMkZ8&sai=AMfl-YRJbHZnPSYAyf7bLeDZdSsdZHS5keyaTee8h2RKJEKzHUFbaZ8DP3ojVECcTmBRL7zQkYp9z3s2fODyNCvhqg8O6cS_L9ifS3ZkDAF_5vP8PKoEQD44yDMnUw_8Xac&sig=Cg0ArKJSzLyEYbJSnnrbEAE&urlfix=1&adurl=
Frame ID: BB98AC2B557405FCE8BD02706ECFF355
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxZzyTv0UqSi775h8yZTgqHGcJnr4XV8BieEewspex_LQ1YopMTdTbN-71p82m6BvAPo3PKFNc2Cx6kUgis1f4lb87nzf8wa5TWqwyjFYojdF7zMQnh8mVDMkMKF7rsSIJ21UBjmTt_kWgJl6eN6XOnmUDPpSxp2kVFRq00qJe6ETvi03xMU1lwNpf_D8Br916QEWKjs2EybBM5lDLYAzpLrzd03rdzGjsVrB-1JxA4X56zHDDzojQoH4TFfjezc0StAZSQYNeBljH29a0P6uHRlenokhCzck2RycEFVRy1uja7lpzjald2-MQVr4L-JCdz-UVBqsNmyvjXmM7oLvSoNc45Q&sai=AMfl-YS8kd_R0Hz4WaCt6Cplf8b1p8rJctMP7YMZnJB34dgyExR4qHvHl7dAHY3ijMxNoCZczZOHfzeHQCuihwnTUJLOMKg-RnoA9safqCdBuTMKzCNMpH2SbGRAmUXOs-A&sig=Cg0ArKJSzG2Azgl4iAfQEAE&urlfix=1&adurl=
Frame ID: 8DC7CA34C3F9B762CA6BAF0BF72E32F9
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJsCCwlZKnBbnLY0Qm6wxXaFAZfqXuM3ExyGqv7JygS3oeGuwlRaIdGNRk_tfxi0mC67qpJ9OwhjO7E6xxRoBqLwWouktr3q-QmgBkh10DYkLqtP71CiMPNnz28TBwWlB87dtBadGvwwF_Lc-lqybNKDyPQ_bNdf5IEekXwVRFyYisO4aA8ewzVKlvx-QTVwhkW6dKUpDDRoULYNRrzOUa7JQEbXg23qxL7covrJlpR8Xw33vcDhryz3sjDgTjugKFMwkuWx7tERGlWsN_iHSL93OXjeOTiPs9NtOhE2YCDva9amM1UUF48V09bDZI9EQHP28HRd2vuPC-4IsA2PEhqkEZqsxh&sai=AMfl-YSV_VOKAWRXDupiT8g2rotZO3f2D8AyCTK8IIMS4bMloQLhhLQ7cDMEa3fl-8el__X6TuNRpOPtlFVstTqGFTVtpLH2PPQ6Ac_G5-cX66H1kvmpALxtfQ-2FB9yJ-o&sig=Cg0ArKJSzGMaBFO7uA8GEAE&urlfix=1&adurl=
Frame ID: 9AF43C48AAE99225AE4CB2ED083FE772
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-tYAj8XBMiV10brvixi-jiGP-9pdgxKZN-mG4YOzWl4Peh_iLTCWRDX5TyRlJkLqi0nGgWjChby3s1t002j2fvkswuvY7rKOhoAVMzd_4aNiMGgOU3wTHb9uhfRMYKWWV6jdDJBrchT13B-Q4XMl1vasJUdIPI4_at3HPA_CNNV3UA3l5hnZpu00fr8QhoEzSw9-9vri-vZS0GpTgR4muGj8sG3uRZV4s5t_8oHhZQuS5Hpjdy4V7BO2l-_QSURdWaTouvxeuYfLyOnL_nU4VaQMN9satURCfJ5Czeba1m8C7rm0vvSS9PwQcdvFKcrOmY-EL69d7f2CkWT1-qDqT0Gx9KBhc&sai=AMfl-YRUQdS6JfQEmCC37b2MibJCoHpQVJ3U0NzSxzBZOt9FsrriTtFm7CcZCYr3qr0jXcax-zVjTQyssPsUvZRexzJW4WrQxSEIeGAV2tH9F-A1vEcr6qIYvdDV-ve54bw&sig=Cg0ArKJSzP21qHKjjPoeEAE&urlfix=1&adurl=
Frame ID: 1E963EA1D4B8D6D5EDA746C93554FC32
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5Sb3kWhgn91vNV7-whNeO7dbozr7UuR-kRtUbU75YHQ7AuMjgmh1hO55GQkjZgfmcEy2jKJbIUAgRxkGwLD7UQBZtrLkg3DwvsHLjp6SCmDw-HqOaQRSBsmo5WwLAkBrcrLgVC9bO7Kj1SrKq0EiZ4_InjCwq1zfLCE-on3Q57jKqbsEAaIDhtupelDsZet2SN64loZUo5v7oJNVT2OuQeQTea9O1qQqN77HcnqIGYDakaxSfdUXI2Irk8PmrluP8FGharb8OLGBG9MuwGObs6UMHIkgECm1MDXYHg3ncGlSJOu0bvvO0Td8u_Fz-FCUvX1wVvVdmdR7GmAIhVc53YSKJlG-A&sai=AMfl-YTMMf5pbEPpKOd2EmWYvQ-vBtrdtFRbtMfFNJT0Lqaa1OO0bntLnyz5ZhSn-JJokmFoyK3aDvwyoDlyWscuskJz7nHhr69Jm0WgtKeY1MiPkQSd0epymyzptZNAnms&sig=Cg0ArKJSzLO9krm-raFAEAE&urlfix=1&adurl=
Frame ID: C2EC62A7EC9A75E709C663E55AF9B0A8
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjaWU4ea8vtNpl7Q_HZ5eNHAmLHtfj5hFNBgQyJP3enrA82RyCBtBS0e74a3X9j1uHD57-35FjBAfIJQC5E7E-fkuvJM_8TQvUXHFBCKG0MRWB88sJLpPzYBht4XgLguHjfYtsUPhhFogjz1tI8GVTT42jniWtTKdOvLLcGI0EjSqDlziwoLP4kmxBIdh8RsGvNGlJkelb-mSVWQhz33KhBkIw2fhZ1kwGjP4AX6ZhVrhe0VsAud4tD1Eby7OrtQhN7fyiBQgNkWwEnv0LlT9qdTX10wTMDAAB8ZaBpvLYAj3WRr1aGXb9SCeQB_ZCo5z0gRvwx6Qil2TPtgrlMfyHv4A&sai=AMfl-YQ4oznWI_EM5l0ja1CctDP1e1CvIiNxggMxHdnRysgN_cub-yeBcvU6QQDSqoNPCCeHDCLcaXn44_AnTCV-d6-nibSEAAI66sPWRFrnDjoZz1zookb9NyhdNdOkVH8&sig=Cg0ArKJSzKF6-IZFCt5EEAE&urlfix=1&adurl=
Frame ID: 06AEDAE35046706B97A614578E130119
Requests: 9 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: C80F37190BC4DC2936C80367E196188E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Frame ID: 1C54282CEFB9828065FDF9ECECE5ECFE
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031645&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133642&bpp=14&bdt=268&idt=707&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1745303836.1629724134&ga_sid=1629724134&ga_hid=755091976&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2376&biw=1600&bih=1200&isw=728&ish=90&ifk=2942259872&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=3837651663359202&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.urh3vb4x92ab&btvi=1&fsb=1&dtd=786
Frame ID: 7BE79FB7CBDCB83E142E37097BEBF029
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031635&pi=t.ma~as.Google_LB_15938Z&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133661&bpp=9&bdt=301&idt=780&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1402238879.1629724135&ga_sid=1629724135&ga_hid=135690652&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3113313346&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31060033%2C31062297&oid=3&pvsid=2401984689895636&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.39l46mhtyghf&fsb=1&dtd=855
Frame ID: 8882FD9555C9E53E789E667A09CFE95D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Frame ID: 778192682BC0A8995CF9C466B590CC2C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Frame ID: 1D51F15235B839E6F7A313DC2B86AD05
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Frame ID: F515113A69260C78E10D2D1CB7A6B8D5
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Frame ID: 8977E7E53299B9CDDB6967F522F991F4
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A462F81A43B178D38D1DA24BA8CE681E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C749238A644737867DC874FCDD3E26E8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 265A17D967722ECAD10B2B4794FDA81C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3F53D4742BACAF0217259848563D0949
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B33C62A8B6006A118898E931F506D43C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8598EEEB86A0131E61B2880F9394641
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4DF1B24807B9F2D7C8D1B3F21138205E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: 9FE72A84B2A108B6515E2BFA1A27BE54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B9EBFA512046E9D331CF3F989C11396D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: 360C47E326BA7338D8EA46F3087EBD21
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: 2E3FD974E2A4B9065BC03F234A44B368
Requests: 1 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: DAB558C9468777707C82825CA8327DCF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 024E908C3F81999396DEE1F37A6DD646
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9307E51CBB6C16895F4B356F692B85B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: BD55532D1F4CA360FB38049E6CD45414
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A8F8200F82E67F3EA5FED6241BC34243
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 442BCB5866A2D171B366C7D79C7D26F1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Frame ID: 7B7A1563FAAC1E69DD6D57E088EAE610
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4DB22A09740DD90D3B1259CDE3847F6A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F9219B04B46A88BB649D0B9FEA719CC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: B2C031CA4CBC4390AD8ECF85954DF19F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B14C0735480F24159D077D503A17681
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2A42B9DAFE90DB9191FF4FC926060F8A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 010DEE29202FC98516F44B6AC2A7D64E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1CD1F36D52AE09A70953D4110A813F80
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A64CF797140D808B15302F8B59B6D7F9
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Frame ID: 78DBDFAC421DE31AFCF11CCE383B320F
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1629724138334-936833643492-008467-010-002859&biddername=55&key=1327427752180661207
Frame ID: 79F961C34E741D114CF05414B0624A32
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 279733E898CF3BFE02B69652795ACE39
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 682F9E9A592A6F38E69D2C7E1E9064CC
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Frame ID: 6C02FB4DF1F05D43632CF7A9A078FAC5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Frame ID: 73D89E427B0C070F2D01100AE6E6502C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 706ED66CAB2EACB7F93DB00CA231FADA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FA29040249EE424B835D6C7550A69BF1
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 168C4C2010CDCD80B91E191E57ACC2E3
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E3165DA51FB1DEFF0EB97CFD80CDCDE8
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F386F2B62F799D9F70F8C7C337B223C8
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 08A54BE5A4BA54B2443A90955FD28EEF
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 42328413EE74C3F16BEFABA5E2F1DF46
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Frame ID: 1F250F2B6F17F85F24D972302B6B2210
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Frame ID: C53F1EFE03EAB455FF7F2BBFCA52B601
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 864461FA53B89A127CD4643BB19BEFBF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A0F7E4A44CB42E1DBC36FC93BCF11C34
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

A Greeting card for Mr Rife from scooter and Bethie

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /swfobject.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

436
Requests

99 %
HTTPS

48 %
IPv6

33
Domains

56
Subdomains

51
IPs

5
Countries

6484 kB
Transfer

16357 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=9380133098.494936&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&dvis=visible HTTP 302
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=9380133098.494936&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&dvis=visible&ip=84.17.55.83&cuidchk=1
Request Chain 235
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 246
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 259
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 272
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 310
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1629724138334-936833643492-008467-010-002859%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1629724138334-936833643492-008467-010-002859%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1629724138334-936833643492-008467-010-002859&biddername=55&key=1327427752180661207
Request Chain 334
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=62a79986-262b-4b5a-98f2-39ba10f13577&_origin=1&gdpr=1&gdpr_consent=
Request Chain 335
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YSOd6wADzb-FcAAC HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YSOd6wADzb-FcAAC&_origin=0&gdpr=0&gdpr_consent=&_test=YSOd6wADzb-FcAAC HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YSOd6wADzb-FcAAC&_origin=0&gdpr=0&gdpr_consent=&_test=YSOd6wADzb-FcAAC&apid=UP47a0c148-0413-11ec-9961-06778dd1898e HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YSOd6wADzb-FcAAC&_origin=0&gdpr=0&gdpr_consent=&_test=YSOd6wADzb-FcAAC&apid=UP47a0c148-0413-11ec-9961-06778dd1898e&verify=true
Request Chain 336
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP47a0c148-0413-11ec-9961-06778dd1898e HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP47a0c148-0413-11ec-9961-06778dd1898e&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA0N2EwYzE0OC0wNDEzLTExZWMtOTk2MS0wNjc3OGRkMTg5OGU%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDKWYkyj-8jrjyrmDwkcPX8&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDKWYkyj-8jrjyrmDwkcPX8&google_cver=1&apid=UP47a0c148-0413-11ec-9961-06778dd1898e
Request Chain 351
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 359
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSOd6z2SCHvT3qRlWCFVzQAABJYAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSOd6z2SCHvT3qRlWCFVzQAABJYAAAAB&dcc=t
Request Chain 361
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSOd6z2SCHvT3qRlWCFVzQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEII_TqHPy6XbrMnjCGY504A&google_cver=1&gdpr=1
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSOd6z2SCHvT3qRlWCFVzQAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOsofwVHG3tVFA1n5-IFdrM&google_cver=1
Request Chain 364
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6830105401390489736&uid=Q6830105401390489736&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 365
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=eDlBe7vn1Mi9He5&gdpr=1
Request Chain 366
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632316140

436 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set 08121021606904939246
www.123greetings.com/send/view/
30 KB
31 KB
Document
General
Full URL
https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
24c155117b7ea2b45a2c874ad3ea071d1d462efb1fb65cf34c3775e6c8ad5331
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.123greetings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Aug 2021 13:08:45 GMT
Server
Apache/2.2.15 (CentOS)
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Set-Cookie
SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
fcp_R1.css
c.123g.us/css/
15 KB
4 KB
Stylesheet
General
Full URL
https://c.123g.us/css/fcp_R1.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ae36a06a38cf0dc7ff3f85990fc45bd5983fda8517494345df59733bf20e2f08

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 11:48:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2021 11:38:41 GMT
Server
Apache/2.2.15 (CentOS)
Age
2337607
ETag
"24866-3a14-5c36251415240"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3714
jake_test
Test_Pass
jquery.js
c.123g.us/js2/
92 KB
33 KB
Script
General
Full URL
https://c.123g.us/js2/jquery.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 15:41:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1546035
ETag
"16f3a-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33449
jake_test
Test_Pass
Expires
Thu, 05 Aug 2021 15:56:38 GMT
swfobject.js
c.123g.us/js2/
10 KB
4 KB
Script
General
Full URL
https://c.123g.us/js2/swfobject.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 07:17:57 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2440252
ETag
"261f-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3868
jake_test
Test_Pass
Expires
Mon, 26 Jul 2021 07:32:59 GMT
123g_utils_v1.js
c.123g.us/js2/
123 KB
30 KB
Script
General
Full URL
https://c.123g.us/js2/123g_utils_v1.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 06:10:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Jun 2021 12:51:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
1493871
ETag
"2c3d8-1ed3a-5c3f026148680"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30667
jake_test
Test_Pass
utilsopt.js
c.123g.us/js2/
22 KB
7 KB
Script
General
Full URL
https://c.123g.us/js2/utilsopt.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 18:40:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Nov 2020 10:41:25 GMT
Server
Apache/2.2.15 (CentOS)
Age
2312929
ETag
"57b2-5b3459efc3f40"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6801
jake_test
Test_Pass
Expires
Tue, 27 Jul 2021 18:55:00 GMT
123g_static.js
c.123g.us/js2/
138 KB
25 KB
Script
General
Full URL
https://c.123g.us/js2/123g_static.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
42f9e1454594114ac69809f4d5e48510936150a2384c892228e8685a468bdc82

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 07 Aug 2021 06:06:08 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Jun 2021 07:24:03 GMT
Server
Apache/2.2.15 (CentOS)
Age
1407761
ETag
"226b7-5c4f117710ac0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25258
jake_test
Test_Pass
Expires
Fri, 13 Aug 2021 03:45:32 GMT
jquery.blockUI.js
c.123g.us/js2/
8 KB
3 KB
Script
General
Full URL
https://c.123g.us/js2/jquery.blockUI.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 19:56:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1444357
ETag
"1fe9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3052
jake_test
Test_Pass
Expires
Sun, 08 Aug 2021 08:22:30 GMT
rakpanel.js
c.123g.us/js2/
3 KB
2 KB
Script
General
Full URL
https://c.123g.us/js2/rakpanel.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 11:00:20 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Aug 2018 13:50:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
1994909
ETag
"d4c-57300e747f440"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1626
jake_test
Test_Pass
Expires
Thu, 05 Aug 2021 15:57:14 GMT
addressbook.js
c.123g.us/js2/
400 KB
76 KB
Script
General
Full URL
https://c.123g.us/js2/addressbook.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9ec7a2c23d14eb76c0f5bac272f9a01b2a70c489a9908efdd3e3355b2d9da0d6

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 08:44:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Jun 2021 04:58:27 GMT
Server
Apache/2.2.15 (CentOS)
Age
1657488
ETag
"2c7db-63e59-5c553a3f122c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77163
jake_test
Test_Pass
date.js
c.123g.us/js2/calendar/
3 KB
1 KB
Script
General
Full URL
https://c.123g.us/js2/calendar/date.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 08:54:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1052054
ETag
"afa-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
974
jake_test
Test_Pass
Expires
Wed, 11 Aug 2021 09:09:38 GMT
jquery.datePicker.js
c.123g.us/js2/calendar/
15 KB
5 KB
Script
General
Full URL
https://c.123g.us/js2/calendar/jquery.datePicker.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 01 Aug 2021 22:55:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1865599
ETag
"3d65-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4593
jake_test
Test_Pass
Expires
Sat, 07 Aug 2021 13:47:16 GMT
jquery.ajax_autocomplete.js
c.123g.us/js2/
32 KB
10 KB
Script
General
Full URL
https://c.123g.us/js2/jquery.ajax_autocomplete.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 01 Aug 2021 07:21:48 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Oct 2020 08:18:39 GMT
Server
Apache/2.2.15 (CentOS)
Age
1921621
ETag
"2c7c6-7f11-5b19d2dbe95c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9770
jake_test
Test_Pass
jquery.bxslider_new.js
c.123g.us/js2/
20 KB
5 KB
Script
General
Full URL
https://c.123g.us/js2/jquery.bxslider_new.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 17 Aug 2021 14:49:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:41:22 GMT
Server
Apache/2.2.15 (CentOS)
Age
512343
ETag
"2c44c-50ba-54a227db65c80"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5210
jake_test
Test_Pass
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2d2846040ce0726ba6ace389110fad3b2c7f1cc23caf00adc4f8a016892ad57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49909
x-xss-protection
0
server
cafe
etag
14305058684536401169
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:49 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
95b879f5df030c129a806754f583d82932a231605e37278a98c9b2e6de1824b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Td4MVz/1cd854q6U2DUt7g==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
4MdkyVWAKHm/rBHwVv5ADeY82ufD8GoNoahJN2Ts6ykBGUIi3W1xPnQuwrx+4uFn+DYwW2AYYqTmIqsK8gR70g==
x-fb-trip-id
686109401
x-fb-content-md5
f5955439203b428277ff55cb5679c50e
x-frame-options
DENY
date
Mon, 23 Aug 2021 13:08:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"3d3f5d2a735bb616c0b8ca689aa1bea0"
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:12:07 GMT
js
www.googletagmanager.com/gtag/
101 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3076315-1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
565e9c88cdd8e817ccb861163867e1fb772a410c96245b3ef00a11ef910935d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40968
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 23 Aug 2021 13:08:49 GMT
styleopt_R1.css
c.123g.us/css/
80 KB
16 KB
Stylesheet
General
Full URL
https://c.123g.us/css/styleopt_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 21:40:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 May 2021 11:38:55 GMT
Server
Apache/2.2.15 (CentOS)
Age
2388481
ETag
"13f87-5c3625216f1c0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16152
jake_test
Test_Pass
Expires
Sun, 15 Aug 2021 04:22:39 GMT
modal_window_R1.css
c.123g.us/css/
33 KB
7 KB
Stylesheet
General
Full URL
https://c.123g.us/css/modal_window_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 08:16:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jun 2020 09:39:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
1054352
ETag
"8220-5a7b79d367980"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6727
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 07:33:17 GMT
print_card_R1.css
c.123g.us/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://c.123g.us/css/print_card_R1.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb

Request headers

Referer
https://c.123g.us/css/fcp_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 08:07:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jul 2018 11:23:06 GMT
Server
Apache/2.2.15 (CentOS)
Age
968469
ETag
"af1-571586732da80"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
807
jake_test
Test_Pass
Expires
Thu, 12 Aug 2021 15:30:58 GMT
ajax-fileuploader.gif
c.123g.us/images/
11 KB
11 KB
Image
General
Full URL
https://c.123g.us/images/ajax-fileuploader.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 07 Aug 2021 06:30:09 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:08 GMT
Server
Footprint Distributor V6.1.1162
Age
1406320
ETag
"2a43-54da7c7a66000"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10819
jake_test
Test_Pass
Expires
Sun, 15 Aug 2021 08:42:41 GMT
123g_master_bg.png
c.123g.us/images/
145 B
501 B
Image
General
Full URL
https://c.123g.us/images/123g_master_bg.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 07 Aug 2021 13:30:21 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
1381108
ETag
"91-54da7c7b5a240"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145
jake_test
Test_Pass
Expires
Tue, 17 Aug 2021 21:32:38 GMT
master_img_menu.png
c.123g.us/images/
6 KB
6 KB
Image
General
Full URL
https://c.123g.us/images/master_img_menu.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 12:06:49 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
176520
ETag
"1861-54da7c7b5a240"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6241
jake_test
Test_Pass
Expires
Sat, 21 Aug 2021 12:22:23 GMT
icon_set_R1.png
c.123g.us/images/
140 KB
141 KB
Image
General
Full URL
https://c.123g.us/images/icon_set_R1.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 18 Aug 2021 14:04:27 GMT
Last-Modified
Mon, 18 Nov 2019 12:30:19 GMT
Server
Apache/2.2.15 (CentOS)
Age
428662
ETag
"230cb-5979e1c4d2cc0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
143563
jake_test
Test_Pass
Expires
Wed, 18 Aug 2021 14:19:30 GMT
big_img_sprite.png
c.123g.us/images/
134 KB
134 KB
Image
General
Full URL
https://c.123g.us/images/big_img_sprite.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 15:00:06 GMT
Last-Modified
Wed, 11 Sep 2019 08:42:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
2239723
ETag
"9cd35-21653-5924300b6d700"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
136787
jake_test
Test_Pass
master_icon_set_2.png
c.123g.us/images/
88 KB
88 KB
Image
General
Full URL
https://c.123g.us/images/master_icon_set_2.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 06:34:22 GMT
Last-Modified
Tue, 16 Feb 2021 07:04:35 GMT
Server
Apache/2.2.15 (CentOS)
Age
1233267
ETag
"15fce-5bb6eb70666c0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90062
jake_test
Test_Pass
Expires
Mon, 09 Aug 2021 06:50:10 GMT
sdk.js
connect.facebook.net/en_US/
230 KB
67 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=07754d3943ab7476e72e95cc7b0ec67c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ea99be57a06cc6cf83a0f92d7fc768b06c3011876bf147711412bfc554dc67b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.123greetings.com
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Q8b82goHL+lLbdaZthpyGQ==
cross-origin-resource-policy
cross-origin
expires
Tue, 23 Aug 2022 10:51:13 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68284
x-fb-rlafr
0
x-fb-debug
hCOPJg4Lx+OhVJfh2Wmi9hmBQLo4dfE/ydaO3M13tjqPeKiH3tsGR+9ejmEtuXVYfktO8qBPc+t+pXqpA/g7iA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
65fbfd1e66101fe553728bb9845e6c89
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 23 Aug 2021 13:08:49 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"1b70e3d1086716347fdebd5e62dca217"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
request.js
trkn.us/info/
2 KB
1 KB
Script
General
Full URL
https://trkn.us/info/request.js?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=9380133098.494936
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.122.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-122-68.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c306801776acd85fdfdd30e8cab17cb470d4189decbbcf642c642ba9649bdf1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:08:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
733
Expires
Sun, 01 Jan 2014 00:00:00 GMT
connect_config.js
c.123g.us/js2/
201 B
529 B
Script
General
Full URL
https://c.123g.us/js2/connect_config.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 18:39:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
2312930
ETag
"c9-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120
jake_test
Test_Pass
Expires
Tue, 27 Jul 2021 18:55:01 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95447
x-xss-protection
0
server
cafe
etag
5134495107379379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/ Frame 5998
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210816/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkxuUHoyLCMht0b2Z5LGrD3YsiNCtQhobIbWAyvQALD4W3mDZyKTfU6CeKLaNk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 23 Aug 2021 08:37:30 GMT
expires
Mon, 06 Sep 2021 08:37:30 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
16279
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3076315-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
6908
date
Mon, 23 Aug 2021 11:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Mon, 23 Aug 2021 13:13:41 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=6268317308&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=07754d3943ab7476e72e95cc7b0ec67c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
otUqvpHuOjD5eOI2m7EwwqWBbpj0mepzPoyZuYzZll3bRL+T8KFCveffe0+RMOc5/1v3A1ndbO6IEvZEm3tdFg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 23 Aug 2021 13:08:49 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j92&a=490822073&t=pageview&_s=1&dl=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1850842799&gjid=890792588&cid=1800966580.1629724130&tid=UA-3076315-1&_gid=712940494.1629724130&_r=1&gtm=2ou8i0&z=1299855443
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
206 B
660 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4bfdedaaa161864ace3e83b7aabdd68f375844db244d4ca79f31ab5db2a685dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&tn=DIV&id=cookie_bar&cls=cookie_bar&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5326
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1629724130&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724129867&bpp=7&bdt=788&idt=124&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5126043630996&frm=20&pv=2&ga_vid=1800966580.1629724130&ga_sid=1629724130&ga_hid=490822073&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062181%2C31062297&oid=3&pvsid=1708076251351380&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=159
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8275302107693664&output=html&adk=1812271804&adf=3025194257&lmt=1629724130&plat=1%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724129867&bpp=7&bdt=788&idt=124&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5126043630996&frm=20&pv=2&ga_vid=1800966580.1629724130&ga_sid=1629724130&ga_hid=490822073&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C20211866%2C31062181%2C31062297&oid=3&pvsid=1708076251351380&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=159
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkxuUHoyLCMht0b2Z5LGrD3YsiNCtQhobIbWAyvQALD4W3mDZyKTfU6CeKLaNk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 13:08:50 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:50 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458978809797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:50 GMT
/
trkn.us/info/
Redirect Chain
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=9380133098.494936&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&dvis=visible
  • https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=9380133098.494936&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&dvis=visible&ip=84.17.55.83&cuidchk=1
42 B
780 B
Image
General
Full URL
https://trkn.us/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=9380133098.494936&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&dvis=visible&ip=84.17.55.83&cuidchk=1
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.122.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-122-68.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:08:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Mon, 23 Aug 2021 13:08:50 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/info/?sid=1efbd474-f6d6-4c7a-ab0e-0a28232c817d&ord=9380133098.494936&ref=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&dvis=visible&ip=84.17.55.83&cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
117465_details.js
x.123g.us/json/
2 KB
1 KB
Script
General
Full URL
https://x.123g.us/json/117465_details.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
308dd37e982a2e24c752052672611ada0af5ce069f6b15c749489fe701d09a2f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:08:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Aug 2021 12:54:47 GMT
Server
Apache/2.2.15 (CentOS)
Age
0
ETag
"942-5ca39859a93c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
824
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:23:51 GMT
menu.js
x.123g.us/json/
70 KB
13 KB
Script
General
Full URL
https://x.123g.us/json/menu.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ada19e5da8432a3b86e69fa73501a29d35350876f4d495519c6e34962aa6420a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:42:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Aug 2021 11:12:42 GMT
Server
Apache/2.2.15 (CentOS)
Age
1572
ETag
"116d5-5ca3818867e80"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13027
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 12:57:45 GMT
117465_pc.jpg
i.123g.us/c/birth_happybirthday/pc/
60 KB
60 KB
Image
General
Full URL
https://i.123g.us/c/birth_happybirthday/pc/117465_pc.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
40ef8e657d759f1c799a2381bafeb8fa5c64f364992f22448f82772cbf05faa4

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 04 Aug 2021 10:58:22 GMT
Last-Modified
Tue, 27 Jun 2017 22:04:30 GMT
Server
Apache/2.2.15 (CentOS)
Age
1649429
ETag
"efbb-552f8406ff780"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
61371
jake_test
Test_Pass
Expires
Wed, 04 Aug 2021 11:13:22 GMT
play-button.png
c.123g.us/images/
3 KB
3 KB
Image
General
Full URL
https://c.123g.us/images/play-button.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/styleopt_R1.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905

Request headers

Referer
https://c.123g.us/css/styleopt_R1.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 05:18:40 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
1497011
ETag
"afd-54da7c7a66000"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2813
jake_test
Test_Pass
Expires
Fri, 06 Aug 2021 05:33:41 GMT
117465_bg.gif
i.123g.us/c/birth_happybirthday/bg/
49 B
404 B
Image
General
Full URL
https://i.123g.us/c/birth_happybirthday/bg/117465_bg.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fa8823759eda94746d46078d38282bba21e854d65bc052ed7476bef309bebb9f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 10:35:05 GMT
Last-Modified
Mon, 24 Feb 2014 09:36:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
1823626
ETag
"31-4f323b3ee81c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49
jake_test
Test_Pass
Expires
Tue, 17 Aug 2021 10:12:34 GMT
like.php
www.facebook.com/v2.0/plugins/ Frame 2675
0
500 B
Document
General
Full URL
https://www.facebook.com/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e4411c781d338%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ffc24357e102a5c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fbirthday%2Fhappy_birthday%2Fbirthday144.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=07754d3943ab7476e72e95cc7b0ec67c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.0/plugins/like.php?app_id=6268317308&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e4411c781d338%26domain%3Dwww.123greetings.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.123greetings.com%252Ffc24357e102a5c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.123greetings.com%2Fbirthday%2Fhappy_birthday%2Fbirthday144.html&layout=button_count&locale=en_US&ref=fb_lk_fcp_2&sdk=joey&show_faces=false&width=90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
tzye9pGQu8Q1NaPqnpD2G+U51knGq1pud7zbJdKQBH7+DOwNVbLq5ICjOzuimlXZIslps5c1rJwlmk9KJVVxiQ==
content-length
0
date
Mon, 23 Aug 2021 13:08:51 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
PinExt.png
assets.pinterest.com/images/
936 B
1 KB
Image
General
Full URL
https://assets.pinterest.com/images/PinExt.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:51 GMT
x-cdn
fastly
etag
"61ed0472dfcbfaf25e7585f119adf76a"
vary
Origin
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-CDN
cache-control
max-age=86400
access-control-max-age
86400
content-length
936
117465.mp4
v.123g.us/vod/birth_happybirthday/
16 KB
0
Media
General
Full URL
https://v.123g.us/vod/birth_happybirthday/117465.mp4
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 23 Aug 2021 13:08:52 GMT
Last-Modified
Thu, 25 Jul 2019 10:45:39 GMT
Server
Footprint Distributor V6.1.1162
Age
0
ETag
"2ad439-58e7f20720780"
Vary
Accept-Encoding
Content-Type
video/mp4
Content-Range
bytes 0-2806840/2806841
Connection
keep-alive
Content-Length
2806841
117465.mp4
v.123g.us/vod/birth_happybirthday/
48 KB
0
Media
General
Full URL
https://v.123g.us/vod/birth_happybirthday/117465.mp4
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 23 Aug 2021 13:08:52 GMT
Last-Modified
Thu, 25 Jul 2019 10:45:39 GMT
Server
Footprint Distributor V6.1.1162
Age
0
ETag
"2ad439-58e7f20720780"
Vary
Accept-Encoding
Content-Type
video/mp4
Content-Range
bytes 0-2806840/2806841
Connection
keep-alive
Content-Length
2806841
tagclouds_cards.js
x.123g.us/json/
3 KB
1 KB
Script
General
Full URL
https://x.123g.us/json/tagclouds_cards.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
8ae9e0a8e36e038b20339b8f1000d4bfe805e226eb5138ab00a5e0802d693fc8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:39:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Aug 2021 12:32:04 GMT
Server
Apache/2.2.15 (CentOS)
Age
1756
ETag
"b14-5ca39345cd900"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
673
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 12:56:56 GMT
Cookie set check_js_file.pl
www.123greetings.com/usr-bin/
19 B
285 B
XHR
General
Full URL
https://www.123greetings.com/usr-bin/check_js_file.pl?card_number=117465
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
597590f68c3c16a93a177199ac174d31151732cceb80dbba54d9445027901f55
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.123greetings.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors
Accept
text/plain, */*; q=0.01
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Connection
keep-alive
Referer
https://www.123greetings.com/send/view/08121021606904939246
Accept
text/plain, */*; q=0.01
Referer
https://www.123greetings.com/send/view/08121021606904939246
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:08:52 GMT
Server
Apache/2.2.15 (CentOS)
Set-Cookie
SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set summary
www.123greetings.com/send/fcp_track/2d2b4e686c276a6c646e5f23636f64545668617d6c7a5269623b0f0003/08121021606904939246/ Frame AC68
5 KB
5 KB
Document
General
Full URL
https://www.123greetings.com/send/fcp_track/2d2b4e686c276a6c646e5f23636f64545668617d6c7a5269623b0f0003/08121021606904939246/summary
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.72.244.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
www.123greetings.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.123greetings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/send/view/08121021606904939246
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/send/view/08121021606904939246

Response headers

Cache-control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Mon, 23 Aug 2021 13:08:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Frame-Options
SAMEORIGIN
transfer-encoding
chunked
Set-Cookie
SERVERID=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
gpt.js
www.googletagservices.com/tag/js/
72 KB
25 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/123g_utils_v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
940d55f419c328ba45d8a3a4a669eddf2cf116e87c712e3d06d5fd467304dc0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"967 / 255 of 1000 / last-modified: 1629717150"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25320
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:51 GMT
pubads_impl_2021081701.js
securepubads.g.doubleclick.net/gpt/
328 KB
115 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 17 Aug 2021 08:38:29 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117161
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
414 B
844 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.123greetings.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e91e7d4b434bf577e8f9f0fef4a45ab94c41fd0493ff9e760bcd398732f6fdc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
186
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:52 GMT
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
131 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1708076251351380&correlator=2565378716127281&output=ldjh&impl=fifs&eid=31062339%2C31062154%2C20211866%2C31062181%2C31062297&vrg=2021081701&ptt=17&sc=1&sfv=1-0-38&ecs=20210823&iu_parts=46400095%2CDesktopWeb_Finalcard_LB%2CDesktopWeb_Finalcard_Sky%2CDesktopWeb_Finalcard_LowerLB%2CDesktopWeb_Finalcard_Preroll%2CDesktopWeb_Finalcard_FCPLarge1%2CDesktopWeb_Finalcard_FCPLarge2%2CDesktopWeb_Finalcard_FCPLarge3%2CDesktopWeb_Finalcard_Video&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=728x90%2C160x600%2C970x90%7C728x90%7C970x250%2C300x250%7C336x280%7C360x300%2C300x250%2C300x250%2C300x250%2C1x1&cust_params=site%3D123greetings.com%26section%3Dbirth_happybirthday%26page%3Dfinalcard&cookie_enabled=1&bc=31&abxe=1&lmt=1629724132&dt=1629724132364&dlt=1629724129079&idt=3245&frm=20&biw=1600&bih=1200&oid=3&adxs=560%2C1114%2C310%2C410%2C332%2C650%2C968%2C0&adys=47%2C236%2C1516%2C535%2C949%2C949%2C949%2C1710&adks=3337616149%2C1542450727%2C4029745640%2C3714999025%2C3462125275%2C1838853332%2C2455301282%2C2411661447&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x90%7C172x612%7C980x37%7C470x66%7C980x300%7C980x300%7C980x300%7C1600x1690&msz=728x90%7C160x600%7C980x0%7C470x20%7C314x264%7C314x264%7C314x264%7C1600x0&ga_vid=1800966580.1629724130&ga_sid=1629724130&ga_hid=490822073&ga_fc=false&fws=4%2C4%2C0%2C0%2C0%2C0%2C0%2C0&ohw=728%2C160%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C0%7C0%7C0%7C0%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
3fba73faf0d6b800414f6469ca6bb213608629b56cc967f3c1f917f9b42a16ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16103
x-xss-protection
0
google-lineitem-id
5292193851,287186655,237051975,5075596738,5339830282,5339838610,5339866447,5501288042
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138302591891,113980516335,99278302815,138271368528,138307808418,138308197669,138307796510,138326033967
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
59e2045d79da705643c99e35fc7da487.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A7F
6 KB
3 KB
Document
General
Full URL
https://59e2045d79da705643c99e35fc7da487.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
59e2045d79da705643c99e35fc7da487.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 23 Aug 2021 13:08:52 GMT
expires
Tue, 23 Aug 2022 13:08:52 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
117465.mp4
v.123g.us/vod/birth_happybirthday/
53 KB
53 KB
Media
General
Full URL
https://v.123g.us/vod/birth_happybirthday/117465.mp4
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
ae83112ffd3b9df051f6617b4207ac9c9a782466ecf70196dbdff09efb4da5a1

Request headers

Referer
https://www.123greetings.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=2752512-

Response headers

Date
Mon, 23 Aug 2021 13:08:52 GMT
Last-Modified
Thu, 25 Jul 2019 10:45:39 GMT
Server
Footprint Distributor V6.1.1162
Age
0
ETag
"2ad439-58e7f20720780"
Vary
Accept-Encoding
Content-Type
video/mp4
Content-Range
bytes 2752512-2806840/2806841
Connection
keep-alive
Content-Length
54329
117465.mp4
v.123g.us/vod/birth_happybirthday/
80 KB
0
Media
General
Full URL
https://v.123g.us/vod/birth_happybirthday/117465.mp4
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.157.124 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash

Request headers

Referer
https://www.123greetings.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=32768-

Response headers

Date
Mon, 23 Aug 2021 13:08:52 GMT
Last-Modified
Thu, 25 Jul 2019 10:45:39 GMT
Server
Footprint Distributor V6.1.1162
Age
0
ETag
"2ad439-58e7f20720780"
Vary
Accept-Encoding
Content-Type
video/mp4
Content-Range
bytes 32768-2806840/2806841
Connection
keep-alive
Content-Length
2774073
fcp_thankyou.js
x.123g.us/json/
4 KB
1 KB
Script
General
Full URL
https://x.123g.us/json/fcp_thankyou.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:52:25 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 May 2020 08:02:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
987
ETag
"f55-5a5bf5ae75580"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1026
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:07:25 GMT
thank_sendcard_v3.js
x.123g.us/json/
591 B
742 B
Script
General
Full URL
https://x.123g.us/json/thank_sendcard_v3.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e6843b1295a9f1f35b1f085aff3fe2f9121969f67aaedad7fc9a85c0488cba11

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:51:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Aug 2021 12:22:16 GMT
Server
Apache/2.2.15 (CentOS)
Age
1062
ETag
"24f-5ca391150ae00"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
303
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:06:21 GMT
thank_birthday.js
x.123g.us/json/
310 KB
37 KB
Script
General
Full URL
https://x.123g.us/json/thank_birthday.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d311f758e6105f399e6418ab39da57fa549eaf00c06a490e60bac66bb367b48d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:59:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Aug 2021 12:51:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
546
ETag
"4d83f-5ca397aa2f5c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36975
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:14:46 GMT
eaug_hugsweetheartday.js
x.123g.us/json/
79 KB
10 KB
Script
General
Full URL
https://x.123g.us/json/eaug_hugsweetheartday.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6972bda47773785bdd8ad0666be5781e7d6e6eb5b05ccf07e5097f9a5d3a5698

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:04:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Aug 2021 12:41:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
262
ETag
"13dee-5ca3956dfafc0"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9551
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:20:22 GMT
carousel_thank.json
x.123g.us/json/
5 KB
5 KB
XHR
General
Full URL
https://x.123g.us/json/carousel_thank.json
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.253.95.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
53bf6b31410588fc6d33861734be464a8156b3f9455dbbe5f8619d77421e3299

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 12:50:47 GMT
Last-Modified
Mon, 23 Aug 2021 12:31:52 GMT
Server
Apache/2.2.15 (CentOS)
Age
1086
ETag
"12e7-5ca3933a5be00"
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4839
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:06:21 GMT
123832_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/123832_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
14fcad34fa7927180b82c153fb04f34d6ad117f259ca35df5c86776092876bb8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 04:37:46 GMT
Last-Modified
Mon, 24 Feb 2014 09:46:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
1845067
ETag
"1f61-4f323d746f800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8033
jake_test
Test_Pass
Expires
Sun, 08 Aug 2021 17:59:21 GMT
115126_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
5 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/115126_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
1db4192beb02ec6f72c44ef42854726d6cd6164b0b0dee15ea98d3f1eccd2594

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 10:21:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:46:08 GMT
Server
Footprint Distributor V6.1.1162
Age
10018
ETag
"1350-4f323d746f800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4944
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 10:36:55 GMT
112459_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/112459_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
96bfab476c88152624085aaac2c913878ce5b17d6fb34f96f803917954db4daa

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 29 Jul 2021 21:03:28 GMT
Last-Modified
Mon, 24 Feb 2014 09:46:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
2131525
ETag
"1f99-4f323d746f800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8089
jake_test
Test_Pass
Expires
Mon, 02 Aug 2021 17:00:46 GMT
closeBtn_h.png
c.123g.us/images/
1 KB
1 KB
Image
General
Full URL
https://c.123g.us/images/closeBtn_h.png
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 13:29:33 GMT
Last-Modified
Fri, 21 Apr 2017 06:58:08 GMT
Server
Apache/2.2.15 (CentOS)
Age
2331560
ETag
"42a-54da7c7a66000"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1066
jake_test
Test_Pass
Expires
Tue, 27 Jul 2021 13:45:11 GMT
112976_th.gif
i.123g.us/c/thank_birthday/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/thank_birthday/th/112976_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
74b978d6e5a78f78b0ccecf1047d6d8c6aa875e7257b1c192b7bb2b7d35ffaf7

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 09:47:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:47:37 GMT
Server
Footprint Distributor V6.1.1162
Age
98458
ETag
"10a4-4f323dc950040"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4260
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 10:02:55 GMT
336134_th.gif
i.123g.us/c/thank_birthday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/thank_birthday/th/336134_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
66f531760dc702e07e9c0457278ec8d5dfa25466a2b8db029e051cf956895d63

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 27 Jul 2021 09:00:07 GMT
Last-Modified
Fri, 09 Nov 2018 13:25:04 GMT
Server
Apache/2.2.15 (CentOS)
Age
2347726
ETag
"1e16-57a3b47740c00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7702
jake_test
Test_Pass
Expires
Mon, 02 Aug 2021 07:48:44 GMT
315118_th.gif
i.123g.us/c/thank_birthday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/thank_birthday/th/315118_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2a5b1ca669678ad7bec1dc63ae558f6a93aad04528279aa86dee423c336680ac

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 12:31:56 GMT
Last-Modified
Fri, 03 Jan 2020 05:53:52 GMT
Server
Apache/2.2.15 (CentOS)
Age
1557417
ETag
"1ef7-59b35ef2f9c00"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7927
jake_test
Test_Pass
Expires
Thu, 05 Aug 2021 12:46:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5AAF
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu91TbOm9AASinhs724SB9d6NHG8-Guy_BTjajfVT3ysO1o2q5NpHkIeZiT9nva7GKeyKxyi8Bz6dA8j42HTxCX3_0GL8JHJf74UHteH-KiMlIgF8KC7ttuNjxwv4DLs79ceKGG5HV_vYNIiN-4VMLJ3HhJhnDMyp5EG2lWbgnqRdhBRUKsBz0JPXq-REJ2SBxvDIDIifNzNnpxkKaGwKDKcGFo8QftShTRooqI8ghEkAWQDyBQQ3tzhGISlFaeRTmZVczDwAqxL9bX99IF77YICfnAhU615W5OSgsQTNOeEQoGil_2LRWumWBG-9AQ7-f7kMPKc2unZA1V6mNdRQ&sai=AMfl-YT-QVw11f36HQc9Ts4xx9_-CfTazB_KWkix0hMUJqdWAKiaE618ZAmbUH-x1mTl8tSQCQil1erHZdms9e7Cp4H8gJNWuVuIC3o7WFXulP8qGkNlesE9P97ttrApn4M&sig=Cg0ArKJSzPbw-UxQ8sH7EAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:53 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5AAF
100 KB
35 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bad0c836739481ec8e188a5123fd4bf0a48403f452942732f25034d1c85cdac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36117
x-xss-protection
0
server
cafe
etag
9237903137042404087
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5AAF
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 811B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm8WTwAbppTv7fKZjoT1sIFfq5DWYZLaVOPTUfZNKNUIHyPrbJEMX36HT3Ss6cVLSjPSHGMg6qxu4v0HBYImgJbUz70Aqp7CCHGP6wHV5KTWseVOIsIhG7L-gXJUEa57F4jaYnlkHC6diHGWtrhLnnMhV185xF0zCpVnb-0wYaOddQDYUg2rh2JpHdAlVEqE5ajrH0MyfQgGsDP8olKmx-zGWFVz1bo1VnxuwE_n5wk_8UifDdwmgHC0QtoZAGr77KiqmfDquDqd3SmnAw5_STAie5ozUPIzY_DHZ9_0MNdTd41XYI3a9RLMuMUoYlns8xH9edR2G8RMGC2ZKaPy4&sai=AMfl-YQopr6z24bwcm_-Y7Ef78XjVPfhqg_BcB-aVdDk60rukjbXSZ2xpomreBULj0WF9XpLY8XnQevsYZR8yKFCSd76unOHblTnGWek2LUIZ-qLMRnrQEGG-TxKbI8_Lv0&sig=Cg0ArKJSzIu8LxnoDxiGEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:53 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 811B
100 KB
35 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e99486cc20c5d59fe2389b3059e7e4512f43cb18d372455226f542a2dc94c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36055
x-xss-protection
0
server
cafe
etag
6045644161177297601
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 811B
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BB98
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3hYrDvjG38st5bjxCZBSRw32JIdFhZHmH540h-T6A1jYJzegNPK1BC_ua8MnzJL_m4CryB6k4YR8KUucyklrHKpJy1ziGjE2fciCmUarcYYi_yYrEkuV-PhzcIM5iGRUk0tyv_Xn5S04J7ifBvvX-J6xI9oz13BhLCWvTnzCPyWOXBZWw2TQx5Y_AHhF5lfHwpgX6VCzj_JJFdSRZ5o57PEwIW5AKyUAXr8v9mrILK5a7WxCNEe-L-NZaXu8UAD5EEwjNVqk0EA9PnFkHHI_X2xLR3k1Pl5sW5sv_jo6YvKg9lZkmWidE8I2msbvBwoAaag_bjZVC8KaYsb1Em2mMkZ8&sai=AMfl-YRJbHZnPSYAyf7bLeDZdSsdZHS5keyaTee8h2RKJEKzHUFbaZ8DP3ojVECcTmBRL7zQkYp9z3s2fODyNCvhqg8O6cS_L9ifS3ZkDAF_5vP8PKoEQD44yDMnUw_8Xac&sig=Cg0ArKJSzLyEYbJSnnrbEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:53 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BB98
100 KB
35 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bad0c836739481ec8e188a5123fd4bf0a48403f452942732f25034d1c85cdac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36117
x-xss-protection
0
server
cafe
etag
9237903137042404087
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB98
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:53 GMT
117465_th.gif
i.123g.us/c/birth_happybirthday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/birth_happybirthday/th/117465_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f8933d7e94d9053a4c1db518764463d73286b3d15cc9db469652bd37c8751f1

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 13:23:07 GMT
Last-Modified
Mon, 24 Feb 2014 09:36:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
1208746
ETag
"1e9f-4f323b4f1e800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7839
jake_test
Test_Pass
Expires
Mon, 16 Aug 2021 10:01:01 GMT
330332_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
6 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/330332_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e042d45d87c9a3577e985db0797bda2d38c2212da0529217052bb5f1a8abf4a8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 05:44:41 GMT
Last-Modified
Mon, 21 Aug 2017 13:34:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
2013852
ETag
"19ff-557438963d5c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6655
jake_test
Test_Pass
Expires
Sat, 31 Jul 2021 05:59:41 GMT
343868_th.gif
i.123g.us/c/thank_everyday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/thank_everyday/th/343868_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1db78caab4487db707ddf2dfa5a49c7c3be19ce73ac5a67e56d62a8cefe55c19

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 07 Aug 2021 08:52:52 GMT
Last-Modified
Wed, 15 Jul 2020 09:02:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
1397761
ETag
"1f5c-5aa772ff57980"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8028
jake_test
Test_Pass
Expires
Sat, 07 Aug 2021 09:07:52 GMT
120707_th.gif
i.123g.us/c/esep_laborday_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_laborday_happy/th/120707_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bbccf741c8b2ba240dd1b98332f008865d8de7fd346ffc5ac33e4dad085c8153

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 20:39:40 GMT
Last-Modified
Tue, 20 Aug 2019 13:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
318553
ETag
"1fee-5908cc544e0c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8174
jake_test
Test_Pass
Expires
Fri, 20 Aug 2021 13:05:44 GMT
119236_th.gif
i.123g.us/c/eaug_justbecauseday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_justbecauseday/th/119236_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2c395dde4dda4ad49030f2877bcbdcc5ac1c8b213e4da115536bdb204c23d27

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 21:53:28 GMT
Last-Modified
Mon, 24 Feb 2014 09:37:12 GMT
Server
Apache/2.2.15 (CentOS)
Age
1437325
ETag
"1f8b-4f323b7544200"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8075
jake_test
Test_Pass
Expires
Sun, 15 Aug 2021 09:57:33 GMT
105860_th.gif
i.123g.us/c/esep_laborday_happy/th/
7 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/esep_laborday_happy/th/105860_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f38f2ad6a134d1148f9d271c315e4c6750fe98738015124a481df8c349496e60

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 14 Aug 2021 05:01:38 GMT
Last-Modified
Mon, 24 Feb 2014 09:49:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
806835
ETag
"1bea-4f323e4b03240"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7146
jake_test
Test_Pass
Expires
Wed, 18 Aug 2021 03:12:14 GMT
330575_th.jpg
i.123g.us/c/esep_teddybearday/th/
4 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/esep_teddybearday/th/330575_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
72ab9d3d6e9dfa553ef2f8d32ed0e0d1d0d5ae732f96d23949edd896c3749c6b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 15:40:54 GMT
Last-Modified
Thu, 07 Sep 2017 14:02:27 GMT
Server
Apache/2.2.15 (CentOS)
Age
595679
ETag
"f48-55899e91102c0"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3912
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:05:44 GMT
103835_th.gif
i.123g.us/c/eaug_justbecauseday/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_justbecauseday/th/103835_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f5b963dcb1a64bed590c4f8f7566bb9cef96d23199f0122e0f174003325cead3

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 19:57:10 GMT
Last-Modified
Wed, 05 Aug 2015 13:28:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
148303
ETag
"113e-51c9060a75280"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4414
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 00:46:27 GMT
335137_th.gif
i.123g.us/c/esep_teddybearday/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_teddybearday/th/335137_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0f4ff39f3cc273f4e0fdf99345ed383fe4fd212b1622cc08e325c59885591935

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 01 Aug 2021 13:46:34 GMT
Last-Modified
Wed, 08 Aug 2018 11:33:33 GMT
Server
Apache/2.2.15 (CentOS)
Age
1898539
ETag
"1d45-572eae1659d40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7493
jake_test
Test_Pass
Expires
Wed, 04 Aug 2021 20:19:42 GMT
347860_th.gif
i.123g.us/c/eaug_nationaldog_day/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_nationaldog_day/th/347860_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
725357795d74005e827803e1496c876dffbb0f96928f8837eaf6db2284f91b5c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:16:55 GMT
Last-Modified
Fri, 20 Aug 2021 13:05:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
233518
ETag
"1dd1-5c9fd52c36800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7633
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:06:21 GMT
318520_th.jpg
i.123g.us/c/eaug_nationaldog_day/th/
6 KB
6 KB
Image
General
Full URL
https://i.123g.us/c/eaug_nationaldog_day/th/318520_th.jpg
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ada32021a43ce541eedf0c9badd13431e9a9ec5fd91e00c6a87266cb35f20b63

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 12:18:52 GMT
Last-Modified
Thu, 03 Aug 2017 07:11:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
2249401
ETag
"1749-555d415386b40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5961
jake_test
Test_Pass
Expires
Thu, 12 Aug 2021 15:41:09 GMT
115377_th.gif
i.123g.us/c/esep_chocolateday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_chocolateday/th/115377_th.gif
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a55fad400471602940d5bfd7a08a149eb8a295f70d5f45107ba4fc4b90ff84ea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 17:34:40 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2403253
ETag
"1fb1-4f323c509c780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8113
jake_test
Test_Pass
Expires
Wed, 11 Aug 2021 04:37:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8DC7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxZzyTv0UqSi775h8yZTgqHGcJnr4XV8BieEewspex_LQ1YopMTdTbN-71p82m6BvAPo3PKFNc2Cx6kUgis1f4lb87nzf8wa5TWqwyjFYojdF7zMQnh8mVDMkMKF7rsSIJ21UBjmTt_kWgJl6eN6XOnmUDPpSxp2kVFRq00qJe6ETvi03xMU1lwNpf_D8Br916QEWKjs2EybBM5lDLYAzpLrzd03rdzGjsVrB-1JxA4X56zHDDzojQoH4TFfjezc0StAZSQYNeBljH29a0P6uHRlenokhCzck2RycEFVRy1uja7lpzjald2-MQVr4L-JCdz-UVBqsNmyvjXmM7oLvSoNc45Q&sai=AMfl-YS8kd_R0Hz4WaCt6Cplf8b1p8rJctMP7YMZnJB34dgyExR4qHvHl7dAHY3ijMxNoCZczZOHfzeHQCuihwnTUJLOMKg-RnoA9safqCdBuTMKzCNMpH2SbGRAmUXOs-A&sig=Cg0ArKJSzG2Azgl4iAfQEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:53 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 8DC7
100 KB
35 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bad0c836739481ec8e188a5123fd4bf0a48403f452942732f25034d1c85cdac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36117
x-xss-protection
0
server
cafe
etag
9237903137042404087
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8DC7
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9AF4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJsCCwlZKnBbnLY0Qm6wxXaFAZfqXuM3ExyGqv7JygS3oeGuwlRaIdGNRk_tfxi0mC67qpJ9OwhjO7E6xxRoBqLwWouktr3q-QmgBkh10DYkLqtP71CiMPNnz28TBwWlB87dtBadGvwwF_Lc-lqybNKDyPQ_bNdf5IEekXwVRFyYisO4aA8ewzVKlvx-QTVwhkW6dKUpDDRoULYNRrzOUa7JQEbXg23qxL7covrJlpR8Xw33vcDhryz3sjDgTjugKFMwkuWx7tERGlWsN_iHSL93OXjeOTiPs9NtOhE2YCDva9amM1UUF48V09bDZI9EQHP28HRd2vuPC-4IsA2PEhqkEZqsxh&sai=AMfl-YSV_VOKAWRXDupiT8g2rotZO3f2D8AyCTK8IIMS4bMloQLhhLQ7cDMEa3fl-8el__X6TuNRpOPtlFVstTqGFTVtpLH2PPQ6Ac_G5-cX66H1kvmpALxtfQ-2FB9yJ-o&sig=Cg0ArKJSzGMaBFO7uA8GEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9AF4
139 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d9f881bced29824538dfc0f6b098f5410580c1851176fa169cae6da114ebef4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49841
x-xss-protection
0
server
cafe
etag
9047602529581312618
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9AF4
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1E96
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-tYAj8XBMiV10brvixi-jiGP-9pdgxKZN-mG4YOzWl4Peh_iLTCWRDX5TyRlJkLqi0nGgWjChby3s1t002j2fvkswuvY7rKOhoAVMzd_4aNiMGgOU3wTHb9uhfRMYKWWV6jdDJBrchT13B-Q4XMl1vasJUdIPI4_at3HPA_CNNV3UA3l5hnZpu00fr8QhoEzSw9-9vri-vZS0GpTgR4muGj8sG3uRZV4s5t_8oHhZQuS5Hpjdy4V7BO2l-_QSURdWaTouvxeuYfLyOnL_nU4VaQMN9satURCfJ5Czeba1m8C7rm0vvSS9PwQcdvFKcrOmY-EL69d7f2CkWT1-qDqT0Gx9KBhc&sai=AMfl-YRUQdS6JfQEmCC37b2MibJCoHpQVJ3U0NzSxzBZOt9FsrriTtFm7CcZCYr3qr0jXcax-zVjTQyssPsUvZRexzJW4WrQxSEIeGAV2tH9F-A1vEcr6qIYvdDV-ve54bw&sig=Cg0ArKJSzP21qHKjjPoeEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 1E96
139 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2d2846040ce0726ba6ace389110fad3b2c7f1cc23caf00adc4f8a016892ad57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49909
x-xss-protection
0
server
cafe
etag
14305058684536401169
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E96
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C2EC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5Sb3kWhgn91vNV7-whNeO7dbozr7UuR-kRtUbU75YHQ7AuMjgmh1hO55GQkjZgfmcEy2jKJbIUAgRxkGwLD7UQBZtrLkg3DwvsHLjp6SCmDw-HqOaQRSBsmo5WwLAkBrcrLgVC9bO7Kj1SrKq0EiZ4_InjCwq1zfLCE-on3Q57jKqbsEAaIDhtupelDsZet2SN64loZUo5v7oJNVT2OuQeQTea9O1qQqN77HcnqIGYDakaxSfdUXI2Irk8PmrluP8FGharb8OLGBG9MuwGObs6UMHIkgECm1MDXYHg3ncGlSJOu0bvvO0Td8u_Fz-FCUvX1wVvVdmdR7GmAIhVc53YSKJlG-A&sai=AMfl-YTMMf5pbEPpKOd2EmWYvQ-vBtrdtFRbtMfFNJT0Lqaa1OO0bntLnyz5ZhSn-JJokmFoyK3aDvwyoDlyWscuskJz7nHhr69Jm0WgtKeY1MiPkQSd0epymyzptZNAnms&sig=Cg0ArKJSzLO9krm-raFAEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C2EC
139 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2d2846040ce0726ba6ace389110fad3b2c7f1cc23caf00adc4f8a016892ad57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49909
x-xss-protection
0
server
cafe
etag
14305058684536401169
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C2EC
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 06AE
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjaWU4ea8vtNpl7Q_HZ5eNHAmLHtfj5hFNBgQyJP3enrA82RyCBtBS0e74a3X9j1uHD57-35FjBAfIJQC5E7E-fkuvJM_8TQvUXHFBCKG0MRWB88sJLpPzYBht4XgLguHjfYtsUPhhFogjz1tI8GVTT42jniWtTKdOvLLcGI0EjSqDlziwoLP4kmxBIdh8RsGvNGlJkelb-mSVWQhz33KhBkIw2fhZ1kwGjP4AX6ZhVrhe0VsAud4tD1Eby7OrtQhN7fyiBQgNkWwEnv0LlT9qdTX10wTMDAAB8ZaBpvLYAj3WRr1aGXb9SCeQB_ZCo5z0gRvwx6Qil2TPtgrlMfyHv4A&sai=AMfl-YQ4oznWI_EM5l0ja1CctDP1e1CvIiNxggMxHdnRysgN_cub-yeBcvU6QQDSqoNPCCeHDCLcaXn44_AnTCV-d6-nibSEAAI66sPWRFrnDjoZz1zookb9NyhdNdOkVH8&sig=Cg0ArKJSzKF6-IZFCt5EEAE&urlfix=1&adurl=
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/view/08121021606904939246
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
video-loader.js
cdn.avantisvideo.com/avm/js/ Frame 06AE
31 KB
31 KB
Script
General
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 20:07:10 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 09:58:31 GMT
server
AmazonS3
age
61304
etag
"cb2b3e45ae50a1cfc9646f528ea92b50"
x-cache
Hit from cloudfront
x-amz-version-id
0DrLkH_Ns8jDuJ7reO0cQzOfMbQ5KPOT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
content-length
31281
x-amz-cf-id
0OMjpnDMcZ1bvpITFRE1ncfyU65MKhftc4cYu8JSK1yr6FG3qGPDeg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 06AE
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081701.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:53 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ Frame 811B
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95447
x-xss-protection
0
server
cafe
etag
5134495107379379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ Frame BB98
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95447
x-xss-protection
0
server
cafe
etag
5134495107379379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ Frame 5AAF
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95447
x-xss-protection
0
server
cafe
etag
5134495107379379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
truncated
/ Frame 5AAF
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b4e1a2aa6c65e59940239bbc7a2a6e9f39520ae4746415b5314483b89ec359a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BB98
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36de27231aea4e9c0598de167550524827d2380083d1d9917f58385c580c54a9

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 811B
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
755725260e477cad09022e749cd40fb90bc38838ef13517b718933acf01b0bfe

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ Frame 8DC7
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95447
x-xss-protection
0
server
cafe
etag
5134495107379379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:53 GMT
truncated
/ Frame 8DC7
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
250244c507692fcec1d3aa02ed3877780f22c5148cc175e5ec827a50b662a865

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9AF4
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ccbc24cafcee7f8999fa903cd1ccb2eb34c92e9dbc693937d4c178800e86f659

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1E96
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ffeb0a68cecd94b58a1962f335b04d6d148882ecc74b3eb49a569e5c8c28eba

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C2EC
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09fc93fe9786a55c5daf6c517a2e4d65d764e8f22985807737b9f64dcca28594

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 06AE
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5680cb5e6c2f3c97f9d29ff0bb3c9ba1319a940e4053878f5bf812701551074e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
abc.txt
static.avantisvideo.com/data/ Frame 06AE
26 KB
6 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:0:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
242168124aa6af25c61ab950efad75ae538bb25aa8e570655cb1ec34fcae02fd

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 Aug 2021 19:58:56 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 19:58:09 GMT
server
AmazonS3
age
61799
etag
W/"5f8656c9abddc591c13eadc0987fa6b8"
vary
Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
bIYw4W1ihw0b4DPBpNlHmPpB_bJ27hRJTCGc8VXk32lpou2Yu8Yvsg==
via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
abc.txt
static.avantisvideo.com/data/ Frame 06AE
26 KB
6 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:0:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
242168124aa6af25c61ab950efad75ae538bb25aa8e570655cb1ec34fcae02fd

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 22 Aug 2021 19:58:56 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 19:58:09 GMT
server
AmazonS3
age
61799
etag
W/"5f8656c9abddc591c13eadc0987fa6b8"
vary
Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
3svA-G3JjqQh2t1N42bN7ZT3KtvHEbYt81iQntv1PvM1SkPrOw8uoQ==
via
1.1 666ff4ad81b3b60af3d2241160893ee3.cloudfront.net (CloudFront)
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ Frame 9AF4
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95447
x-xss-protection
0
server
cafe
etag
5134495107379379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:54 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ Frame C2EC
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95447
x-xss-protection
0
server
cafe
etag
5134495107379379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:54 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ Frame 1E96
252 KB
93 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95447
x-xss-protection
0
server
cafe
etag
5134495107379379254
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 23 Aug 2021 13:08:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 06AE
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-H7Kemi1lNJTffNRH3SXp5IpOZJkXfPd7G-OhQsq02zgdP4ata7iSAwWgSPE3uvwpNDHUIQufvILdl3dQtW3rz6npAUkop_Z9YfczQg17Usj6WHQP3ehapPqXJiMf6slodVG2S9vdc0PkTMs5MrCNs7_KeYCOOcI9LDlVPVt2EimzrSm4snuR2sgmRZXK-ENvARZSopZRHK2qbu_Yt-GBMmiML27zLAfsQenD4bc5R1K3u1jNjEisvV5KyUoPrpilspcioUr5ZYZd8wDfrmpuJKORwUhQEU--acLDoXDreid1mNPVkNq5HriSZ0xf4chJvCvMdyPxdCDnxnCRSTJJMQfHLg&sai=AMfl-YRCvXAqfYKmTzV7JpMj9KASQE7ez4mskGecKdHFU6KxopGQ5bmvxo0Dkvo3vRKuX7bS-sIV27Q5KMpW-tVhS1GmH9d3TdJHRnpZY01JuKCCA0lk2hlulZ0GwAdh7Bs&sig=Cg0ArKJSzAJs1pQxCS5SEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:54 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame C80F
42 KB
42 KB
Document
General
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method
GET
:authority
cdn1.avantisvideo.com
:scheme
https
:path
/connect/u_d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

content-type
text/html
content-length
42560
last-modified
Tue, 30 Mar 2021 10:01:49 GMT
x-amz-version-id
Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
accept-ranges
bytes
server
AmazonS3
date
Sun, 22 Aug 2021 17:39:08 GMT
etag
W/"f5694815436f3e426c35d9ae8274ad04"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
Tzx7zsPWmQYqaPXHB0tnf_W_6Q7gdIxhe3q55m2-d3by-j3lTU9UwA==
age
72691
cookie.js
partner.googleadservices.com/gampad/ Frame 811B
12 B
100 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 811B
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 811B
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1C54
64 KB
22 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
498fbee887511ae8ddbbe0c42d784bae3c4ad66ee6603e4a71d85a6aa8c65d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJud4GepsCs99m5MZJQYGQ0KY77NVwgh5ZfwqV-f_FQXUJheE_gRFIKF2frLM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 23 Aug 2021 13:08:54 GMT
server
cafe
content-length
22349
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 811B
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458978809797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:54 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame BB98
12 B
53 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame BB98
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BB98
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7BE7
603 B
115 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031645&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133642&bpp=14&bdt=268&idt=707&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1745303836.1629724134&ga_sid=1629724134&ga_hid=755091976&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2376&biw=1600&bih=1200&isw=728&ish=90&ifk=2942259872&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=3837651663359202&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.urh3vb4x92ab&btvi=1&fsb=1&dtd=786
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=6560251292&adk=276656745&adf=816031645&pi=t.ma~as.6560251292&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133642&bpp=14&bdt=268&idt=707&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1745303836.1629724134&ga_sid=1629724134&ga_hid=755091976&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=2376&biw=1600&bih=1200&isw=728&ish=90&ifk=2942259872&scr_x=0&scr_y=0&eid=20211866%2C31062178%2C31062297&oid=3&pvsid=3837651663359202&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.urh3vb4x92ab&btvi=1&fsb=1&dtd=786
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnJud4GepsCs99m5MZJQYGQ0KY77NVwgh5ZfwqV-f_FQXUJheE_gRFIKF2frLM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 23 Aug 2021 13:08:54 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame BB98
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458978809797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:54 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 5AAF
12 B
53 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 5AAF
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5AAF
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8882
603 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031635&pi=t.ma~as.Google_LB_15938Z&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133661&bpp=9&bdt=301&idt=780&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1402238879.1629724135&ga_sid=1629724135&ga_hid=135690652&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3113313346&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31060033%2C31062297&oid=3&pvsid=2401984689895636&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.39l46mhtyghf&fsb=1&dtd=855
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4627517680249670&output=html&h=90&slotname=Google_LB_15938Z&adk=4293758812&adf=816031635&pi=t.ma~as.Google_LB_15938Z&w=728&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133661&bpp=9&bdt=301&idt=780&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1402238879.1629724135&ga_sid=1629724135&ga_hid=135690652&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=560&ady=47&biw=1600&bih=1200&isw=728&ish=90&ifk=3113313346&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31060033%2C31062297&oid=3&pvsid=2401984689895636&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.39l46mhtyghf&fsb=1&dtd=855
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 23 Aug 2021 13:08:54 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 23-Aug-2021 13:23:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 13:08:54 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame 5AAF
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458978809797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:54 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 8DC7
206 B
265 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-4627517680249670
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
46e77f0a98afc9173873a17e8143037c3abd60e59db20c9072b1d8cc23caf7ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 8DC7
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8DC7
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7781
62 KB
21 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55c1913ad5d39835049e68ba8fcb5b1e09e60c379873051dc3824d1c553a8a8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 23 Aug 2021 13:08:54 GMT
server
cafe
content-length
21900
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 23-Aug-2021 13:23:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 13:08:54 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame 8DC7
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458978809797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:54 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 9AF4
206 B
217 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
49034d09c3bb28b7d89df2e9ca7173a8d2e1e2adf149d04f94baa16c986db701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 9AF4
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9AF4
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1D51
65 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2428394929a2616c09cb6ae140d8dbe70642a77ca330f7e3251d2c6e05ec1461
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 23 Aug 2021 13:08:55 GMT
server
cafe
content-length
25180
x-xss-protection
0
set-cookie
IDE=AHWqTUmVgGp86W83k61r8Em2R724Dy_bYNzeKw7qiHpEUaHptxFYgEZa0QElLXi2Cmg; expires=Sat, 17-Sep-2022 13:08:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 13:08:55 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame 9AF4
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458978809797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:54 GMT
fcp.css
c.123g.us/css/ Frame AC68
7 KB
2 KB
Stylesheet
General
Full URL
https://c.123g.us/css/fcp.css
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/2d2b4e686c276a6c646e5f23636f64545668617d6c7a5269623b0f0003/08121021606904939246/summary
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 19:03:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jul 2018 10:31:17 GMT
Server
Apache/2.2.15 (CentOS)
Age
1447501
ETag
"1b92-57234f6246740"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2003
jake_test
Test_Pass
Expires
Fri, 06 Aug 2021 19:37:41 GMT
jquery.js
c.123g.us/js2/ Frame AC68
92 KB
33 KB
Script
General
Full URL
https://c.123g.us/js2/jquery.js
Requested by
Host: www.123greetings.com
URL: https://www.123greetings.com/send/fcp_track/2d2b4e686c276a6c646e5f23636f64545668617d6c7a5269623b0f0003/08121021606904939246/summary
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 05 Aug 2021 15:41:34 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:31 GMT
Server
Apache/2.2.15 (CentOS)
Age
1546040
ETag
"16f3a-54da7c90553c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33449
jake_test
Test_Pass
Expires
Thu, 05 Aug 2021 15:56:38 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame C2EC
206 B
217 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a39db460764f4b7faf2513f5dad3897f2f293777109b9d76f620294866db7a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame C2EC
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C2EC
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F515
79 KB
26 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2088e223a122cec51041f526f56d242ffd07f16a4bd7f66e794d0a788bfa9e0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 23 Aug 2021 13:08:55 GMT
server
cafe
content-length
26908
x-xss-protection
0
set-cookie
IDE=AHWqTUm3YotXxPe5QsTkqGqwzY-MSbNooBsk6R2tepdxU2PpEu4bjYgFRlM98omtOC4; expires=Sat, 17-Sep-2022 13:08:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 13:08:55 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame C2EC
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458978809797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:54 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 1E96
206 B
217 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.123greetings.com&callback=_gfp_s_&client=ca-pub-8275302107693664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
602645e9e1cc8f6b4c55133f84eb5d77ece53c91b6b46fce6d1f8e47a86a0a0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 1E96
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1E96
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8977
65 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6328eb0364e2cf7b87130ea869d659e72bed69f8df31fe99bec423f37e6f1a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 23 Aug 2021 13:08:55 GMT
server
cafe
content-length
25265
x-xss-protection
0
set-cookie
IDE=AHWqTUmgiLfnxSPmsF0qeCSt-iOkfmzD-b1s9a09LkS7sEZrp-6VWL3M2rQTll6nRNY; expires=Sat, 17-Sep-2022 13:08:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 13:08:55 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame 1E96
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458978809797"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27677
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:54 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame C80F
116 B
871 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d81386cb76a2f803a6a7674bab45293bde918693a683a583ccd20f85619df9ef
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
ZRH50-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
116
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 23 Aug 2021 13:08:55 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
iwJ8LBCyAtbNqHkXzGqd3tmcLECArUFPsXHowZr9pTvDuNRP9v2lQw==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
2600:9000:2190:c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 23 Aug 2021 13:08:55 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
x-cache
Miss from cloudfront
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
wsaXrY4OiuABsFrSYorRv6lmwVu3-b9zhecmY5QBqYjx1LUVRSSPqQ==
styleopt_v2.css
c.123g.us/css/ Frame AC68
45 KB
9 KB
Stylesheet
General
Full URL
https://c.123g.us/css/styleopt_v2.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9

Request headers

Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 03 Aug 2021 02:04:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Feb 2019 10:50:09 GMT
Server
Apache/2.2.15 (CentOS)
Age
1767840
ETag
"24665-b2be-582511f153a40"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8955
jake_test
Test_Pass
modal_window.css
c.123g.us/css/ Frame AC68
29 KB
6 KB
Stylesheet
General
Full URL
https://c.123g.us/css/modal_window.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de

Request headers

Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 14:17:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2017 06:58:15 GMT
Server
Apache/2.2.15 (CentOS)
Age
1032666
ETag
"746b-54da7c8112fc0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6107
jake_test
Test_Pass
Expires
Thu, 12 Aug 2021 03:20:02 GMT
print_card.css
c.123g.us/css/ Frame AC68
3 KB
1 KB
Stylesheet
General
Full URL
https://c.123g.us/css/print_card.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/fcp.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969

Request headers

Referer
https://c.123g.us/css/fcp.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 21:35:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Mar 2017 11:40:54 GMT
Server
Apache/2.2.15 (CentOS)
Age
1783999
ETag
"246bb-bbf-54a227c0b1d80"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
824
jake_test
Test_Pass
css
fonts.googleapis.com/ Frame 1C54
3 KB
578 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 12:33:36 GMT
server
ESF
date
Mon, 23 Aug 2021 13:08:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 13:08:54 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 1C54
1 KB
937 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1131
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 12:50:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 1C54
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
328
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:03:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 1C54
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:06:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:06:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1C54
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 1C54
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:05:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:05:28 GMT
b0b7c8cfc8b22cb6a71ecf22b35577d4.js
www.gstatic.com/mysidia/ Frame 1C54
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b0b7c8cfc8b22cb6a71ecf22b35577d4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 04:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Nov 2021 13:07:28 GMT
css
fonts.googleapis.com/ Frame 7781
3 KB
578 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 12:25:03 GMT
server
ESF
date
Mon, 23 Aug 2021 13:08:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 13:08:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BB98
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJhsu9dd5CnSox5vyflcsvGXpFmYtpzrnY0tHeQfsDxLc7ROg87_F-cbmuuNY_jAHV1GIozXa4Rx_IZ_-iCpb_6grF9oxID6dl8jeNAKkDB9q0tSJNDcgtsU-rdeCerYLCrXJlfqiPLl8NHSjMFE4n7KKvs-_KBP8QSN8F2T10xMbtgcpTIvN5-jiustwjEGsJUSwqpScUIjigf1eBEAH40fKFQA8fGNmrq7ewL9dBLeIfbH4afi6OydvPtarbVQqafLHPt1N2XPOCi-TvWL5d7a3Sdn4f2W5tDA_3lc7bIlGfcSwWxlf9wAcBtETacSxke6VoBPboH0ylH0O_pBej9iyElg&sai=AMfl-YSvFOae9VJVwnT4X4fN1qOcpmzbV9O6XnvwER-ismgwRH8zYg2mEpTEuxZKvrDvRPFZONoiuXdUUXR2WKu4jNDHNSH61RiytKMyUbVN8swNGzmZr1vAaz_wjdVnrac&sig=Cg0ArKJSzLwf3oDdTo9QEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BB98
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d300b762d8d56a7f5e4e4143e64510cab36eb5a990e525ba2a2f287f2fb273e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8433
x-xss-protection
0
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 7781
1 KB
857 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 12:50:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 7781
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:03:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 7781
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:00:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7781
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 7781
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:03:22 GMT
b0b7c8cfc8b22cb6a71ecf22b35577d4.js
www.gstatic.com/mysidia/ Frame 7781
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b0b7c8cfc8b22cb6a71ecf22b35577d4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 04:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Nov 2021 13:07:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5AAF
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVAwe0nxVSUJxhHQEuwf4TB08e6HYUs02rAVKWHBDqcz4IdaCXJH83Zu9sMf0cKrfOqYyHIRRS5Xwdj0BLbiiyaCGjLZrKHyn4J7Ri6IqwgxA0SMecf7fCbUNiy24UAZwlAW6S0D0i8d4tMv2yg8bpfSNXVGCg5cYTKPz0miNRsuiJ3RtAh_nBgtroZw1YHjyWvv-CxvZEeYCW5nd5ixcwN1TMZGRPlBNzEndX8vieIrdla5DPgpYsCW4UOS_NSRpjoSWSQvVEgKGHP8XC5Kp4ihZwVnfNpAS7bgD0MZcp4n_TuaEDa9sg4GCLJ9uNSS1VyJIdazeVtmFdnKzLKh5d&sai=AMfl-YQnqOmgqedm_HUIZdR-UzLO1e-Rjr92uAgFd82KXXq3bzwB2bEJtxWNQ6Ku6I7DaKFEkAyCZY5n45e2-c8h0fILilgQndigMzEVYKVnh3PhgqtvdONoBpF5w9WMVbE&sig=Cg0ArKJSzEJWIe7sHML5EAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5AAF
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
529c68f2c05d1b0f201eb43556d98c01fbc3f58a4c896cc82f229d58333b2e96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8559
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame A462
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmVgGp86W83k61r8Em2R724Dy_bYNzeKw7qiHpEUaHptxFYgEZa0QElLXi2Cmg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 23 Aug 2021 12:42:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1C54
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7cbc6b3b892ef40aa06c3a87b2d40688662db348be7623e6bffd50db8ad0150c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BB98
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5AAF
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:55 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C749
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmgiLfnxSPmsF0qeCSt-iOkfmzD-b1s9a09LkS7sEZrp-6VWL3M2rQTll6nRNY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 23 Aug 2021 12:42:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7781
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e311967bd2169b557358661ddc594137207a274ada1aa5060fc63165063286ab

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 1C54
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:32 GMT
x-content-type-options
nosniff
age
479243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:01:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:32 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 1C54
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:15 GMT
x-content-type-options
nosniff
age
479260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:00:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:15 GMT
css
fonts.googleapis.com/ Frame F515
4 KB
617 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 12:51:27 GMT
server
ESF
date
Mon, 23 Aug 2021 13:08:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 23 Aug 2021 13:08:55 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 7781
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:32 GMT
x-content-type-options
nosniff
age
479243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:01:04 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:32 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v35/ Frame 7781
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v35/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 18 Aug 2021 00:01:15 GMT
x-content-type-options
nosniff
age
479260
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 00:00:52 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Aug 2022 00:01:15 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame F515
1 KB
857 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 12:50:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame F515
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:03:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame F515
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:00:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F515
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame F515
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:03:22 GMT
b0b7c8cfc8b22cb6a71ecf22b35577d4.js
www.gstatic.com/mysidia/ Frame F515
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b0b7c8cfc8b22cb6a71ecf22b35577d4.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 19 Aug 2021 13:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Tue, 17 Aug 2021 04:05:51 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 17 Nov 2021 13:07:28 GMT
9492802495502415615
tpc.googlesyndication.com/simgad/ Frame 1D51
53 KB
53 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9492802495502415615?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkwpeq0XorrzGWXSeIU-7XAhd7qhA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c831783877cf0dfece90797ae797427d74cfe9a280b4475248de3decc86a1e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 12:48:03 GMT
x-content-type-options
nosniff
last-modified
Wed, 22 May 2019 08:30:55 GMT
server
sffe
age
519652
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53762
x-xss-protection
0
expires
Wed, 17 Aug 2022 12:48:03 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 1D51
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:03:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 1D51
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:00:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D51
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 1D51
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:03:22 GMT
l
www.google.com/ads/measurement/ Frame 1D51
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9Q3E04AVc5tQ_828FWgWjkQFcl8qlL0qZ4xImBDO7UcV447i98BWfnYS3JrUslq6sBOnl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 1D51
26 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 11:30:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10743
x-xss-protection
0
server
cafe
etag
8915488205478863544
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 11:30:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1D51
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CiZS65p0jYcbmKM6v7_UPhsmRyASWqsbRZNG1r5_DCb_hHhABIIXskgJglQKgAdrxgfUCyAECqAMByAPJBKoEyQFP0D8BUJEFzJe_-ZFeFj4o9D1KxSWIom5InVUgA_l7czX_wZP_rfV3XJAEnuvYv046Ufs2lzmGnfg0gOYf7x4Xzyq9VJMHhbshWACpv0ncuuJjSVUd7iSl4LW384lM8z1PkY8js5MTYnG_04BXhrN2ln9z5bfPHTqHl_FkYO1jYdSEif4E1CWh881DWkggeQqk4xIk4GJoZc6LTx3CLj5Zm4KhWBdTqTIxLHosLEiAV06ppAWZKkpPqO7Pio0Yw-Acf5TrPwpq2WbABL-xvuuHApIFBAgEGAGSBQQIBRgEoAYCgAeOjv6KAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCVmQLSCAkIgOGAcBABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItODI3NTMwMjEwNzY5MzY2NBgA&sigh=9YKwkZ15Ibs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 23 Aug 2021 13:08:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 265A
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 23 Aug 2021 12:21:59 GMT
expires
Tue, 23 Aug 2022 12:21:59 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 3F53
783 B
760 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1e0fd336c5f4de6d70af82e28401ac82f47bd3654ee18ab6e7590c3a6f0049ff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I19zKCtgliuPjyUwIT21wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=Q37KIBOHCuG_XWdFKYi-o-JDxz2WVGYqAnuFXq0RWEmU31xfI8VuDgEY7yyYFGUWqL_BBLzasqJJ_uY_8sn_CWnVH1BL-bBPLkLq9ZsE3pbYOo0-JYcxXCu7xUN96QJa17jbSAwhy1t55dOSejr2XiOTaH6QRHt6WaMB1yTiw0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

expires
Mon, 23 Aug 2021 13:08:55 GMT
date
Mon, 23 Aug 2021 13:08:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-I19zKCtgliuPjyUwIT21wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B33C
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 23 Aug 2021 12:21:59 GMT
expires
Tue, 23 Aug 2022 12:21:59 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2816
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F859
783 B
734 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8ea7f2f636150833a991bc985fbb219d85e6ed4d13cb2edffe425931352bc897
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BhsVghmErFw/knQ6e3cXOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=Q37KIBOHCuG_XWdFKYi-o-JDxz2WVGYqAnuFXq0RWEmU31xfI8VuDgEY7yyYFGUWqL_BBLzasqJJ_uY_8sn_CWnVH1BL-bBPLkLq9ZsE3pbYOo0-JYcxXCu7xUN96QJa17jbSAwhy1t55dOSejr2XiOTaH6QRHt6WaMB1yTiw0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

expires
Mon, 23 Aug 2021 13:08:55 GMT
date
Mon, 23 Aug 2021 13:08:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-BhsVghmErFw/knQ6e3cXOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
video-loader2-cr.js
cdn.avantisvideo.com/js/ Frame 06AE
131 KB
39 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0800bed438f39e8f6856cf1ba978cdea20c7a088caccb50ac1815dcf2d12becf

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
PffpQSqODZkxbQFSTkt0W.r_WUA05DB7
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 08:37:44 GMT
server
AmazonS3
age
3490
etag
W/"ec696319abe2c531dd13e886184ad8a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
date
Mon, 23 Aug 2021 12:10:46 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
onLW2UyJeJ9RE18L8v6qubcSnvtsfS2okrj4oVfsthlLrZGYaL66bw==
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ Frame 06AE
131 KB
39 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef4bcc0e3e3ad9f45a206ca105d6fe43459678367c29b25ca13b84fd5e9dce4e

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 17:22:43 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 08:24:52 GMT
server
AmazonS3
age
71172
etag
W/"21fc46c622cc863b1c3f5ab3ae9074d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
PgUIDJV2w4bG0WqJ5hymme__BvMxVw09
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
n_aytUpZAAfIgWWVGrXz8JupuxZKQQZITHLTHh7pVjXtsR8dsswQcQ==
adview
googleads.g.doubleclick.net/pagead/ Frame F515
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjmN75p0jYZrdLdTH7_UP2vCgqA3bn6KCZKulxebbDY2A5LbrAhABIIXskgJglQKgAaa4meYCyAEJqQLnp1yYm6yzPqgDAcgDywSqBNQBT9CtmgqDlbWMzj_kCrxH15krtGHDxFOC6HnczsABUTbee_3eknTgsuRCWxjZM-tvQSUnNRV5dr4gtRInXCJb8Mb8X-w3R7WJKIu5hGM35XPDUOm0ktIn2R3qerv5cH5s1RIpc-70VbWMMAryWieeReuo4p5-hDQ_zFYGUyfrqAuWgFwOVot835krZ_JOZax36QLc-W4W-80kZDYNHp8BRm8yt4PZqwSRZeo6brZ7nalFwvPy8yrfXhw2e2-sq5-LEJ6Tat_NR3KZdQ3DAW-_XCY_2fvABPro7eDOA5IFBAgEGAGSBQQIBRgEoAYugAfCx-aZAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCFswXSCAkIgOGAcBABGB-ACgHICwG4E4gn2BMM0BUBmBYBgBcBshccChoIABIUcHViLTgyNzUzMDIxMDc2OTM2NjQYAA&sigh=BjtnKxWiFVE&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 23 Aug 2021 13:08:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/4709116990573696578/ Frame F515
18 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/4709116990573696578/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d5a1805248cc27514993c66668a475e9c0f86a2b634d77139d1b130668d6ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 06:36:47 GMT
x-content-type-options
nosniff
age
541928
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18287
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 12:15:15 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 06:36:47 GMT
truncated
/ Frame F515
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
016c2c0accbbe81c1f60a0f1e04ef069a58be9c70dcf46cc2703906a8acf5325

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
7573583222689493913
tpc.googlesyndication.com/simgad/ Frame 8977
43 KB
43 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7573583222689493913?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql1Gus7Fapteg_4Ci9NuJ-d4Ho3hQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a5d9ce4bec12be00c877fc48c5fa374de33216c66166a4319079be9e57afca5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 20 Aug 2021 14:53:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Jun 2021 02:43:49 GMT
server
sffe
age
252917
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43813
x-xss-protection
0
expires
Sat, 20 Aug 2022 14:53:38 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 8977
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
329
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
11770686601635027189
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:03:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 8977
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
525
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:00:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8977
124 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1629458990649126"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:55 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 8977
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6205
x-xss-protection
0
server
cafe
etag
3431872159862141604
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 13:03:22 GMT
l
www.google.com/ads/measurement/ Frame 8977
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSykPd5xn73KcuQrCgTrC9f2ZpxpMYTckuMAPJ--aHrL8UuGvspgaOBBW5dovJOMoY4CU7K
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 8977
26 KB
11 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 11:30:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10743
x-xss-protection
0
server
cafe
etag
8915488205478863544
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 06 Sep 2021 11:30:17 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8977
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CnFHq5p0jYe3bM5na7_UP94iriAOfsNq4ZNP0jbz6DbCQHxABIIXskgJglQKgAfGD_ZUDyAECqAMByAPJBKoE1AFP0J2m4H-Q-0gz3iZKCVR5IRYXwYjIkVg6QDqzIEtDJFEMMp0YMI9HC1ufd7khY4Kts0QlC1HTTHf3vRVXbz1WWTr9bEVBMGwNUAODbXNj9O99k7xBdhCkp18zgnQI06T4udv6y7XemQuyeSXlc_zeIUrFnqg8hjj08qmzMznsTXO_tSn-iMAzbgb2RkTx7ap0-f4rqRm732Q_OWBs3FY-mItGEU6JpqG-wIzsohdv5GApr8j0DMELMWq0j4vH9HLA8DiBz9Vfsuz-7nrEd9Ape_689sAE2dy2krACkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB4XtuWuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQuaAD0ggJCIDhgHAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTgyNzUzMDIxMDc2OTM2NjQYAA&sigh=sadXj01ABAw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 23 Aug 2021 13:08:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 811B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5Iu0kPhJtmSRWRruyT6HQUASXGD-XuXhFy7kkIEgCz6x1lJLywSqQQcDHvszARcVnILCVUOV1YnUtMnOmYN39ly61O8ae70Le3-2gUI-cKt4llIhxWx46SwJ8LF3BM1uBOjVVrkmkDJXKa6llBx3CSjjmfeNT_IadN3wojajkzr8oGeLnL8fIH8Y3viyAmb9futhUt0JPVaCCzW_uP7xQKyuEMNOcrikRe-ga-eAeOwDSgDdfTA_TRJCcFkfbRq9g65Lzx_RYFtVJiZtngGFFOiUfbUPIuX2iKkewb5SliNLPhc5b8xXNCOcVIvla7xdKITucMxXb9huUbhE-HJKNLg&sai=AMfl-YRkQjMySWf2ZWWU1ZVs6DOvaFQhWDFQFipEOTR3Tcp5yfgo1HIUDLL9dLaYsGhnyKHVoIREm5-xGXiVWBlBJcxyMpDbrf7r_DfxGFFg1J6LEx8iMdiTnpv66_NKvI4&sig=Cg0ArKJSzDs4cinUvwS6EAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 811B
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
730bc75426e65dcad3195f292c84ed448433b250d9f5101cbb59c92f8a294946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8555
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4DF1
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmgiLfnxSPmsF0qeCSt-iOkfmzD-b1s9a09LkS7sEZrp-6VWL3M2rQTll6nRNY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 23 Aug 2021 12:42:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F515
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4a838063ed7125e6c3372d6d0cf2a3e14b5a56731ff09b5b6dbc72ab9305172

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1D51
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80ebd3a754ff9556e65230e934a5d57246f12166e157e654ed6e514978cf4a0f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame A462
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmgiLfnxSPmsF0qeCSt-iOkfmzD-b1s9a09LkS7sEZrp-6VWL3M2rQTll6nRNY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 13:08:55 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 23-Aug-2021 14:08:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 13:08:55 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 13:08:55 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F515
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 01:12:52 GMT
x-content-type-options
nosniff
age
561363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 01:12:52 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F515
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 17 Aug 2021 06:52:18 GMT
x-content-type-options
nosniff
age
540997
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Aug 2022 06:52:18 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 9FE7
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=600&slotname=6941916332&adk=3196990230&adf=816031644&pi=t.ma~as.6941916332&w=160&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133614&bpp=24&bdt=246&idt=696&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&cookie=ID%3D660bbe53088eda4a-22276cb8b0c8009b%3AT%3D1629724132%3AS%3DALNI_MaRDYGwST-qG7699Jsd9Besp2zmuA&correlator=5126043630996&frm=23&ife=4&pv=2&ga_vid=708204877.1629724134&ga_sid=1629724134&ga_hid=576333159&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1114&ady=236&biw=1600&bih=1200&isw=160&ish=600&ifk=1116674942&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C21066434%2C31062179%2C31062297&oid=3&pvsid=1985517448012236&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.z521utehrrf&fsb=1&dtd=716
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 10:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
8379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 10:49:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8DC7
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqcR5U6FvWRFPvfObjsHrqje_Q8ANgzp0YogcRX1D23J9JTY3NRJbD4oKqKGxuL-PVKP7fASgL0AMxs2PnSP1LnSIKzqAF4kvHY1B8ymYypwmSptKyj30h4KUPjAO7c1fKDDur5ugsDnKhp_szpfAUO9ocXN2MJtzOnlP-9qgKD3KkKagyJA8sDSYFbEDNc2P6u7ZcFHy0JIqFgO5HEuSHKzIw54YK5xtzfUTipYcC0AnKEqRZB17ecKLuO3MtLBu8p-U6bfGwGAVnlB2RRmJpFHXoy2wLrXkhvWrgP1ccaM-PJ7ieNrNcfZVWfyOBF1UMm1ahF_aELS9T-W81z7PRJmJI4L5J&sai=AMfl-YQuXNzJhw-EMXqR2L6sF7Vog18gr-CxN7RIP2ZyJ2yG02d9dm1q6EzT3RsEchH8pLBmftgSQx4GYtVn7cVPHVSQ5tnkO3Iyy7fJBhTmIEPV-kaYUmL4ERwzpjGawJc&sig=Cg0ArKJSzI2NR9J284uGEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8DC7
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b6c786dd27c273ef3d6ea242ecb8b7717de0f68e44bcebf6e606b3597162cc86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8633
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame B9EB
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmgiLfnxSPmsF0qeCSt-iOkfmzD-b1s9a09LkS7sEZrp-6VWL3M2rQTll6nRNY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 23 Aug 2021 12:42:58 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 811B
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:55 GMT
video-loader2-cr.js
cdn.avantisvideo.com/js/
131 KB
39 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0800bed438f39e8f6856cf1ba978cdea20c7a088caccb50ac1815dcf2d12becf

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
PffpQSqODZkxbQFSTkt0W.r_WUA05DB7
content-encoding
gzip
last-modified
Mon, 02 Aug 2021 08:37:44 GMT
server
AmazonS3
age
3490
etag
W/"ec696319abe2c531dd13e886184ad8a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
date
Mon, 23 Aug 2021 12:10:46 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
GHadAQapK5S20kiEiLMpG6VV7CTT7dphSVc2_Wi5Nd9TCkAhqwTB6Q==
video-loader2.1-cr.js
cdn.avantisvideo.com/js/
131 KB
39 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef4bcc0e3e3ad9f45a206ca105d6fe43459678367c29b25ca13b84fd5e9dce4e

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 22 Aug 2021 17:22:43 GMT
content-encoding
gzip
last-modified
Wed, 04 Aug 2021 08:24:52 GMT
server
AmazonS3
age
71172
etag
W/"21fc46c622cc863b1c3f5ab3ae9074d6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
PgUIDJV2w4bG0WqJ5hymme__BvMxVw09
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
H_6RDdNkPxygyC7MKu50TqKklpWBlg2MUE_2r57yzYuuEVta1uZoGw==
truncated
/ Frame 8977
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed803b366eb23b6b07413dc766d262ccd1238c712acf3f80019b47e0c7b68209

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame C749
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmgiLfnxSPmsF0qeCSt-iOkfmzD-b1s9a09LkS7sEZrp-6VWL3M2rQTll6nRNY; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 13:08:56 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 23-Aug-2021 14:08:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 13:08:56 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 13:08:56 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame C2EC
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyVt6Z0Jcv41g0Xjb1JmMgme83i0EmtJY-pF_e1r1a52I9xFXkT0-e7Xqf5Lzg8X7fq6KSzp7xJA-HFko9mmgD1n0X8vVbxeWRGXzDRG9XCMDaPHkQJoXFjIvGqj9-nDhsbD2EWLtdHaQW_F2Id_O6wAYOV_jxh1zY1HLmiF2bw59Y_sjBzugxFhPGXCqTNWUujSqUErOB0oa23Ofgq9Kzdoatv2ifTXzyDtwd4k3zI_RNzU1sT0y7FwCuD42tqkXv71aKK-ciPO5tzXbs6C1KKcjm-ZjG5IYb7rn4v30fkeUXuHeMCzf8e1mNUjCLnhtr7GzBgUg8_UFcxZr05PB1lzva38ApI2s&sai=AMfl-YRNPS6CgLUgDn-HP5AXhKiI4EUCbaxzJrlUXc9G5N_sYP3Ghf7HPvTFEGlDJBQjs_rpDdCOv304tdF9KkBwDbwDj86qzHNsmGf4PWMNTIPJD6t5iiWxyOARjHtrJHA&sig=Cg0ArKJSzFltXTMlVR_FEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C2EC
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a88c2dda67fb3fcc0a4d28cd3bf815d90946f0545f1c98b96e8d909abf6702a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8519
x-xss-protection
0
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 360C
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4627517680249670&output=html&h=250&slotname=Google_VideoMrec_16069Z&adk=2557105816&adf=816031646&pi=t.ma~as.Google_VideoMrec_16_&w=300&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724133848&bpp=10&bdt=419&idt=679&shv=r20210816&mjsv=m202108190101&ptt=5&saldr=sa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1576261477.1629724135&ga_sid=1629724135&ga_hid=923396148&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=495&ady=535&biw=1600&bih=1200&isw=300&ish=250&ifk=113468121&scr_x=0&scr_y=0&eid=42530672%2C44747621%2C20211866%2C31062297&oid=3&pvsid=779946145868637&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.lgb6tvn0bnop&fsb=1&dtd=702
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 10:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
8379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 10:49:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8DC7
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4627517680249670&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:56 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 2E3F
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=6758591990&adk=2237575053&adf=776186319&pi=t.ma~as.6758591990&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134218&bpp=2&bdt=766&idt=499&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=1511364485.1629724135&ga_sid=1629724135&ga_hid=2044136588&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=968&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3253058642&scr_x=0&scr_y=0&eid=42530671%2C44747620%2C20211866%2C31062297%2C31062093&oid=3&pvsid=949676552228426&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.l64grn1dlf8w&btvi=1&fsb=1&dtd=511
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 10:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
8380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 10:49:16 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame DAB5
42 KB
42 KB
Document
General
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038

Request headers

:method
GET
:authority
cdn1.avantisvideo.com
:scheme
https
:path
/connect/u_d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

content-type
text/html
content-length
42560
last-modified
Tue, 30 Mar 2021 10:01:49 GMT
x-amz-version-id
Ftlos22uEwPvOcBw5odXpMxKfkl_0T1Q
accept-ranges
bytes
server
AmazonS3
date
Sun, 22 Aug 2021 17:39:08 GMT
etag
W/"f5694815436f3e426c35d9ae8274ad04"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
o4FprdogQ4FQqq7Nud59vgnPMUGa7jBwL3ftjBKiLyFJO12e9Eav7A==
age
72693
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 024E
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 23 Aug 2021 12:21:59 GMT
expires
Tue, 23 Aug 2022 12:21:59 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B930
783 B
529 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
91619da50e9566f5e5c50bcf7c89722f430898688cb76674bdee4466a4878d40
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9chnmh0lCIl/od/wGQ/e0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=Q37KIBOHCuG_XWdFKYi-o-JDxz2WVGYqAnuFXq0RWEmU31xfI8VuDgEY7yyYFGUWqL_BBLzasqJJ_uY_8sn_CWnVH1BL-bBPLkLq9ZsE3pbYOo0-JYcxXCu7xUN96QJa17jbSAwhy1t55dOSejr2XiOTaH6QRHt6WaMB1yTiw0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

expires
Mon, 23 Aug 2021 13:08:56 GMT
date
Mon, 23 Aug 2021 13:08:56 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-9chnmh0lCIl/od/wGQ/e0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 5AAF
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3AlnATGzA8BWrUIE9NDDnQGhFoUsWS5Ei04FyVYuRqhfzLElmNK9x2DWt0QFrOm9pHGc1p3PVnAnniUj0pCyZrWvPKowwSjU1pLX-UHda2lXJhrZH&sig=Cg0ArKJSzMPWGZAWD93dEAE&id=lidar2&mcvt=1086&p=47,560,137,1288&mtos=1086,1086,1086,1086,1086&tos=1086,0,0,0,0&v=20210820&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3337616149&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629724133379&rpt=736&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C2EC
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9AF4
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssErIcXQLunBe7dxh6eCDzs3ItYZKu8PxXUCwvpF-UtG2f1mKqu1X1WXWen8L5cuADmCazkhepNvNpBQQ0cG3fssP2Lbuqp7_qqjJHqtbAY-cqphhKtusMqFijgsM5zSt-eVqJMw8c9IYWUO_OXy_I3myHZOvXouHwUTs3P9m-8tKj9voHcAWWPaKK5KREkLRLr_BBZgj4A0BJylGhk1Cx7n6EvSDOgrs02_r7BaowVwE3QVvio39chISZOf2Ov67sF-5piKVBEAI5jEmMMCRiGxh1iVwrioUnuthg9qxd6IllZPiwbP5QeggdM7justqrAuyqCFxTglv5MEbcaVuoCQaw3mttb0xs&sai=AMfl-YRaOX5AzJ2kziKhfMtLEsHNyLsAMDWbh-2ZG7jAtqXTs441_JkZQeJ2HWZ5ZR3WH1B2EbYoG2WAFGQeUAxR7srIkLHTjFSzmCl0SneSkC5LMgwByM1OiZ4a3BajyBA&sig=Cg0ArKJSzE6OpWZtRV5qEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:56 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9AF4
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f0da630b841fa023fccc46750cfd2599ee2a6dac6c2778d0236cc8304f282c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8457
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4DF1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmgiLfnxSPmsF0qeCSt-iOkfmzD-b1s9a09LkS7sEZrp-6VWL3M2rQTll6nRNY; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 13:08:56 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 23-Aug-2021 14:08:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 13:08:56 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 13:08:56 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame BD55
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=4746865695&adk=4230444000&adf=776186313&pi=t.ma~as.4746865695&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134157&bpp=4&bdt=722&idt=474&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=2041545080.1629724135&ga_sid=1629724135&ga_hid=1226706114&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=332&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=274163033&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C31062313%2C31062297&oid=3&pvsid=989064008868545&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.al8zd6zgubxa&btvi=1&fsb=1&dtd=488
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 10:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
8380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 10:49:16 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 265A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 10:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
8380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 10:49:16 GMT
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame B33C
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 09:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
11825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 09:51:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A8F8
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 23 Aug 2021 12:21:59 GMT
expires
Tue, 23 Aug 2022 12:21:59 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 442B
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fe36b7009115550cdeb81ea112eebe3a124453434f8cccff83e62732548c40a3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-T3l8XmfBCdmfyK67InjtTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=Q37KIBOHCuG_XWdFKYi-o-JDxz2WVGYqAnuFXq0RWEmU31xfI8VuDgEY7yyYFGUWqL_BBLzasqJJ_uY_8sn_CWnVH1BL-bBPLkLq9ZsE3pbYOo0-JYcxXCu7xUN96QJa17jbSAwhy1t55dOSejr2XiOTaH6QRHt6WaMB1yTiw0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

expires
Mon, 23 Aug 2021 13:08:56 GMT
date
Mon, 23 Aug 2021 13:08:56 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-T3l8XmfBCdmfyK67InjtTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9AF4
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1E96
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGn8Gfv9DUoSCk39D0UIa-Xk_Y57AKVwZXNSIa0EyNVsFBoumyL_tWiSYlprDA6rdmHWKbBNPgZJ7lk2l5K1vOOcGmYD9uORzE4vN5l26Uj1HUNl6KxPPNTt_rMN_AvCSiBuADOjFKcU5WjEjvpyVuWJmUH0PfL0n1fPSLGabzTvUe7VgxRTrKjwwKvITt4LKtR4ntpo2dm3YuhaQIAW1y11Gu5Jben3RDjJtvDttD4FiVhWQp6zR22CcyBAKpaVfzbOmaoOm6pH_YB2tehiMtzfLkt4vKa8b4sx79dEelBUIwBgWCHdb1B32aJOREp-0nzQCdl2-gCUXx9WwQJKwDnZ_mKysF6a0&sai=AMfl-YTp8GB3ILitapYsM02wlkbVwUN8KHyC2KBEwB--1dTKyRPdGPdkVi3po3jq-shH1CtfCU319jIQ_AVsx4VSFWQEnvikQfHLpx5HZuHUFGjA_6pyZs2z9Acv9vb_dC8&sig=Cg0ArKJSzMAYUhShn2yCEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 23 Aug 2021 13:08:56 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1E96
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
b3a469ecf40c321ba7f007e80a52f75dc8355966061a1866cd0b464d1edbcee8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8557
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 811B
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOCGV4mJAmAC2geUNTq2vgBnZreiJNCz6v4_3nNh0_Wf3mk4OiDUWTwGV2SYnrIS4nDtf4Jk75X9uvpN6942f215Dvt-Tanh3w2IWEeveTVu2030Oi&sig=Cg0ArKJSzNJj2hu7-r8UEAE&id=lidar2&mcvt=1109&p=236,1114,836,1274&mtos=1109,1109,1109,1109,1109&tos=1109,0,0,0,0&v=20210820&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1542450727&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629724133391&rpt=728&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1C54
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-bh2ew_v9pN78_ib-p2EWSPFfysD86CwWxEyFdcUIJRXsONt_nEeZk7WASyqqhkW3mXb11IW_TdLJ_CIUdRZH4G31JVh8KTPn2Jio9rivURzLOkoVujtFQS15K2-tIYlMbMTn0olmqW4pzkiIkhRaIg&sai=AMfl-YSnP4v_PQkJaI-2KWiMAYQm3cc5J3O8q0fQnM5KmugbbMuXy5NLk2Xnu48JMMr5Nb1ntoE4DQTlAtGpBtg5YEuorBgqo7K2NimlXO_13Y2tsyODT-sIYBuXWeY&sig=Cg0ArKJSzMqD_SDnCVhhEAE&cid=CAASPeRo-GVXjouqtJlO580M3tY46m4HQKY9OXP5EFbvR7n4nas967cEOOfN2dueJ0mMBulEa3NaKb3ntuO8NuE&id=lidar2&mcvt=1111&p=0,0,600,160&mtos=1111,1111,1111,1111,1111&tos=1111,0,0,0,0&v=20210820&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3196990230&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629724134335&dlt=377&rpt=973&isd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame DAB5
116 B
870 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d81386cb76a2f803a6a7674bab45293bde918693a683a583ccd20f85619df9ef
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
ZRH50-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
116
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Mon, 23 Aug 2021 13:08:56 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
Eijr3Ldb6-62RjJ-JcWjw-3mwHSaxB_Z2-vZbs8y5J-Kq-T1wstZNQ==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Server
2600:9000:2190:c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://cdn1.avantisvideo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 23 Aug 2021 13:08:56 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
x-cache
Miss from cloudfront
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
wnI37X71od-PiZFUqTGqZ2yHKcIZI9KP1d8cdPZzESEYWDrcrbhlaA==
si
googleads.g.doubleclick.net/pagead/drt/ Frame B9EB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUmgiLfnxSPmsF0qeCSt-iOkfmzD-b1s9a09LkS7sEZrp-6VWL3M2rQTll6nRNY; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 13:08:56 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Mon, 23-Aug-2021 14:08:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 23 Aug 2021 13:08:56 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 23 Aug 2021 13:08:56 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 7B7A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8275302107693664&output=html&h=250&slotname=1988840414&adk=2755898570&adf=776186312&pi=t.ma~as.1988840414&w=300&psa=0&format=300x250&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629724134228&bpp=1&bdt=785&idt=528&shv=r20210816&mjsv=m202108190101&ptt=9&saldr=aa&correlator=5126043630996&frm=23&ife=4&pv=1&ga_vid=533589875.1629724135&ga_sid=1629724135&ga_hid=1276901329&ga_fc=0&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=1559&biw=1600&bih=1200&isw=300&ish=250&ifk=3636226836&scr_x=0&scr_y=0&eid=31062314%2C20211866%2C31062297&oid=3&pvsid=2678349729214706&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.363e6b1mr61q&btvi=1&fsb=1&dtd=597
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 10:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
8380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 10:49:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1E96
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:56 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7781
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrqt1NcyeQMa5P1E2EL8dA4gZV0pRm4m_PzbDS1FCJxmebOrChu2BroeXqNBTS2ruvXZddQKsFOf7HakS1MyxvwuxjX8Pr0vX1JzV4BCKS49YSk3J0FZ-vGHvNXw&sai=AMfl-YRTFjWfbErGMljq3liTg2tKbfb8ays59mDGicPX0BNCEp3bN-WITCjaqsCoOxujW3xOyMhWfelM_ZjJ&sig=Cg0ArKJSzIWK7lBTLYAAEAE&id=lidar2&mcvt=1035&p=0,0,250,300&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20210820&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2557105816&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629724134553&dlt=318&rpt=857&isd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8DC7
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjGNsT5j0TRonaRNxPgmAjs4hlUF5PKYblg5PR4sy0KdVcGVB-ifC2F9h5noomVFAdYY9H1d3iNqCccFSgQKXFsqEuWvM7XTP1olzCudfIV0rJ-iW0&sig=Cg0ArKJSzEueuA4QyoZ-EAE&id=lidar2&mcvt=1037&p=535,495,785,795&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20210820&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3714999025&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629724133461&rpt=708&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4DB2
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 23 Aug 2021 12:21:59 GMT
expires
Tue, 23 Aug 2022 12:21:59 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame F921
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e9faa86097d4247b080565b7efddfca848c4bd5ba404d215fdcc235a9422a3bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AwVTVtCc5JtJiootbKk+kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=Q37KIBOHCuG_XWdFKYi-o-JDxz2WVGYqAnuFXq0RWEmU31xfI8VuDgEY7yyYFGUWqL_BBLzasqJJ_uY_8sn_CWnVH1BL-bBPLkLq9ZsE3pbYOo0-JYcxXCu7xUN96QJa17jbSAwhy1t55dOSejr2XiOTaH6QRHt6WaMB1yTiw0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

expires
Mon, 23 Aug 2021 13:08:57 GMT
date
Mon, 23 Aug 2021 13:08:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AwVTVtCc5JtJiootbKk+kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame B2C0
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 23 Aug 2021 12:21:59 GMT
expires
Tue, 23 Aug 2022 12:21:59 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6B14
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55ea373ef58bd2a711a78b32290441199f4c145286f23b8b5876b27f579bf6a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Hc19WFX/LZIMmyG7yjj7vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=Q37KIBOHCuG_XWdFKYi-o-JDxz2WVGYqAnuFXq0RWEmU31xfI8VuDgEY7yyYFGUWqL_BBLzasqJJ_uY_8sn_CWnVH1BL-bBPLkLq9ZsE3pbYOo0-JYcxXCu7xUN96QJa17jbSAwhy1t55dOSejr2XiOTaH6QRHt6WaMB1yTiw0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

expires
Mon, 23 Aug 2021 13:08:57 GMT
date
Mon, 23 Aug 2021 13:08:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Hc19WFX/LZIMmyG7yjj7vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame 024E
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 09:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
11826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 09:51:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2A42
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 23 Aug 2021 12:21:59 GMT
expires
Tue, 23 Aug 2022 12:21:59 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 010D
783 B
530 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f5cd004f08957fc15219255834962ebb30583cf2a7111d377e720401171047f5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ITwsbM9eEY/tTExoGt1qVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=222=Q37KIBOHCuG_XWdFKYi-o-JDxz2WVGYqAnuFXq0RWEmU31xfI8VuDgEY7yyYFGUWqL_BBLzasqJJ_uY_8sn_CWnVH1BL-bBPLkLq9ZsE3pbYOo0-JYcxXCu7xUN96QJa17jbSAwhy1t55dOSejr2XiOTaH6QRHt6WaMB1yTiw0s
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

expires
Mon, 23 Aug 2021 13:08:57 GMT
date
Mon, 23 Aug 2021 13:08:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ITwsbM9eEY/tTExoGt1qVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame A8F8
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 09:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
11826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 09:51:51 GMT
/
events1.avantisvideo.com/
0
35 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 Aug 2021 13:08:57 GMT
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/
2 KB
2 KB
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&eu=true&country=DE&hour=15
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5010abc38d335ee8205f1ebf7d7c29fbc266076903263054feb2a070a16a4633
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 23 Aug 2021 13:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
ZRH50-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
0
access-control-allow-origin
https://www.123greetings.com
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
access-control-allow-credentials
true
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id
uLAc-O7aM2xbb8ke-E1jHb6_aOxH0G94o45oFD3I77jtPgJzsFcivQ==
t
avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/tag/1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&eu=true&country=DE&hour=15
Protocol
H2
Server
2600:9000:2190:c00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.123greetings.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 23 Aug 2021 13:08:57 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control
off
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
x-xss-protection
0
vary
Origin
access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers
content-type
x-cache
Miss from cloudfront
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
rDknNpuKdMtR4wM5OLRECncB_3tnPLVhrubdLnyoggBvjt1OH1MltQ==
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a17f6c5dc08fbfe625a54b8c0c8906367b1e0c4aefd4761fc0e53b047f863cda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8494
x-xss-protection
0
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame 4DB2
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 09:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
11826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 09:51:51 GMT
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame B2C0
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 09:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
11826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 09:51:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8275302107693664&plah=www.123greetings.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:57 GMT
2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
pagead2.googlesyndication.com/bg/ Frame 2A42
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 09:51:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
11826
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13268
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 09:51:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1CD1
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Mon, 23 Aug 2021 12:21:59 GMT
expires
Tue, 23 Aug 2022 12:21:59 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A64C
783 B
762 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1fdbdcba1848c280a2b22badce5f60cd7d249369aa21230cfd1d7178ac4291c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XocloVZR30H+QouIGkI0Dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

expires
Mon, 23 Aug 2021 13:08:57 GMT
date
Mon, 23 Aug 2021 13:08:57 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-XocloVZR30H+QouIGkI0Dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/
2 B
739 B
Script
General
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:08:57 GMT
X-GUploader-UploadID
ABg5-UzuRsLKTUnE2j8TsFca2KTLvRt8NxnctG4I2-AHPJ54zUAh9bpPAQfezSx8RQX9PoHELvXaxJL-R91NukoaSB8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2
Last-Modified
Thu, 14 May 2020 13:22:36 GMT
Server
UploadServer
ETag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Mon, 23 Aug 2021 13:38:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB98
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210816&jk=3837651663359202&bg=!j4yljMjNAAZvV8FTb1c7ACkAdvg8WstSCwHNj7A51YroBzd35HWEeROdr_nWY_jUXzSnsVwDqudkRwIAAAHpUgAAAHdoAQcKAB_XFBxLwFDSBG_ufCBOMGWi9qaNIjUq3qnoiGA6j1V6mQKdL11Uh0KyvCc6xptuEPSkMzvEJIoaMo4VX21r2N-9VhQ_4EnlnKtSWHbcK-ca3jfQBwzJ2vy0thoFXB1jvMWlTvZOjzRnEiz8QOswc0Obz8b-fkcUngbq4zMNVR7Oa9sjPwSylrHt8tO-rVrFG21GkQ1HIYyOyBfnivicUMt7p4PRrvckqXVIwn4eEhhdfJRfR2V0PT7ANGoTcFvcAnDTvX87pNdwh_TSYkCCM1kMvgUOWCf2oUzlXvjnuVub1da-L3l7t2Ah3c-4knAaGfvHDjHsXIVUfgCY-7arIIt99OZr7XprsVityjgg05LHDxhjfDNEQCkPT8-05HmZFSZugHwh6Vx4HqWaMaD74yWn0lfp1JL2adgJ3KoX5_F7Wcj0s_qHQIadbW_ybyE3TL72fYESSCe_At5avUAOIBVQLTga_vaZMidp-kBJOXE4ScA0LCKbfhd_hvxAyMNQEx_Ma1Uw_09PD4csgNSrECaSJ8CVcJ6UG5xMNFPkqVFTqaifL6tu7935aosuqZtgjKDIF1g6-F7lj46cywAWv7amjnO3hUF41A-tQMIxCKrg5IgPZFmVP9yxgKit3zBpRN3KSkgkrPO9oaVXAPkWVdgztD0U9tDqE2PjtrakxlfmIze4D5D6w9czdqH9XmMIk1gnyiiKE8w6JkIgr9GjOr6yhuA35lyLBlNRd0punKh1tnLyt-5JLiFjQgMOYZJwo95kyvAP2dfN_oQ8tzEtimhXNcActMTu3wV0n1sANXe3G5EREPSIUFw-iXwjZJhVOGjst7JMy7khVtdU2pWwmRXumjiUEj92z_jhv3wlRV-31jz2CpHv83rxYeHkGJtuK0v6JpOdeqvLpYb7Lwqk1RnaA1IRNKFaRu7shrPFsQEA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aniview.js
player.aniview.com/script/6.1/
25 KB
10 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/aniview.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
89c945017c3159fc9e65f930a9852bfb0e8a09d65472c4f8717c8d194c4c74df

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:57 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvqyLlzuZuVppveXMWgECRvID51vQ0wfqgSC1nPx3cb6eiPSCwAS0ZtnrQu6sNyR09VhfeI93uMqokp8VZWHiQShkDZbQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9181
last-modified
Wed, 11 Aug 2021 15:30:19 GMT
server
UploadServer
etag
"5c1ccd5f69860f6732abc89cb14f16be"
vary
Accept-Encoding
x-goog-hash
crc32c=DcJxmw==, md5=XBzNX2mGD2cyq8icsU8Wvg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1628695819202551
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9181
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 23 Aug 2021 13:13:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AAF
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210816&jk=2401984689895636&bg=!VFelVxPNAAZvV8FTb1c7ACkAdvg8WifoxAut0-OfI213kaC9ADx82YJIPCnRHdd4TYStgopHJjGMYgIAAAIrUgAAAHhoAQeZAq8b1iH84PknQHcEXNvUoqEtjYFFpDebTrdF36Tji4TbNXZ6hgL6M2Va_P-mdFr-jKEsHT404JWbXbRv_dkFZiSwm0StXTSLg3sLEAYWP0HSVLCd1wOESIStxZOBe2RcQchl6SXUJ3G-OK77Wc0ZvMXa2vC50xV5jHbAYTv1Gotuf8JcHNbsF8P3bAMhGK7w5Fd_hVaC5x4DNI2XK_7GhZjIaDnW8_cKik15LGcwHARK7OpNe-YCs_Tf_ndTHM58GDibsZEi1NQ658oC3BcT_08stzQepV_C-NgsPsGKpLb20jZ0Hj1s6g7F7YJGoWMQ5lqu-dMsyLe9cJ4Nch-BUI0cRKaVzOliFygyugsGoSBYUtuv8gns8ssgHB6auemZoaID5Ik1641hTPnsqIQkxCZLmEtbqIb4hk9myCiMrsQLm2th7wPMkLk4Z_Rcp90PCBe0HpaBPbzRjjeoiv2DXnMqZSmt6KyLyJBxFW45O6RuQXm1wrdPzHmeHNkx5A6sa5dYL9mbefA2OqzN9AlJXnxZBJj3BBtXsfHR3jtGvVkLkBUEB8jOWLrwN20isRhTfc9VNjMohEpGa9xHlGWUYYj6BqiMd2NfQmLiSi9Fj9LLBUhW7t6WXwPMXEqy6nu5EFf6UBAQ0Di_L6wvWeeQaeFEexwVMtOr8RRxOIAVXZEjqFORsGpJ0jBPthNs9eFeHZoES0MAREg-4LxfCrmru4v2a-t8zrhEzYuv1i7vMRUaXDXk6cRVNBwzQG24KnL2ZQHAVuIiDzk-72s77AOfWFQNx2hzzxixNz-aDU2AJTP_koF0bdIbT99HaE-xomtS5ojkYNfhDA80KkJldYWMFisr7IrNyI2fyHRRUVo2cEI7ePci9tGC66bEIW0bSH8kgpS8_1POMYuUeoZd5qvCcMk
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 78DB
344 KB
98 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/aniview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d4fd70934ff0f5ee1d0532a77b78824aa035865292c57d5f86baf08694cd03cc

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:57 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtPqR2ibDBT2iI2NCxGU-xY58YWtBLap4lv0co7ug0Aav5WiDPzL9kpaUiBj_F5QvBlOmXKko0n5LVv5PPVi4Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
99517
last-modified
Wed, 11 Aug 2021 15:29:34 GMT
server
UploadServer
etag
"ab1fcec5662af2cb034c8af0788d2e0a"
vary
Accept-Encoding
x-goog-hash
crc32c=qrX52Q==, md5=qx/OxWYq8ssDTIrweI0uCg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1628695774006555
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
99517
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 23 Aug 2021 13:13:57 GMT
ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
pagead2.googlesyndication.com/bg/ Frame 1CD1
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ESHX-PsTG84Fy6-bdaEnL5--1XpTzSOdL-kezmPtlCQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 10:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
8381
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13272
x-xss-protection
0
last-modified
Mon, 09 Aug 2021 14:48:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 10:49:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 811B
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210816&jk=1985517448012236&bg=!q6ilqOzNAAZvV8FTb1c7ACkAdvg8WrBCK79_EA5W8nXtNbFLP2w7ioFyoMBLq7hXrqKpdFIYV4QWOQIAAAI0UgAAAFNoAQcKADw2551P4G3vVRSWSouOB2-8FkEcfEJDby3Okk8alkyQ2vTfVF-Tr77Gzen2VflsWxjEPexjMkxz4UKGsVuZApI6x-79noiGCaA8UEWLoJnUqhGsLYFGYOj8jRtHpU2sHDA7UHfAhvbGE5FhgFgK_Wq_hcVHfKTI1KkdTw7PfVeCaOXSJM5BN1xPcRxwXXmFpOTtBgBGlj9wg7uHBkoWvIsyFsnqT2AhWpXMb7au6hBtZ8EiVLQDldIKP2hJe_vHJ5TNoWq_i0ssiDKsKbP9Cowzs7_ziZQlHLi0Jn8WupskEcupBU7GQqckCIqRdnQWV100EdmIlOf7WmdgzCKonmZfWuywMx98pkctA__OFGF_FiERqLyAx_N_L-Nk96noClWsfzhYZyHPDaS6KeZtGe-yceyvHNRirZfJ5WoENTTJ0RW1pFXcjYX9ie6gR7j-z6xWz8yNewrNPkqT2qks2ThjaOw9XwOj_8yjbLs7jFe6JfCXEaaz09W4ICCU--I2UQhEIlk4VkLbN34AsTrpXb9nAWZp9NAs2P_mnEiSbl-WaPRjqoCqmAZTY3RUzwdKX-PE6uaHey7bllbkHZqHfd4aMI_oURP00xOnibeMWFqYDVKjkpFX2vJ10EPQkJ5oIpV-V5A9dWYkEc0rw4ydp_pFNSOfmq3eMeP4trlHxL36auUs40HZ0HzXbLwBblyTRBqKio85wDfIkWU1YGn85l0MtA9mSCZ23QxF_BH1zbn0Ix3PbL0aSAM5Q6jhvzMd7Brr-RNzivsGeZMTqgNYhyIvNhebRO9JfpOOI2I9MQJ5gX9Ulpj27ddAQhqNFn2fGgDlgEc5qGgClkRCvqo1BqMWQWOhPdD0p8vzZ2amHrZ0UVXc1ZAguovKzARHnZnpZPUDxPLc3BxTmo0Kez0RLJIvLkLSuSsq0cVUULe38019KK7ShNVz9eaMrQne2gGqUg9A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/
0
71 B
Image
General
Full URL
https://track1.aniview.com/track?r=www.123greetings.com&sn=&ic=0&tgt=0&app=&wi=400&he=225&test=&apppkg=&fv=3&proto=https&pid=5e5bd02728a06124e30d85c3&cid=5e5bd1f528a0610dd725f7d8&stagid=&stplid=&e=inventory&vi=100&cb=1629724137913
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.215.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-215-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/
12 KB
3 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&AV_CHANNELID=5e5bd1f528a0610dd725f7d8&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.123greetings.com&AV_DADPOS=3&v=6.1.1.243&avtoken=137913&AV_WIDTH=400&AV_HEIGHT=225&AV_DNT=0&cb=1629724137956
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.46.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-46-74.compute-1.amazonaws.com
Software
/
Resource Hash
dd610ceb9cdd0e2af0ce31dfeba06660f62f31d7250ea93adb0be0399ae4aeb3

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 11 Aug 2021 23:22:18 GMT
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8DC7
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210816&jk=779946145868637&bg=!cnGlcTXNAAZvV8FTb1c7ACkAdvg8Wsh0_4a8wQF29PAFxz6H8aGOITASJmwU1aErg-O5Wyo8A5SgGwIAAAH3UgAAAE9oAQcKAKKJEDbjtYfsMORqzV-Roz76bYCrqcWsWZvlU0sFe5_sw4De5ulV2oeXZ027bEdDD0jlNEhzkPkxnaPtenlHUK98VvNBxUlnF8-tToPH3mcIlUexPbCS8IEoCJEu18QpUNUFSnthUsS9ArXQpiwzgvOq8kyqo3Zrn6hDN9qFkUpESwx04A06Z4S-_quctBbVnePKs7SOjvt-hriK0xOQDKfSaTyZApXe_vG7-1KBvz05FpXtajNA0I2MNWdWaCIEUQqpyRXuMd3gbwlwCccrpV43aO7DsaZCmlvlQ7uRYnNv0OWP7Dwk8GeaoKVkFfrBbwcGRdfCjkRxIPcZcA0B9afQn8Yr_gHIXm7i5qVtDq9DaCiTpb4SDclQ-dJrqGJV2Q6aMUSUli2TXgl4Fs8Rv9zUBQoquUZqRGjjdG0bGM_FrWls6YY3ccRlhdH_lY3S-zX7lc3_UpMCnRTMpT6TtZ_4oYa0AqZjH44f1sk2jIuhUewlHiBeB4FZVewHhaQWwqiU0mGiVVFB4jcUmoH32DMP6CCPAWXuFImGoSCna_zh-RMaX3pRFEGdFM5XWdGN1QaknFJ9C-o69_-1sGz5Gua-B00h54O5vjn-HpLo66OefJW-1h2RYM6zsyPB3NAoljXotDxVBjfY7xD4SW3j9jK44QtVUp0upwJ6DXqiBqMS6-CryZqjj5ysLYXR9J7XOBz1diUXfZS5eSdeg9k0uBrMnk_ueXmuI9a21e_qvnZqwBQzjJdhp0tmMx5JWFVbIGuGN3jzXlRE6986K1SOLXQLLhTPQ2aglmUVN7lf1nB1GxtgkQLKFKVwvazEy5BvTwVA8MYfM7EXsIFf_FuLoJAgj4wRjsW0oDrJ6QIgpc5EeioEHb_z8oImnXwQLh503oCcBprpvuZ9EizR9ky7O9cztnNFARezqJIu0rZjMwSFSj6ZVjIG4VtnAfQh-GdhCXIf0laTUj7qcKcfzRpoOLsFRTwFvwTwksTxKQETYs43h24nZC9q7l4TymsnT8mLzqZ60uCFg2dQHboYkTZXXMt43mWE6aaYjXM4uewj7wnCXkp83Vkf4jzWI4oy7MmjrtP8QYe1iflV45tz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C2EC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210816&jk=949676552228426&bg=!k5ClkNTNAAZvV8FTb1c7ACkAdvg8WrZOkWyrii-2KXjyYLC32vkexEZzS2p-aXx6fTbCN5atunMXtwIAAAGqUgAAAGFoAQcKAA-6G66s7xVrAaYk61RaWlaZApQzNQKlP7YFtbkbsfDTHeR4u2EdTwZe4lBsB_hxfyBuXFXAUbI9_e8w60K2_NkUIWgfBk2LLnyrixmgxhxBIlvMWRFY15k60Wv6p9Hg7xvkxspvL7X8YhopENW56VXPTc1KX729rxNYmaPN31yA7n2pCtLgwOJg_7HlJjX6O4T9xLlkZy1LUCh6C-_l1w3Glkap51VM0tzQkC0WQ3QmkhSnM44SQaDDXtGuNMt3uNq0GOg7GjoMg1SZ2hf-rcpGXUUvOb_koC9gmoWdyVDLkXExjwncSyUojpBtGVQAToxRkT4hWnfhlFJuWn1rcJBNh6MATpe9cpxGQhrU7e4qxKYwJrS_oTqw2fQrrf-y5POO8lth9h4iuZU4_BGf7I6w9iYvqccSp9lexR2cht67L19Y3nVwUUOt7jsG-XzanIZqi5zLhFmMUm0hAB_LzCytUHvtuW1NKxwu702Rtt_Rfp-JYuPk35VdOQxDmbBdNCHfN3P6C8is-8z2Hee0FuwKHoE_rWHZzgFLMQcYoGPJr__OMms3stmDFOPndRID4gQEdwtQab42qCF-XmdR_c1AMqFGhrCH7JA5Jjutn47RlvL0WH1mkiUvltnt3HTfa-S4SgYGcGipZBNcVsepoWCB1Fzy0EmCVOnZ5Vskkq6nVgRhmXi7JXtCYBZkyuzXJB2ea7nt3BTRXzPwh-3ZsWas_ZtH82_jwkUjmmwrHsmjR0VG9qjf3x9ZvVfkLXRDumPEBVWupUJ4wnVwmyfZMjd6haznf5iahCXORNkDIuNUZu_Cn2MpAQf6qxlTzJklgltGAn1fwT9X_ZtydSnUw1imPGXQjRax9bYQ_ekBPMWVOKdlyFwW3zRn81VbdLPXzpKk8p0X5U8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9AF4
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210816&jk=989064008868545&bg=!0NOl05fNAAZvV8FTb1c7ACkAdvg8Wi8YCQ66GzaBvJ1oqfQ2ybuqF0caIdlqd-4GmcKeTKnVYOCCXwIAAAGlUgAAAF1oAQcKAOh2L1nkqNLKz-XY5E4I0jOaVSbjWM_E2K1coCwscOjrzNkP-4dLjrXB1Oyb4wegPEQ5YUtvRCzqRg-_N92X5_xETakq3tIcPL4NJhLoO_xFUAKjm6xKVNX1-A_F-AvEg0McFEKxYSaSSqsqxRvLgSEKZ6qz2IontR3BDAg6LkCW1lmlsFdahisZ6nk67MrfYXF2o-CpZPOUgPxVn76Fp9EVxOqOmr_MWt1hif1zWTGx2u7pWZBjiJfOJk3hHGC8rMELmLwEAKK5wdj6D46iOn7AxPDgFiXla2Ql3Clcg7LspBTYOTpIth2UmQKgCXKXfnfXLVOnmrbj6HmbkBh0Pn5ONLOU8uKcCcOydTDGIlL8I79sQdhWvElAzANcwVuDp85FW0xsIHm5vu3qenzgRmRvpYPNd-dnm5Mc-qA6kTem8z-MMK4QDigT89Y0uGXfiBMf-DGzP_-SNfC5yAHshEc7GUQaCxJtdmE6v1Rk2b4bRxAdcYDiRZOo9mr0FEYD7w_ILSj81yil8a-cGN6zCGX5fRxXt_oykI07L59eAtype9kM4cNVUiGPUoBTmm7JsLyL3HV5CzIhuKoHkJKPa9fLZLJiokPNruXPQ3_011ZJUt9gtGXdOrBqa70pPQq9_53O18Ko0k4WRLLAjSDSIMPFm2fRUZUqy_qM16rcS-7hrmvuh-Td_8A4P6zSh5C-6D667m6r4CDSkt37s4cfUcTT_yhHUigfbVxbbGcwNEnce1DeBWqKMSssbF2gQdLQAKVratOnyX7CccZGgaN-MJxb3r4SvsP-cD3WLTiluxK2_yJwowWSN49aYnbQMIcL9g0v09eOqq_KW3rJKTma535aMVvrUzTm6X4L2QWO-4CChgfR-O4sbyAaslmjQDh8-s_3tYaHKm0VSNwkC2oUQ9RUJlkz1b45L5IfSJX66VXO5X4OyEsYF9uVhsMgwhcpkW0QZ_hpMOJmBOo_b-XdvlNU2Hnuf6ylwtvqAEd1HojFCXJ-1uW-AErDU_hOVkzQ_Op8mHF6xQnOS4TgDvN_Qvur_fhQYEKhngsbNzVcdWGKS1RzOrr0mnD0A5HTkd1DwijdH9R0jUTuIG5QvihnwTcSbRm188ecAhAyNCiR59xIdLBtiixNJfzIS3p4eXipzkFHB08gb6rtoePh2wYm0NMoyfxWRKxFjrn4c78hcrCSpowMrdQ2G8yvpVZ2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E96
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210816&jk=2678349729214706&bg=!SEulSw_NAAZvV8FTb1c7ACkAdvg8WvHScLiwxoJOzvpd5SouN_L2MTy5xMwOfvHj-YPoVRqHs-p_iQIAAAHBUgAAABtoAQcKAKBNARp32fwFrnfRlAM-3I30WmxusPIbigPChFzBfgoydafmO1iT7yJv-DwuwvOVRtQluNLeneb1sHGXMURkheCsINlBjmQyAq3fNrveT6_VuRqBgUCXCiXmP782XrIFWmt746vH31FMxmKNaDHhCDlnTBAgBLb6inn1PRRoDTUNbcfGD37nJpQGvY4QLwIxV5BKOCO9I8ny3w5uCLl2Y23ZmQKhHZoyA-DrypXZQzL8SAItUyFv7knc0SLdugPLnE9yC2bOPQmWzcnR4frcby72SPHTKCtXmdpzA06eo3xHbMlV1BbUKvDi285gym2vtpyJ1G_qzkp5t_IL9p8L0TaaXE464ZK2XlTtdfpczuljXy1nG3nuK-XxC7zOxzIMKi9ZGbz2cGZpiVl-m_9JgmaPCQQjaO808Hj36LPJ3ek61h6N6ATOW_sma0Sv24o-cquc5kgxzubin7PkD2u9IwYTgNv87MYX6o42zGquqVplajDoYEYbUd6jMWoMQkgfRp72otk4Hz0Ij-vPF3aOiZymkvkgdq1B-pFBvLPrv9698LOov8b5WESOUMmSdibqluJLAdHmLQMGhUx09n_iVpihSv2W7HOusF3D8czsNl8FLSDUE9VZCNxj-2sp_XgRUParZj7huZOcKRLu8bWLQ8pp7hN-nwp-akk0WJZBu-YMVFP1HNECelvCZofwRYhXA5UzGX0qTqnH2T31TTTmf-GCkHPGACceWmvRXn1dzIVfTggdFkLSqDZ6FFalCP1awIDgC2T41nVXUgE_8n3hG-fN_-ZsHCEFcgmCADuFOONllPIjMj-wXVBS_trAin6x43i0dKZYXcvgI3uLEpAkEu414JoKOHU8jc-mMba_EPLaiOPOg9u-2UOUnCBvKQa8ILuIC6zQsKu1SKe7V4pOLS0fQWZk_e_IaFNkPFifsEG33KKNonIYQEO0MQ-2H5oWdDzXOPN-SzsVvSVtHOa_ypAYS7QEYhRQMSaJyB6XgtxJNnsPX9pVxWTtKHqpAJV6V-pnToZrKDXJILVjlRjCnkB17romZHtbxi3AGfqCl8DvvchXqCyHDTQx3J5fxslw2yxiqvEQfOoteSvI_GIcMwCe_OPiFQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210816&jk=1708076251351380&bg=!eXqlej7NAAZvV8FTb1c7ACkAdvg8Wn9bAzt3IIV23wPhmBpgP9k_G41Bx2SblkwBIeel8UWz0ececwIAAACzUgAAAA1oAQeZAng6q_w773uIaiOf3w_dFfxVg50bsXLiwpdRMIFVCxgUBvhRF5A8H1WlYN4MzC-LQuKUQydPMDmqhz_D16WUtdXezZ-Ny2d_z1MvKnPb2UGyi3njR-pM6qsA8RkCd410WAPw7xsiBebj2EIyDWAAsWI5qcFTSCSUWh5m5PtDkPn-_kR5cebEi365TDoMBpLqeJq0W1pkadiqjtHwu4hqTAQHjHMXIW9yfGLJ_Je7q81WkoC-tQhNFxKev_JmMxhaamrb0ED4kTuYLyPcJ2EOZRxry_jZX_USpCE54OwNB8GWqxsD8YoOvGaGe04zOxipkQ_qlr_YfYYA5d_1Ea59qIWZDAXg0a0lrhyQmMToHk159KoMkUAhqvEmcnLu0IM8Am6ynPntetpa6AUsPGBLBT2iiMybOPAy_4oGaafSF6CKfXTOAjAJ4-jjx3O2XQ4-Iy9eywxC1q-Q9oyZerGhkhnJGN08GeSh5h4mgfuCEOk7juMrpRNsneN0YDagtNnllmcehCb1pHZ1yBmds-IFD-SmScsp6O3UBwSwJJQ-G4HXJ1bo2Fk-jTbAK3lH0E-RMEW8RKcBnEShAxPy0xQ6GDE-PoqA9Ad1iE2KTw4dzq1Ql_oPCJq37r8U0JUXPorjIAZk3b2bgCN7ut-IEsuInfCdqtJb6QDbmhU6xgPftDeo-BQKYysWOhOJPmZR42bumdSLhHIhJ82n8YzoExYj1BaL_RX9OjDjWLfWden-V-9PgG7KKZJUtADEGf0-b0m8nM6RLMao_Yz582iqf1z6yuxJ-brvpyWuaNKUWtGT3XnQ0Jgs1E0eVxVNlY_oCiQq3gTPWyPp4qSvjw
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 79F9
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1629724138334-936833643492-008467-010-002859%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1629724138334-936833643492-008467-010-002859%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1629724138334-936833643492-008467-010-002859&biddername=55&key=1327427752180661207
0
215 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1629724138334-936833643492-008467-010-002859&biddername=55&key=1327427752180661207
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.158.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-158-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1629724138334-936833643492-008467-010-002859&biddername=55&key=1327427752180661207
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1629724138334-936833643492-008467-010-002859
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
content-length
0
set-cookie
2_C_55=1327427752180661207; Path=/; Domain=aniview.com; Expires=Tue, 24 Aug 2021 13:08:58 GMT; Secure; SameSite=None 2_C_55=1327427752180661207; Path=/; Expires=Tue, 24 Aug 2021 13:08:58 GMT; Secure; SameSite=None

Redirect headers

Server
nginx/1.17.9
Date
Mon, 23 Aug 2021 13:08:58 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1629724138334-936833643492-008467-010-002859&biddername=55&key=1327427752180661207
AN-X-Request-Uuid
10d4df00-49b8-4d4b-b178-09bedeeaedf7
Set-Cookie
uuid2=1327427752180661207; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 21-Nov-2021 13:08:58 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
84.17.55.83; 84.17.55.83; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
ptv
ib.adnxs.com/
27 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&us_privacy=1---&cbb=9724138448&imp_id=401a5b00-bd09-475e-bf80-ca0990453458
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:08:58 GMT
X-Proxy-Origin
84.17.55.83; 84.17.55.83; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5e1577ed-85ea-47e2-8053-bdf6e2e4ce50
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 78DB
282 KB
89 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d9b4d9cdafdd2ede5d8a810b99f8f970870f2670e9e8011e1290ade700e33ef4

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtSdnGOwA1s_lmISVQ-FDGEo-bl9urRtHRKt0zBnq7ZmKCXeA0ouAp3vLSnSFYQ04NkPbpuqcEorUDxbHe39Eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
90379
last-modified
Wed, 11 Aug 2021 15:28:29 GMT
server
UploadServer
etag
"92b7af1d486c3d0c5680cb7cdb6f77b4"
vary
Accept-Encoding
x-goog-hash
crc32c=PRYf/g==, md5=krevHUhsPQxWgMt82293tA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1628695709350727
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
90379
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 23 Aug 2021 13:13:58 GMT
avpb3a0.js
player.aniview.com/script/6.1/ Frame 78DB
104 KB
32 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/avpb3a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
be6e4de2baf2d2b675b731818b218af006f0aa281d7cb7bbe2292fc6e064b795

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtGCBym4E3WQE8StqdbNTMJu8bCahV3vLtmIh7qVh5bMil0OAz9IYvSLNLyriXFvpuQ8h50gY-fhjW31pFIzNZCrdCqHw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
32338
last-modified
Wed, 11 Aug 2021 15:28:44 GMT
server
UploadServer
etag
"f6e149cdf7d73196fcdbcd4255e9c2a3"
vary
Accept-Encoding
x-goog-hash
crc32c=Q/YPnw==, md5=9uFJzffXMZb8281CVenCow==
content-language
en
access-control-allow-origin
*
x-goog-generation
1628695724524815
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
32338
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 23 Aug 2021 13:13:58 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=51062&t=1629724138&cip=84.17.55.83&sn=&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1629724138334-936833643492-008467-010-002859&cha=0.7&stagid=&stplid=&cb=97381112201&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1629724138454&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24%2C5e9030afdc817965520eb855%2C6114f48c04b3691b08691b7c%2C608e90cf34acc10fb7767e4a%2C6114f476dd0eb2621e735342%2C6114f47c6c1e79457874e876&ofpr=%2C%2C%2C0.6%2C0.36%2C0.3%2C0.15&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.215.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-215-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cygnus
htlb.casalemedia.com/
24 B
372 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2211267bfd65c0b2%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22name%22%3A%22123Greetings%22%2C%22domain%22%3A%22123greetings.com%22%2C%22hp%22%3A1%2C%22rid%22%3A%229438dff8cd479f4fd29e9ecb94ff2eb4_1723159119%22%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2221c320b6b67929%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A225%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.3%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.5.147 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-5-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c3d320f084f555026f4eda84a827311676374aa1ea917e3850824d15dd3aa04f

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:58 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[84.17.55.83], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
09
expires
Mon, 23 Aug 2021 13:08:58 GMT
openrtb
ads.adaptv.advertising.com/rtb/
0
221 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
287573
search.spotxchange.com/openrtb/2.3/dados/
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 23 Aug 2021 13:08:58 GMT
X-SpotX-Timing-Transform
0.000418
X-SpotX-Timing-SpotMarket
0.005619
X-SpotX-Timing-Page-Mux
0.000975
X-SpotX-Timing-Page-Require
0.000385
X-fe
001
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000027
X-SpotX-Timing-Page
0.010361
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000332
Last-Modified
Mon, 23 Aug 2021 13:08:58 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.005619
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.002589
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
hb.emxdgt.com/
0
162 B
XHR
General
Full URL
https://hb.emxdgt.com/?t=8000&ts=1629724138503&src=pbjs
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Mon, 23 Aug 2021 13:08:58 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=51062&t=1629724138&cip=84.17.55.83&sn=&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1629724138334-936833643492-008467-010-002859&cha=0.7&stagid=&stplid=&cb=97381112201&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1629724138753&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.215.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-215-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 2797
344 KB
119 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10bda34b2a767f9313bab5797a0a7733d0366cbece27caf11860de930fdc180c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121547
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:58 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 682F
344 KB
119 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10bda34b2a767f9313bab5797a0a7733d0366cbece27caf11860de930fdc180c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121547
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:58 GMT
bridge3.476.0_en.html
imasdk.googleapis.com/js/core/ Frame 6C02
573 KB
188 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11f89c7c24445c87cd794ad7f76d96ec1a5748d3cde2c4bab7a5bc4e7bad78cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.476.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192241
date
Tue, 17 Aug 2021 16:36:51 GMT
expires
Wed, 17 Aug 2022 16:36:51 GMT
last-modified
Tue, 17 Aug 2021 16:29:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
505927
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 2797
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:58 GMT
integrator.js
adservice.google.com/adsid/ Frame 2797
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.476.0_en.html
imasdk.googleapis.com/js/core/ Frame 73D8
573 KB
188 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11f89c7c24445c87cd794ad7f76d96ec1a5748d3cde2c4bab7a5bc4e7bad78cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.476.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192241
date
Tue, 17 Aug 2021 16:36:51 GMT
expires
Wed, 17 Aug 2022 16:36:51 GMT
last-modified
Tue, 17 Aug 2021 16:29:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
505928
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 682F
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:08:58 GMT
integrator.js
adservice.google.com/adsid/ Frame 682F
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 706E
36 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 23 Aug 2021 13:30:30 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FA29
36 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 23 Aug 2021 13:30:30 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6C02
156 B
287 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2449819330904668&sdkv=h.3.476.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=3292969052&sdk_apis=2%2C8&sid=ABEBBC45-2D0F-4271-847B-CB5946021742&eid=44725356%2C44726392&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&dt=1629724139228&cookie_enabled=1&scor=3708244797462968&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 73D8
156 B
871 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2277023660659126&sdkv=h.3.476.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1945808977&sdk_apis=2%2C8&sid=FC21FBFF-8E43-4486-8897-5C782410C6C1&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&dt=1629724139235&cookie_enabled=1&scor=2173094291713492&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
check.html
biddr.brealtime.com/ Frame 168C
926 B
1 KB
Document
General
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

Date
Mon, 23 Aug 2021 13:08:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
gcWkLjeOi8digCwsL8L1PmLRLUgMS8VDxC+dCdMwGwqWZ6QT3lgbuf5IeFFQpGrqvGsKs1t8O6Q=
x-amz-request-id
MAEJ4QWQFZPY3GKB
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
4448
Expires
Mon, 23 Aug 2021 13:09:59 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6834929ecf801673-WAW
Content-Encoding
gzip
ixmatch.html
js-sec.indexww.com/um/ Frame E316
2 KB
1 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.123greetings.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 23 Aug 2021 13:08:59 GMT
Connection
keep-alive
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=62a79986-262b-4b5a-98f2-39ba10f13577&_origin=1&gdpr=1&gdpr_consent=
0
234 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=62a79986-262b-4b5a-98f2-39ba10f13577&_origin=1&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:08:59 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=62a79986-262b-4b5a-98f2-39ba10f13577&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YSOd6wADzb-FcAAC&_origin=0&gdpr=0&gdpr_consent=&_test=YSOd6wADzb-FcAAC
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YSOd6wADzb-FcAAC&_origin=0&gdpr=0&gdpr_consent=&_test=YSOd6wADzb-FcAAC&apid=UP47a0c148-0413-11ec-9961-06778dd1898e
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YSOd6wADzb-FcAAC&_origin=0&gdpr=0&gdpr_consent=&_test=YSOd6wADzb-FcAAC&apid=UP47a0c148-0413-11ec-9961-06778dd1898e&verify=true
0
1 KB
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YSOd6wADzb-FcAAC&_origin=0&gdpr=0&gdpr_consent=&_test=YSOd6wADzb-FcAAC&apid=UP47a0c148-0413-11ec-9961-06778dd1898e&verify=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:08:59 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Mon, 23 Aug 2021 13:08:59 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YSOd6wADzb-FcAAC&_origin=0&gdpr=0&gdpr_consent=&_test=YSOd6wADzb-FcAAC&apid=UP47a0c148-0413-11ec-9961-06778dd1898e&verify=true
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP47a0c148-0413-11ec-9961-06778dd1898e
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP47a0c148-0413-11ec-9961-06778dd1898e&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA0N2EwYzE0OC0wNDEzLTExZWMtOTk2MS0wNjc3OGRkMTg5OGU%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEDKWYkyj-8jrjyrmDwkcPX8&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDKWYkyj-8jrjyrmDwkcPX8&google_cver=1&apid=UP47a0c148-0413-11ec-9961-06778dd1898e
0
1 KB
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDKWYkyj-8jrjyrmDwkcPX8&google_cver=1&apid=UP47a0c148-0413-11ec-9961-06778dd1898e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:09:00 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEDKWYkyj-8jrjyrmDwkcPX8&google_cver=1&apid=UP47a0c148-0413-11ec-9961-06778dd1898e
date
Mon, 23 Aug 2021 13:08:59 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
330575_th.jpg
i.123g.us/c/esep_teddybearday/th/
4 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/esep_teddybearday/th/330575_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
72ab9d3d6e9dfa553ef2f8d32ed0e0d1d0d5ae732f96d23949edd896c3749c6b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 15:40:54 GMT
Last-Modified
Thu, 07 Sep 2017 14:02:27 GMT
Server
Apache/2.2.15 (CentOS)
Age
595685
ETag
"f48-55899e91102c0"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3912
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:05:44 GMT
105860_th.gif
i.123g.us/c/esep_laborday_happy/th/
7 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/esep_laborday_happy/th/105860_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f38f2ad6a134d1148f9d271c315e4c6750fe98738015124a481df8c349496e60

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 14 Aug 2021 05:01:38 GMT
Last-Modified
Mon, 24 Feb 2014 09:49:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
806841
ETag
"1bea-4f323e4b03240"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7146
jake_test
Test_Pass
Expires
Wed, 18 Aug 2021 03:12:14 GMT
112976_th.gif
i.123g.us/c/thank_birthday/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/thank_birthday/th/112976_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
74b978d6e5a78f78b0ccecf1047d6d8c6aa875e7257b1c192b7bb2b7d35ffaf7

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 09:47:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:47:37 GMT
Server
Footprint Distributor V6.1.1162
Age
98466
ETag
"10a4-4f323dc950040"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4260
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 10:02:55 GMT
115126_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
5 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/115126_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
1db4192beb02ec6f72c44ef42854726d6cd6164b0b0dee15ea98d3f1eccd2594

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 10:21:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:46:08 GMT
Server
Footprint Distributor V6.1.1162
Age
10024
ETag
"1350-4f323d746f800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4944
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 10:36:55 GMT
117465_th.gif
i.123g.us/c/birth_happybirthday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/birth_happybirthday/th/117465_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f8933d7e94d9053a4c1db518764463d73286b3d15cc9db469652bd37c8751f1

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 13:23:07 GMT
Last-Modified
Mon, 24 Feb 2014 09:36:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
1208752
ETag
"1e9f-4f323b4f1e800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7839
jake_test
Test_Pass
Expires
Mon, 16 Aug 2021 10:01:01 GMT
330332_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
6 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/330332_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e042d45d87c9a3577e985db0797bda2d38c2212da0529217052bb5f1a8abf4a8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 05:44:41 GMT
Last-Modified
Mon, 21 Aug 2017 13:34:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
2013858
ETag
"19ff-557438963d5c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6655
jake_test
Test_Pass
Expires
Sat, 31 Jul 2021 05:59:41 GMT
343868_th.gif
i.123g.us/c/thank_everyday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/thank_everyday/th/343868_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1db78caab4487db707ddf2dfa5a49c7c3be19ce73ac5a67e56d62a8cefe55c19

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 07 Aug 2021 08:52:52 GMT
Last-Modified
Wed, 15 Jul 2020 09:02:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
1397767
ETag
"1f5c-5aa772ff57980"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8028
jake_test
Test_Pass
Expires
Sat, 07 Aug 2021 09:07:52 GMT
120707_th.gif
i.123g.us/c/esep_laborday_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_laborday_happy/th/120707_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bbccf741c8b2ba240dd1b98332f008865d8de7fd346ffc5ac33e4dad085c8153

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 20:39:40 GMT
Last-Modified
Tue, 20 Aug 2019 13:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
318559
ETag
"1fee-5908cc544e0c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8174
jake_test
Test_Pass
Expires
Fri, 20 Aug 2021 13:05:44 GMT
119236_th.gif
i.123g.us/c/eaug_justbecauseday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_justbecauseday/th/119236_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2c395dde4dda4ad49030f2877bcbdcc5ac1c8b213e4da115536bdb204c23d27

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 21:53:28 GMT
Last-Modified
Mon, 24 Feb 2014 09:37:12 GMT
Server
Apache/2.2.15 (CentOS)
Age
1437331
ETag
"1f8b-4f323b7544200"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8075
jake_test
Test_Pass
Expires
Sun, 15 Aug 2021 09:57:33 GMT
115377_th.gif
i.123g.us/c/esep_chocolateday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_chocolateday/th/115377_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a55fad400471602940d5bfd7a08a149eb8a295f70d5f45107ba4fc4b90ff84ea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 17:34:40 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2403259
ETag
"1fb1-4f323c509c780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8113
jake_test
Test_Pass
Expires
Wed, 11 Aug 2021 04:37:42 GMT
318520_th.jpg
i.123g.us/c/eaug_nationaldog_day/th/
6 KB
6 KB
Image
General
Full URL
https://i.123g.us/c/eaug_nationaldog_day/th/318520_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ada32021a43ce541eedf0c9badd13431e9a9ec5fd91e00c6a87266cb35f20b63

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 12:18:52 GMT
Last-Modified
Thu, 03 Aug 2017 07:11:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
2249407
ETag
"1749-555d415386b40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5961
jake_test
Test_Pass
Expires
Thu, 12 Aug 2021 15:41:09 GMT
347860_th.gif
i.123g.us/c/eaug_nationaldog_day/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_nationaldog_day/th/347860_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
725357795d74005e827803e1496c876dffbb0f96928f8837eaf6db2284f91b5c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:16:55 GMT
Last-Modified
Fri, 20 Aug 2021 13:05:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
233524
ETag
"1dd1-5c9fd52c36800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7633
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:06:21 GMT
335137_th.gif
i.123g.us/c/esep_teddybearday/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_teddybearday/th/335137_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0f4ff39f3cc273f4e0fdf99345ed383fe4fd212b1622cc08e325c59885591935

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 01 Aug 2021 13:46:34 GMT
Last-Modified
Wed, 08 Aug 2018 11:33:33 GMT
Server
Apache/2.2.15 (CentOS)
Age
1898545
ETag
"1d45-572eae1659d40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7493
jake_test
Test_Pass
Expires
Wed, 04 Aug 2021 20:19:42 GMT
103835_th.gif
i.123g.us/c/eaug_justbecauseday/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_justbecauseday/th/103835_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f5b963dcb1a64bed590c4f8f7566bb9cef96d23199f0122e0f174003325cead3

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 19:57:10 GMT
Last-Modified
Wed, 05 Aug 2015 13:28:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
148309
ETag
"113e-51c9060a75280"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4414
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 00:46:27 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F386
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9107cbfb613c2a822dd1deea38560a39dc36ba8a19dec6fe296dc4887a574e49

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YSOd6z2SCHvT3qRlWCFVzQAA; CMPS=5172
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|45|230|206|31|47|64
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1883
Expires
Mon, 23 Aug 2021 13:08:59 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 23 Aug 2021 13:08:59 GMT
Connection
keep-alive
Set-Cookie
CMID=YSOd6z2SCHvT3qRlWCFVzQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 13:08:59 GMT CMPS=5172;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 13:08:59 GMT CMPRO=1174;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 13:08:59 GMT CMRUM3=4061239deb05a0&e661239deb2760&1f61239deb05a00&f161239deb05a0&2761239deb0b40&2d61239deb05a0&2f61239deb05a0&ce61239deb05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 13:08:59 GMT CMST=YSOd62EjnesA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 24 Aug 2021 13:08:59 GMT

Redirect headers

Server
Apache
Content-Length
343
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 23 Aug 2021 13:08:59 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 23 Aug 2021 13:08:59 GMT
Connection
keep-alive
Set-Cookie
CMID=YSOd6z2SCHvT3qRlWCFVzQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 23 Aug 2022 13:08:59 GMT CMPS=5172;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 21 Nov 2021 13:08:59 GMT
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 Aug 2021 13:08:59 GMT
ptv
ib.adnxs.com/
27 B
705 B
XHR
General
Full URL
https://ib.adnxs.com/ptv?id=19012622&referrer=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&us_privacy=1---&cbb=9724139856&imp_id=3740e239-a95e-44de-8464-2abab89a59d3
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:08:59 GMT
X-Proxy-Origin
84.17.55.83; 84.17.55.83; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f8be6d19-bb36-4a05-a504-d7ea34f936fd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.123greetings.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=51062&t=1629724138&cip=84.17.55.83&sn=&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1629724138334-936833643492-008467-010-002859&cha=0.7&stagid=&stplid=&cb=97381112201&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=request&cb=1629724139857&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24%2C5e9030afdc817965520eb855%2C6114f48c04b3691b08691b7c%2C608e90cf34acc10fb7767e4a%2C6114f476dd0eb2621e735342%2C6114f47c6c1e79457874e876&ofpr=%2C%2C%2C0.6%2C0.36%2C0.3%2C0.15&fpo=%2C%2C%2C%2C%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.215.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-215-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:08:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
openrtb
ads.adaptv.advertising.com/rtb/
0
221 B
XHR
General
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Avantis
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
cygnus
htlb.casalemedia.com/
25 B
373 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=512884&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2213cb30e0aa55676%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%224.42.1%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22avantisvideo.com%22%2C%22sid%22%3A%228079%22%2C%22name%22%3A%22123Greetings%22%2C%22domain%22%3A%22123greetings.com%22%2C%22hp%22%3A1%2C%22rid%22%3A%229438dff8cd479f4fd29e9ecb94ff2eb4_1723159119%22%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214779ca80bc786d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22512884%22%2C%22sid%22%3A%22400x225%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A225%2C%22placement%22%3A4%7D%2C%22bidfloor%22%3A0.3%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.5.147 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-5-147.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c152998f0ae61102cd5a0d40734a89c4513404192f3dcfe31100dd2b53b0056d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:59 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[84.17.55.83], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.123greetings.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
09
expires
Mon, 23 Aug 2021 13:08:59 GMT
/
hb.emxdgt.com/
0
161 B
XHR
General
Full URL
https://hb.emxdgt.com/?t=8000&ts=1629724139864&src=pbjs
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.123greetings.com
date
Mon, 23 Aug 2021 13:08:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
287573
search.spotxchange.com/openrtb/2.3/dados/
0
1 KB
XHR
General
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/287573?src_sys=prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.124 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 23 Aug 2021 13:08:59 GMT
X-SpotX-Timing-Transform
0.000486
X-SpotX-Timing-SpotMarket
0.006094
X-SpotX-Timing-Page-Mux
0.001662
X-SpotX-Timing-Page-Require
0.000335
X-fe
080
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
X-SpotX-Timing-Page
0.011894
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000312
Last-Modified
Mon, 23 Aug 2021 13:08:59 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006094
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://www.123greetings.com
X-SpotX-Timing-Page-Misc
0.002959
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000016
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F386
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSOd6z2SCHvT3qRlWCFVzQAABJYAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSOd6z2SCHvT3qRlWCFVzQAABJYAAAAB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSOd6z2SCHvT3qRlWCFVzQAABJYAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:09:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1HTPXFEDY7KJ8X91CWVR
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:09:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TXY2QCM2MYJKD6NJNYNA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YSOd6z2SCHvT3qRlWCFVzQAABJYAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F386
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YSOd6z2SCHvT3qRlWCFVzQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:59 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame F386
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YSOd6z2SCHvT3qRlWCFVzQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEII_TqHPy6XbrMnjCGY504A&google_cver=1&gdpr=1
43 B
1010 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEII_TqHPy6XbrMnjCGY504A&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:09:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 13:09:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:09:00 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEII_TqHPy6XbrMnjCGY504A&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame F386
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YSOd6z2SCHvT3qRlWCFVzQAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOsofwVHG3tVFA1n5-IFdrM&google_cver=1
43 B
315 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOsofwVHG3tVFA1n5-IFdrM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:08:59 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 23 Aug 2021 13:08:59 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:59 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOsofwVHG3tVFA1n5-IFdrM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame F386
0
234 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YSOd6z2SCHvT3qRlWCFVzQAABJYAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:08:59 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
noop
px.owneriq.net/ Frame F386
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6830105401390489736&uid=Q6830105401390489736&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B
Image
General
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.21.100 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-21-100.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:09:00 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Mon, 23 Aug 2021 13:09:00 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame F386
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=eDlBe7vn1Mi9He5&gdpr=1
43 B
998 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=eDlBe7vn1Mi9He5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:09:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 13:09:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:08:59 GMT
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0e5ad42a7c615fafc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=eDlBe7vn1Mi9He5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F386
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632316140
43 B
983 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632316140
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 23 Aug 2021 13:09:00 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 13:09:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 23 Aug 2021 13:08:59 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1632316140
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F386
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YSOd6z2SCHvT3qRlWCFVzQAA%261174
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.123greetings.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 13:08:59 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"761e21-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2773
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 23 Aug 2021 13:55:12 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=51062&t=1629724138&cip=84.17.55.83&sn=&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1629724138334-936833643492-008467-010-002859&cha=0.7&stagid=&stplid=&cb=97381112201&d9=1000&AV_WIDTH=400&AV_HEIGHT=225&&ppid=5e5bd02728a06124e30d85c3&nid=59918a0e073ef4782e4e347f&pcid=5e5bd1f528a0610dd725f7d8&ncid=5e8b3e740cd6ad6132403f66&pasid=5e8b42ae145a8138e61d4a85&e=bid&cb=1629724140034&asid=60e594d3cc338a41335e9e75%2C60e594da4123720f2e250d24&ofpr=%2C&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.215.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-215-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:09:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 08A5
344 KB
119 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10bda34b2a767f9313bab5797a0a7733d0366cbece27caf11860de930fdc180c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121547
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:09:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4232
344 KB
119 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10bda34b2a767f9313bab5797a0a7733d0366cbece27caf11860de930fdc180c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121547
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:09:00 GMT
bridge3.476.0_en.html
imasdk.googleapis.com/js/core/ Frame 1F25
573 KB
188 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11f89c7c24445c87cd794ad7f76d96ec1a5748d3cde2c4bab7a5bc4e7bad78cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.476.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192241
date
Tue, 17 Aug 2021 16:36:51 GMT
expires
Wed, 17 Aug 2022 16:36:51 GMT
last-modified
Tue, 17 Aug 2021 16:29:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
505929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 08A5
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:09:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 08A5
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.476.0_en.html
imasdk.googleapis.com/js/core/ Frame C53F
573 KB
188 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11f89c7c24445c87cd794ad7f76d96ec1a5748d3cde2c4bab7a5bc4e7bad78cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.476.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.123greetings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.123greetings.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
192241
date
Tue, 17 Aug 2021 16:36:51 GMT
expires
Wed, 17 Aug 2022 16:36:51 GMT
last-modified
Tue, 17 Aug 2021 16:29:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
505929
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 4232
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Mon, 23 Aug 2021 13:09:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 4232
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.123greetings.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 23 Aug 2021 13:09:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8644
36 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 23 Aug 2021 13:30:30 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A0F7
36 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 12:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 23 Aug 2021 13:30:30 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 1F25
156 B
142 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_2&description_url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1605914358715375&sdkv=h.3.476.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=1224568098&sdk_apis=2%2C8&sid=1970EB94-327A-497D-9EDE-E2927BA5ED59&eid=44725355%2C44740340&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&dt=1629724140455&cookie_enabled=1&scor=3700492707902500&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:09:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C53F
156 B
142 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_AirNow%2Fpreroll%2Fsyndication_4&description_url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2674367276744688&sdkv=h.3.476.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&sdki=44d&adk=4129766432&sdk_apis=2%2C8&sid=DB2A82A2-A70D-41E1-925E-C05BF26F4A83&eid=44736293&url=https%3A%2F%2Fwww.123greetings.com%2Fsend%2Fview%2F08121021606904939246&dt=1629724140461&cookie_enabled=1&scor=870721079091856&ged=ve4_td0_tt0_pd0_la0_er1199.1200.1351.1500_vi0.0.1200.1600_vp1_eb23147
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.476.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 13:09:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2-cr.js?id=1c35f5e5-f7c0-4c97-8283-6c9f94ba8c53&tagId=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.57.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-57-2.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 23 Aug 2021 13:09:01 GMT
103835_th.gif
i.123g.us/c/eaug_justbecauseday/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_justbecauseday/th/103835_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f5b963dcb1a64bed590c4f8f7566bb9cef96d23199f0122e0f174003325cead3

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 19:57:10 GMT
Last-Modified
Wed, 05 Aug 2015 13:28:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
148314
ETag
"113e-51c9060a75280"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4414
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 00:46:27 GMT
330575_th.jpg
i.123g.us/c/esep_teddybearday/th/
4 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/esep_teddybearday/th/330575_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
72ab9d3d6e9dfa553ef2f8d32ed0e0d1d0d5ae732f96d23949edd896c3749c6b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 15:40:54 GMT
Last-Modified
Thu, 07 Sep 2017 14:02:27 GMT
Server
Apache/2.2.15 (CentOS)
Age
595688
ETag
"f48-55899e91102c0"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3912
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:05:44 GMT
105860_th.gif
i.123g.us/c/esep_laborday_happy/th/
7 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/esep_laborday_happy/th/105860_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f38f2ad6a134d1148f9d271c315e4c6750fe98738015124a481df8c349496e60

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 14 Aug 2021 05:01:38 GMT
Last-Modified
Mon, 24 Feb 2014 09:49:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
806845
ETag
"1bea-4f323e4b03240"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7146
jake_test
Test_Pass
Expires
Wed, 18 Aug 2021 03:12:14 GMT
112976_th.gif
i.123g.us/c/thank_birthday/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/thank_birthday/th/112976_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
74b978d6e5a78f78b0ccecf1047d6d8c6aa875e7257b1c192b7bb2b7d35ffaf7

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 09:47:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:47:37 GMT
Server
Footprint Distributor V6.1.1162
Age
98469
ETag
"10a4-4f323dc950040"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4260
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 10:02:55 GMT
115126_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
5 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/115126_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
1db4192beb02ec6f72c44ef42854726d6cd6164b0b0dee15ea98d3f1eccd2594

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 10:21:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:46:08 GMT
Server
Footprint Distributor V6.1.1162
Age
10027
ETag
"1350-4f323d746f800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4944
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 10:36:55 GMT
117465_th.gif
i.123g.us/c/birth_happybirthday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/birth_happybirthday/th/117465_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f8933d7e94d9053a4c1db518764463d73286b3d15cc9db469652bd37c8751f1

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 13:23:07 GMT
Last-Modified
Mon, 24 Feb 2014 09:36:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
1208756
ETag
"1e9f-4f323b4f1e800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7839
jake_test
Test_Pass
Expires
Mon, 16 Aug 2021 10:01:01 GMT
330332_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
6 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/330332_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e042d45d87c9a3577e985db0797bda2d38c2212da0529217052bb5f1a8abf4a8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 05:44:41 GMT
Last-Modified
Mon, 21 Aug 2017 13:34:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
2013864
ETag
"19ff-557438963d5c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6655
jake_test
Test_Pass
Expires
Sat, 31 Jul 2021 05:59:41 GMT
343868_th.gif
i.123g.us/c/thank_everyday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/thank_everyday/th/343868_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1db78caab4487db707ddf2dfa5a49c7c3be19ce73ac5a67e56d62a8cefe55c19

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 07 Aug 2021 08:52:52 GMT
Last-Modified
Wed, 15 Jul 2020 09:02:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
1397772
ETag
"1f5c-5aa772ff57980"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8028
jake_test
Test_Pass
Expires
Sat, 07 Aug 2021 09:07:52 GMT
120707_th.gif
i.123g.us/c/esep_laborday_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_laborday_happy/th/120707_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bbccf741c8b2ba240dd1b98332f008865d8de7fd346ffc5ac33e4dad085c8153

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 20:39:40 GMT
Last-Modified
Tue, 20 Aug 2019 13:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
318563
ETag
"1fee-5908cc544e0c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8174
jake_test
Test_Pass
Expires
Fri, 20 Aug 2021 13:05:44 GMT
119236_th.gif
i.123g.us/c/eaug_justbecauseday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_justbecauseday/th/119236_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2c395dde4dda4ad49030f2877bcbdcc5ac1c8b213e4da115536bdb204c23d27

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 21:53:28 GMT
Last-Modified
Mon, 24 Feb 2014 09:37:12 GMT
Server
Apache/2.2.15 (CentOS)
Age
1437335
ETag
"1f8b-4f323b7544200"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8075
jake_test
Test_Pass
Expires
Sun, 15 Aug 2021 09:57:33 GMT
115377_th.gif
i.123g.us/c/esep_chocolateday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_chocolateday/th/115377_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a55fad400471602940d5bfd7a08a149eb8a295f70d5f45107ba4fc4b90ff84ea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 17:34:40 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2403264
ETag
"1fb1-4f323c509c780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8113
jake_test
Test_Pass
Expires
Wed, 11 Aug 2021 04:37:42 GMT
318520_th.jpg
i.123g.us/c/eaug_nationaldog_day/th/
6 KB
6 KB
Image
General
Full URL
https://i.123g.us/c/eaug_nationaldog_day/th/318520_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ada32021a43ce541eedf0c9badd13431e9a9ec5fd91e00c6a87266cb35f20b63

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 12:18:52 GMT
Last-Modified
Thu, 03 Aug 2017 07:11:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
2249413
ETag
"1749-555d415386b40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5961
jake_test
Test_Pass
Expires
Thu, 12 Aug 2021 15:41:09 GMT
347860_th.gif
i.123g.us/c/eaug_nationaldog_day/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_nationaldog_day/th/347860_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
725357795d74005e827803e1496c876dffbb0f96928f8837eaf6db2284f91b5c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:16:55 GMT
Last-Modified
Fri, 20 Aug 2021 13:05:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
233529
ETag
"1dd1-5c9fd52c36800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7633
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:06:21 GMT
335137_th.gif
i.123g.us/c/esep_teddybearday/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_teddybearday/th/335137_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0f4ff39f3cc273f4e0fdf99345ed383fe4fd212b1622cc08e325c59885591935

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 01 Aug 2021 13:46:34 GMT
Last-Modified
Wed, 08 Aug 2018 11:33:33 GMT
Server
Apache/2.2.15 (CentOS)
Age
1898550
ETag
"1d45-572eae1659d40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7493
jake_test
Test_Pass
Expires
Wed, 04 Aug 2021 20:19:42 GMT
track
track1.aniview.com/
0
94 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.123greetings.com&rs=www.123greetings.com&sid=51062&t=1629724138&cip=84.17.55.83&sn=&tgt=0&osv=10&bv=92.0&brn=Chrome&wi=400&he=225&app=&AV_PUBLISHERID=5e5bd02728a06124e30d85c3&test=&aafaid=&proto=https&uid=1629724138334-936833643492-008467-010-002859&cha=0.7&stagid=&stplid=&cb=97381112201&d9=1000&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e5bd02728a06124e30d85c3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.215.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-215-136.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 23 Aug 2021 13:09:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
335137_th.gif
i.123g.us/c/esep_teddybearday/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_teddybearday/th/335137_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0f4ff39f3cc273f4e0fdf99345ed383fe4fd212b1622cc08e325c59885591935

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 01 Aug 2021 13:46:34 GMT
Last-Modified
Wed, 08 Aug 2018 11:33:33 GMT
Server
Apache/2.2.15 (CentOS)
Age
1898551
ETag
"1d45-572eae1659d40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7493
jake_test
Test_Pass
Expires
Wed, 04 Aug 2021 20:19:42 GMT
103835_th.gif
i.123g.us/c/eaug_justbecauseday/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_justbecauseday/th/103835_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f5b963dcb1a64bed590c4f8f7566bb9cef96d23199f0122e0f174003325cead3

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 19:57:10 GMT
Last-Modified
Wed, 05 Aug 2015 13:28:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
148315
ETag
"113e-51c9060a75280"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4414
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 00:46:27 GMT
330575_th.jpg
i.123g.us/c/esep_teddybearday/th/
4 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/esep_teddybearday/th/330575_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
72ab9d3d6e9dfa553ef2f8d32ed0e0d1d0d5ae732f96d23949edd896c3749c6b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 15:40:54 GMT
Last-Modified
Thu, 07 Sep 2017 14:02:27 GMT
Server
Apache/2.2.15 (CentOS)
Age
595691
ETag
"f48-55899e91102c0"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3912
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:05:44 GMT
105860_th.gif
i.123g.us/c/esep_laborday_happy/th/
7 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/esep_laborday_happy/th/105860_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f38f2ad6a134d1148f9d271c315e4c6750fe98738015124a481df8c349496e60

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 14 Aug 2021 05:01:38 GMT
Last-Modified
Mon, 24 Feb 2014 09:49:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
806849
ETag
"1bea-4f323e4b03240"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7146
jake_test
Test_Pass
Expires
Wed, 18 Aug 2021 03:12:14 GMT
112976_th.gif
i.123g.us/c/thank_birthday/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/thank_birthday/th/112976_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
74b978d6e5a78f78b0ccecf1047d6d8c6aa875e7257b1c192b7bb2b7d35ffaf7

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 09:47:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:47:37 GMT
Server
Footprint Distributor V6.1.1162
Age
98472
ETag
"10a4-4f323dc950040"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4260
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 10:02:55 GMT
115126_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
5 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/115126_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
1db4192beb02ec6f72c44ef42854726d6cd6164b0b0dee15ea98d3f1eccd2594

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 10:21:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:46:08 GMT
Server
Footprint Distributor V6.1.1162
Age
10030
ETag
"1350-4f323d746f800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4944
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 10:36:55 GMT
117465_th.gif
i.123g.us/c/birth_happybirthday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/birth_happybirthday/th/117465_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f8933d7e94d9053a4c1db518764463d73286b3d15cc9db469652bd37c8751f1

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 13:23:07 GMT
Last-Modified
Mon, 24 Feb 2014 09:36:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
1208758
ETag
"1e9f-4f323b4f1e800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7839
jake_test
Test_Pass
Expires
Mon, 16 Aug 2021 10:01:01 GMT
330332_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
6 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/330332_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e042d45d87c9a3577e985db0797bda2d38c2212da0529217052bb5f1a8abf4a8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 05:44:41 GMT
Last-Modified
Mon, 21 Aug 2017 13:34:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
2013864
ETag
"19ff-557438963d5c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6655
jake_test
Test_Pass
Expires
Sat, 31 Jul 2021 05:59:41 GMT
343868_th.gif
i.123g.us/c/thank_everyday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/thank_everyday/th/343868_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1db78caab4487db707ddf2dfa5a49c7c3be19ce73ac5a67e56d62a8cefe55c19

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 07 Aug 2021 08:52:52 GMT
Last-Modified
Wed, 15 Jul 2020 09:02:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
1397773
ETag
"1f5c-5aa772ff57980"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8028
jake_test
Test_Pass
Expires
Sat, 07 Aug 2021 09:07:52 GMT
120707_th.gif
i.123g.us/c/esep_laborday_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_laborday_happy/th/120707_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bbccf741c8b2ba240dd1b98332f008865d8de7fd346ffc5ac33e4dad085c8153

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 20:39:40 GMT
Last-Modified
Tue, 20 Aug 2019 13:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
318565
ETag
"1fee-5908cc544e0c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8174
jake_test
Test_Pass
Expires
Fri, 20 Aug 2021 13:05:44 GMT
119236_th.gif
i.123g.us/c/eaug_justbecauseday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_justbecauseday/th/119236_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2c395dde4dda4ad49030f2877bcbdcc5ac1c8b213e4da115536bdb204c23d27

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 21:53:28 GMT
Last-Modified
Mon, 24 Feb 2014 09:37:12 GMT
Server
Apache/2.2.15 (CentOS)
Age
1437337
ETag
"1f8b-4f323b7544200"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8075
jake_test
Test_Pass
Expires
Sun, 15 Aug 2021 09:57:33 GMT
115377_th.gif
i.123g.us/c/esep_chocolateday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_chocolateday/th/115377_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a55fad400471602940d5bfd7a08a149eb8a295f70d5f45107ba4fc4b90ff84ea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 17:34:40 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2403265
ETag
"1fb1-4f323c509c780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8113
jake_test
Test_Pass
Expires
Wed, 11 Aug 2021 04:37:42 GMT
318520_th.jpg
i.123g.us/c/eaug_nationaldog_day/th/
6 KB
6 KB
Image
General
Full URL
https://i.123g.us/c/eaug_nationaldog_day/th/318520_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ada32021a43ce541eedf0c9badd13431e9a9ec5fd91e00c6a87266cb35f20b63

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 12:18:52 GMT
Last-Modified
Thu, 03 Aug 2017 07:11:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
2249413
ETag
"1749-555d415386b40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5961
jake_test
Test_Pass
Expires
Thu, 12 Aug 2021 15:41:09 GMT
347860_th.gif
i.123g.us/c/eaug_nationaldog_day/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_nationaldog_day/th/347860_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
725357795d74005e827803e1496c876dffbb0f96928f8837eaf6db2284f91b5c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:16:55 GMT
Last-Modified
Fri, 20 Aug 2021 13:05:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
233530
ETag
"1dd1-5c9fd52c36800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7633
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:06:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8DC7
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 7781
0
0

123g_animations.js
c.123g.us/js2/
13 KB
3 KB
Script
General
Full URL
https://c.123g.us/js2/123g_animations.js
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6450ffe1ef235af9478c5d116bd0d3a8f99f0f238f39608e7dabafbc62127b55

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 02 Aug 2021 11:40:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 11:34:29 GMT
Server
Apache/2.2.15 (CentOS)
Age
1819728
ETag
"3511-59d1d7d847b40"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2175
jake_test
Test_Pass
Expires
Sat, 14 Aug 2021 09:55:25 GMT
balloons.css
c.123g.us/css/animation/
4 KB
933 B
Stylesheet
General
Full URL
https://c.123g.us/css/animation/balloons.css
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
845cd680a96aedb37993839de4717f3b5e26dba2fd854cbed9b6fb12987ce522

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 14 Aug 2021 09:40:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Dec 2019 12:52:42 GMT
Server
Apache/2.2.15 (CentOS)
Age
790122
ETag
"11e0-5999556621a80"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
530
jake_test
Test_Pass
Expires
Sat, 14 Aug 2021 09:55:25 GMT
blue-balloon.png
c.123g.us/images/balloons/
17 KB
17 KB
Image
General
Full URL
https://c.123g.us/images/balloons/blue-balloon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f628a9fca92eaadb33c8662a0ce39324b6c198e7f7af90bdfac307cecb79603

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 29 Jul 2021 14:56:24 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
2153563
ETag
"1ad0c-4354-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17236
jake_test
Test_Pass
yellow-balloon.png
c.123g.us/images/balloons/
20 KB
20 KB
Image
General
Full URL
https://c.123g.us/images/balloons/yellow-balloon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5efd5b56288920905e7fa8f41db051e3d0560715c1fee4dbacfe0d3ee250bd39

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 11:12:25 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
611802
ETag
"1ad10-4e39-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20025
jake_test
Test_Pass
red-balloon.png
c.123g.us/images/balloons/
20 KB
21 KB
Image
General
Full URL
https://c.123g.us/images/balloons/red-balloon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f4a28c182d37f562d958a1a223a8833208e6117fadc9507804db8ce55c38c953

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 08:51:36 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
1052251
ETag
"51eb-5999556715cc0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20971
jake_test
Test_Pass
Expires
Wed, 18 Aug 2021 23:01:44 GMT
green-balloon.png
c.123g.us/images/balloons/
17 KB
17 KB
Image
General
Full URL
https://c.123g.us/images/balloons/green-balloon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
91350e85de8a73c5d958c415545987bc2d90fa8ed608fc0ab45edbffcca3ea57

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 21:15:12 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
2044435
ETag
"1ad15-4486-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17542
jake_test
Test_Pass
pink-balloon.png
c.123g.us/images/balloons/
20 KB
20 KB
Image
General
Full URL
https://c.123g.us/images/balloons/pink-balloon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
df45cfb8e55a1ca5e110a9a9b8eafd1d8af537856519bcefc4716186dcf71b3d

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 15:03:02 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
1116365
ETag
"1ad0b-4ed1-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20177
jake_test
Test_Pass
lightgreen-balloon.png
c.123g.us/images/balloons/
21 KB
21 KB
Image
General
Full URL
https://c.123g.us/images/balloons/lightgreen-balloon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a56942dfaa7ac1d7c5cab0b8aaa5ceeb711c8be5c2a4d0db4622cdddce94b13a

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 07 Aug 2021 18:00:08 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
1364939
ETag
"1ad0e-544a-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21578
jake_test
Test_Pass
skyblue-balloon.png
c.123g.us/images/balloons/
17 KB
18 KB
Image
General
Full URL
https://c.123g.us/images/balloons/skyblue-balloon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
50c97192f054b13ed760fc3034541d6c4319358f8a9f1a53d051995b613a8f05

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 09:02:40 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
187587
ETag
"4526-5999556715cc0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17702
jake_test
Test_Pass
Expires
Sat, 21 Aug 2021 09:18:33 GMT
navy-balloon.png
c.123g.us/images/balloons/
17 KB
18 KB
Image
General
Full URL
https://c.123g.us/images/balloons/navy-balloon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9992e8b958b7af69be8efbd5bcf4b6f778ce412a3ed7f49160be144f692c8926

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 09:12:18 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
619009
ETag
"45ea-5999556715cc0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17898
jake_test
Test_Pass
Expires
Mon, 16 Aug 2021 09:27:18 GMT
orange-balloon.png
c.123g.us/images/balloons/
19 KB
19 KB
Image
General
Full URL
https://c.123g.us/images/balloons/orange-balloon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
386e9c19b83e428bfc738f35b7ae65118eb778ba6c153e32b97919a6b8c4aa81

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 01 Aug 2021 00:56:05 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
1944782
ETag
"4a75-5999556715cc0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19061
jake_test
Test_Pass
Expires
Sun, 01 Aug 2021 01:11:06 GMT
purple-balloon.png
c.123g.us/images/balloons/
19 KB
20 KB
Image
General
Full URL
https://c.123g.us/images/balloons/purple-balloon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3639aad147940edb1227605e15cd4d2a3836c4854785c54cf67f2de327097415

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 09:16:54 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
618733
ETag
"1ad0d-4dd7-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19927
jake_test
Test_Pass
blue-balloon.png
c.123g.us/images/balloons/
17 KB
17 KB
Image
General
Full URL
https://c.123g.us/images/balloons/blue-balloon.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/animation/balloons.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f628a9fca92eaadb33c8662a0ce39324b6c198e7f7af90bdfac307cecb79603

Request headers

Referer
https://c.123g.us/css/animation/balloons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 29 Jul 2021 14:56:24 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
2153563
ETag
"1ad0c-4354-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17236
jake_test
Test_Pass
yellow-balloon.png
c.123g.us/images/balloons/
20 KB
20 KB
Image
General
Full URL
https://c.123g.us/images/balloons/yellow-balloon.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/animation/balloons.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5efd5b56288920905e7fa8f41db051e3d0560715c1fee4dbacfe0d3ee250bd39

Request headers

Referer
https://c.123g.us/css/animation/balloons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 11:12:25 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
611802
ETag
"1ad10-4e39-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20025
jake_test
Test_Pass
red-balloon.png
c.123g.us/images/balloons/
20 KB
21 KB
Image
General
Full URL
https://c.123g.us/images/balloons/red-balloon.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/animation/balloons.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f4a28c182d37f562d958a1a223a8833208e6117fadc9507804db8ce55c38c953

Request headers

Referer
https://c.123g.us/css/animation/balloons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 08:51:36 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
1052251
ETag
"51eb-5999556715cc0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20971
jake_test
Test_Pass
Expires
Wed, 18 Aug 2021 23:01:44 GMT
green-balloon.png
c.123g.us/images/balloons/
17 KB
17 KB
Image
General
Full URL
https://c.123g.us/images/balloons/green-balloon.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/animation/balloons.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
91350e85de8a73c5d958c415545987bc2d90fa8ed608fc0ab45edbffcca3ea57

Request headers

Referer
https://c.123g.us/css/animation/balloons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 30 Jul 2021 21:15:12 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
2044436
ETag
"1ad15-4486-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17542
jake_test
Test_Pass
pink-balloon.png
c.123g.us/images/balloons/
20 KB
20 KB
Image
General
Full URL
https://c.123g.us/images/balloons/pink-balloon.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/animation/balloons.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
df45cfb8e55a1ca5e110a9a9b8eafd1d8af537856519bcefc4716186dcf71b3d

Request headers

Referer
https://c.123g.us/css/animation/balloons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Tue, 10 Aug 2021 15:03:02 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
1116366
ETag
"1ad0b-4ed1-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20177
jake_test
Test_Pass
347860_th.gif
i.123g.us/c/eaug_nationaldog_day/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_nationaldog_day/th/347860_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
725357795d74005e827803e1496c876dffbb0f96928f8837eaf6db2284f91b5c

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 20 Aug 2021 20:16:55 GMT
Last-Modified
Fri, 20 Aug 2021 13:05:36 GMT
Server
Apache/2.2.15 (CentOS)
Age
233533
ETag
"1dd1-5c9fd52c36800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7633
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:06:21 GMT
335137_th.gif
i.123g.us/c/esep_teddybearday/th/
7 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_teddybearday/th/335137_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0f4ff39f3cc273f4e0fdf99345ed383fe4fd212b1622cc08e325c59885591935

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 01 Aug 2021 13:46:34 GMT
Last-Modified
Wed, 08 Aug 2018 11:33:33 GMT
Server
Apache/2.2.15 (CentOS)
Age
1898554
ETag
"1d45-572eae1659d40"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7493
jake_test
Test_Pass
Expires
Wed, 04 Aug 2021 20:19:42 GMT
103835_th.gif
i.123g.us/c/eaug_justbecauseday/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_justbecauseday/th/103835_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f5b963dcb1a64bed590c4f8f7566bb9cef96d23199f0122e0f174003325cead3

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 21 Aug 2021 19:57:10 GMT
Last-Modified
Wed, 05 Aug 2015 13:28:26 GMT
Server
Apache/2.2.15 (CentOS)
Age
148318
ETag
"113e-51c9060a75280"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4414
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 00:46:27 GMT
330575_th.jpg
i.123g.us/c/esep_teddybearday/th/
4 KB
4 KB
Image
General
Full URL
https://i.123g.us/c/esep_teddybearday/th/330575_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
72ab9d3d6e9dfa553ef2f8d32ed0e0d1d0d5ae732f96d23949edd896c3749c6b

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 15:40:54 GMT
Last-Modified
Thu, 07 Sep 2017 14:02:27 GMT
Server
Apache/2.2.15 (CentOS)
Age
595694
ETag
"f48-55899e91102c0"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3912
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 13:05:44 GMT
105860_th.gif
i.123g.us/c/esep_laborday_happy/th/
7 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/esep_laborday_happy/th/105860_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f38f2ad6a134d1148f9d271c315e4c6750fe98738015124a481df8c349496e60

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 14 Aug 2021 05:01:38 GMT
Last-Modified
Mon, 24 Feb 2014 09:49:53 GMT
Server
Apache/2.2.15 (CentOS)
Age
806850
ETag
"1bea-4f323e4b03240"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7146
jake_test
Test_Pass
Expires
Wed, 18 Aug 2021 03:12:14 GMT
112976_th.gif
i.123g.us/c/thank_birthday/th/
4 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/thank_birthday/th/112976_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
74b978d6e5a78f78b0ccecf1047d6d8c6aa875e7257b1c192b7bb2b7d35ffaf7

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 22 Aug 2021 09:47:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:47:37 GMT
Server
Footprint Distributor V6.1.1162
Age
98473
ETag
"10a4-4f323dc950040"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4260
jake_test
Test_Pass
Expires
Sun, 22 Aug 2021 10:02:55 GMT
115126_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
5 KB
5 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/115126_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Footprint Distributor V6.1.1162 /
Resource Hash
1db4192beb02ec6f72c44ef42854726d6cd6164b0b0dee15ea98d3f1eccd2594

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 23 Aug 2021 10:21:55 GMT
Last-Modified
Mon, 24 Feb 2014 09:46:08 GMT
Server
Footprint Distributor V6.1.1162
Age
10033
ETag
"1350-4f323d746f800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4944
jake_test
Test_Pass
Expires
Mon, 23 Aug 2021 10:36:55 GMT
117465_th.gif
i.123g.us/c/birth_happybirthday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/birth_happybirthday/th/117465_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f8933d7e94d9053a4c1db518764463d73286b3d15cc9db469652bd37c8751f1

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 09 Aug 2021 13:23:07 GMT
Last-Modified
Mon, 24 Feb 2014 09:36:32 GMT
Server
Apache/2.2.15 (CentOS)
Age
1208761
ETag
"1e9f-4f323b4f1e800"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7839
jake_test
Test_Pass
Expires
Mon, 16 Aug 2021 10:01:01 GMT
330332_th.gif
i.123g.us/c/eaug_hugsweetheartday/th/
6 KB
7 KB
Image
General
Full URL
https://i.123g.us/c/eaug_hugsweetheartday/th/330332_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e042d45d87c9a3577e985db0797bda2d38c2212da0529217052bb5f1a8abf4a8

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 31 Jul 2021 05:44:41 GMT
Last-Modified
Mon, 21 Aug 2017 13:34:23 GMT
Server
Apache/2.2.15 (CentOS)
Age
2013867
ETag
"19ff-557438963d5c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6655
jake_test
Test_Pass
Expires
Sat, 31 Jul 2021 05:59:41 GMT
343868_th.gif
i.123g.us/c/thank_everyday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/thank_everyday/th/343868_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1db78caab4487db707ddf2dfa5a49c7c3be19ce73ac5a67e56d62a8cefe55c19

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sat, 07 Aug 2021 08:52:52 GMT
Last-Modified
Wed, 15 Jul 2020 09:02:46 GMT
Server
Apache/2.2.15 (CentOS)
Age
1397776
ETag
"1f5c-5aa772ff57980"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8028
jake_test
Test_Pass
Expires
Sat, 07 Aug 2021 09:07:52 GMT
120707_th.gif
i.123g.us/c/esep_laborday_happy/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_laborday_happy/th/120707_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
bbccf741c8b2ba240dd1b98332f008865d8de7fd346ffc5ac33e4dad085c8153

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 19 Aug 2021 20:39:40 GMT
Last-Modified
Tue, 20 Aug 2019 13:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
318568
ETag
"1fee-5908cc544e0c0"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8174
jake_test
Test_Pass
Expires
Fri, 20 Aug 2021 13:05:44 GMT
119236_th.gif
i.123g.us/c/eaug_justbecauseday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/eaug_justbecauseday/th/119236_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e2c395dde4dda4ad49030f2877bcbdcc5ac1c8b213e4da115536bdb204c23d27

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 06 Aug 2021 21:53:28 GMT
Last-Modified
Mon, 24 Feb 2014 09:37:12 GMT
Server
Apache/2.2.15 (CentOS)
Age
1437340
ETag
"1f8b-4f323b7544200"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8075
jake_test
Test_Pass
Expires
Sun, 15 Aug 2021 09:57:33 GMT
115377_th.gif
i.123g.us/c/esep_chocolateday/th/
8 KB
8 KB
Image
General
Full URL
https://i.123g.us/c/esep_chocolateday/th/115377_th.gif
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a55fad400471602940d5bfd7a08a149eb8a295f70d5f45107ba4fc4b90ff84ea

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 17:34:40 GMT
Last-Modified
Mon, 24 Feb 2014 09:41:02 GMT
Server
Apache/2.2.15 (CentOS)
Age
2403268
ETag
"1fb1-4f323c509c780"
Content-Type
image/gif
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8113
jake_test
Test_Pass
Expires
Wed, 11 Aug 2021 04:37:42 GMT
318520_th.jpg
i.123g.us/c/eaug_nationaldog_day/th/
6 KB
6 KB
Image
General
Full URL
https://i.123g.us/c/eaug_nationaldog_day/th/318520_th.jpg
Requested by
Host: c.123g.us
URL: https://c.123g.us/js2/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
8.248.139.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ada32021a43ce541eedf0c9badd13431e9a9ec5fd91e00c6a87266cb35f20b63

Request headers

Referer
https://www.123greetings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Wed, 28 Jul 2021 12:18:52 GMT
Last-Modified
Thu, 03 Aug 2017 07:11:01 GMT
Server
Apache/2.2.15 (CentOS)
Age
2249416
ETag
"1749-555d415386b40"
Content-Type
image/jpeg
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5961
jake_test
Test_Pass
Expires
Thu, 12 Aug 2021 15:41:09 GMT
lightgreen-balloon.png
c.123g.us/images/balloons/
0
0

skyblue-balloon.png
c.123g.us/images/balloons/
0
0

navy-balloon.png
c.123g.us/images/balloons/
0
0

orange-balloon.png
c.123g.us/images/balloons/
19 KB
19 KB
Image
General
Full URL
https://c.123g.us/images/balloons/orange-balloon.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/animation/balloons.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://c.123g.us/css/animation/balloons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 01 Aug 2021 00:56:05 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:43 GMT
Server
Apache/2.2.15 (CentOS)
Age
1944783
ETag
"4a75-5999556715cc0"
Content-Type
image/png
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19061
jake_test
Test_Pass
Expires
Sun, 01 Aug 2021 01:11:06 GMT
purple-balloon.png
c.123g.us/images/balloons/
19 KB
0
Image
General
Full URL
https://c.123g.us/images/balloons/purple-balloon.png
Requested by
Host: c.123g.us
URL: https://c.123g.us/css/animation/balloons.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.27.233.252 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://c.123g.us/css/animation/balloons.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 16 Aug 2021 09:16:54 GMT
Last-Modified
Fri, 13 Dec 2019 12:52:11 GMT
Server
Apache/2.2.15 (CentOS)
Age
618734
ETag
"1ad0d-4dd7-59995548914c0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19927
jake_test
Test_Pass

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjGNsT5j0TRonaRNxPgmAjs4hlUF5PKYblg5PR4sy0KdVcGVB-ifC2F9h5noomVFAdYY9H1d3iNqCccFSgQKXFsqEuWvM7XTP1olzCudfIV0rJ-iW0&sig=Cg0ArKJSzEueuA4QyoZ-EAE&id=lidartos&mcvt=11137&p=535,495,785,795&mtos=11137,11137,11137,11137,11137&tos=11137,0,0,0,0&v=20210820&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3714999025&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosc=1&eosm=0&rst=1629724133461&rpt=708&isd=0&msd=0&esd=0&r=u&ec=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrqt1NcyeQMa5P1E2EL8dA4gZV0pRm4m_PzbDS1FCJxmebOrChu2BroeXqNBTS2ruvXZddQKsFOf7HakS1MyxvwuxjX8Pr0vX1JzV4BCKS49YSk3J0FZ-vGHvNXw&sai=AMfl-YRTFjWfbErGMljq3liTg2tKbfb8ays59mDGicPX0BNCEp3bN-WITCjaqsCoOxujW3xOyMhWfelM_ZjJ&sig=Cg0ArKJSzIWK7lBTLYAAEAE&id=lidartos&mcvt=11140&p=0,0,250,300&mtos=11140,11140,11140,11140,11140&tos=11140,0,0,0,0&v=20210820&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2557105816&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosc=1&eosm=0&rst=1629724134553&dlt=318&rpt=857&isd=0&r=u&ec=0
Domain
c.123g.us
URL
https://c.123g.us/images/balloons/lightgreen-balloon.png
Domain
c.123g.us
URL
https://c.123g.us/images/balloons/skyblue-balloon.png
Domain
c.123g.us
URL
https://c.123g.us/images/balloons/navy-balloon.png

Verdicts & Comments Add Verdict or Comment

507 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| swfobject number| showmore_time number| showmore_time1 object| pos_arr number| start_x string| user_server_IP object| aImages string| base_url string| base_url_new string| loginpop_url boolean| tellafrnd_flag string| cardcustommusic object| extraopts string| studio_mus string| logged_in_id string| logged_in_email string| logged_in_name function| checkEmail_site function| setCookie function| getCookie function| setSessCokieNew function| getSessCokieNew function| getCardType function| isIE function| detectIE object| googletag function| NewDFPADCode function| PreRollAd function| embed_flash function| load_json function| loadTopNav function| showMore function| closeMore function| clearCloseMore function| showMore1 function| closeMore1 function| clearCloseMore1 object| CardRating function| showViews function| showSent object| CardRelevency object| CardTags function| Tab123 function| blankOnFocus number| nl_timer object| nl_vars function| nl_email_validate function| nl_setTypo function| preload function| addthis_click function| showSearchTagClouds_New function| showSearchTagClouds function| showCardsTagClouds function| showCardsTagClouds_new function| showYouTubeCard function| embedswf_swfobject function| show_embed function| makeCopy function| setCookie_new function| showPreview_new function| showQuickSend function| quick_send function| LoadMusic_New function| changeAudioMusic undefined| v_api undefined| a_api function| Load_Video_Card function| video_callback function| Remove_Video_Card function| Remove_Audio_Card function| changeMusic boolean| mopTipFlag boolean| openMopTip undefined| mopTipW undefined| mopTipH string| mopTipID object| mopTipFunc undefined| mopTipPin undefined| mopTipContent number| mopTipTime object| contact_arr object| contact_email_arr number| is_photocard function| showHideComments function| sendFeedback function| unescapeHtml function| get_evcal function| set_evcal function| setUserPref function| getUserPref function| setSessCokie function| getSessCokie function| addCommas function| selectMusic string| mus_vol function| PlayMusic function| StopMusic function| SetMusic function| GetMusic function| showcard_takeover function| shareFriends_init function| showFriendsAddr function| showLoginBar function| showLoginSignupPopup function| loadConfigData function| SetAsBookmark function| showHPCustomBlocks function| getUsrCountry function| loadCustomMusic_Studio function| LoadHeaderMenu function| socialMediaShowHide function| ShowMantle function| getCookieConsent function| showSpecialExitAd function| CheckAD_Blocker function| Show_Animation function| ShowSearchAutoCom function| getInternetExplorerVersion number| start_y number| startx number| starty string| scroller_html function| callOnPageLoad function| showBookmark function| clearCloseMore_new1 function| closeMore_new1 function| showMore_new1 function| clearCloseMore_new function| closeMore_new function| showMore_new function| showNavPanel function| showMoreCardsHP function| Tab123_New object| timer function| NLSubscribe function| HP_scroller function| QuickSendHP string| sort_op function| FAQ_validate function| showCardno function| showPaging function| showResults function| sortMembers function| printCard function| print_init function| FCP_Sender_Block function| showThankBlock function| showThankBlock_Popup function| showSendAnotherCard function| showSendAnotherCard_Popup function| DoAfterVideo function| buildFullFCP function| ShowFCPThankCard function| ThumbCarousel function| buildThankPage function| Track_Thank_Scroller function| Thank_Scroller function| Show_Thumbs function| Show_Icons function| showFCPQuickSend function| showFCPQuickSend_New function| getPlugins function| v function| w function| smus function| tmus function| play function| LoadMusic function| LoadMultipleMusic object| a object| b object| c object| d object| f object| g object| h number| player string| defaultmus string| agt boolean| ie boolean| win object| mt string| nse string| p string| n object| email_uid function| showBoxContent function| getHappyBirthdaySubCat function| getAnniversarySubCatNew function| getHappyBirthdaySubCatNew function| showCardData function| showPreviewCardData function| showFbUserData function| checkDate function| fillDay function| fillMonth function| fillYear function| fillFullDay function| fillFullMonth function| getStatusCodes function| Show_Contact function| Add_Contact function| Edit_Contact function| Delete_Contact function| Import_Contact function| Do_Signup function| Do_Login function| Do_Logout function| Do_ForgotPwd function| Check_Login function| Validate_Login function| SetTypoVal function| Validate_Signup function| Validate_Newpwd object| allcontacts_arr object| allfriends_arr object| allpendingfrnd object| allmutualfriends object| all_imcontacts object| all_friendsactivity object| all_myactivity object| all_artists object| connect_data function| Show_Allcontacts function| Show_Allfriends function| Show_Pending_Frnd function| Show_MyFriends function| Show_MutualFriends function| Show_MyActivity_New function| Show_FriendsActivity_New function| Add_NewContact function| Edit_NewContact function| Edit_RemiderContact function| Delete_NewContact function| Delete_ContactNew function| Pending_FrndReq function| Pending_FrndReq1 function| Get_MutualFrnd function| Confirm_Email function| Confirm_Email_MyPage function| ChangePic function| ChangePicMyPage function| ImportContact object| filterArr function| Filter_Contact object| all_birthdays function| Show_Birthdays function| getFullDate object| all_reminders function| ShowReminder function| ShowReminderPrint function| SaveBdayReminder function| SaveAnnivReminder function| getSelectionText function| selectElementText function| copySelectionText function| AddtoSendCard object| eventids object| allevents_arr object| addevents_ids object| delevents_ids object| delidsarr boolean| isMyEventsCalled function| events_init function| events_init_mypage function| getMyEvents function| Show_MyEvents function| Filter_Event function| Add_Event function| Delete_Event function| SaveEventReminder function| Show_Artists function| Delete_Artist function| Follow_Artist function| Follow_Artist_Mypage function| Show_FollowArtist function| ChangeTemplate function| SetPreview function| ShowFriendList function| AddFriendManually function| fillTime function| fillHours function| fillMinutes function| SetHiddenVars function| AddCalendar function| ShowInviteeInfo function| DeleteInvite function| SetJoiningOpt function| SaveRespond function| SaveInvite function| Validate_AcctSettings function| Validate_AcctSettings_MyPage function| AddNewFamilyMemberRow function| Validate_FamilyMember_MyPage function| SetTypoValFamilyMemberMyPage function| Validate_MarriedFamilyMember_MyPage function| SetTypoValMarriedFamilyMemberMyPage function| AddNewFriend function| Validate_NewFriend_MyPage function| Validate_Event_Reminder function| Validate_ProfileSettings function| AddNewFamilyMemberRowSettings function| AddNewMarriedFamilyMemberRowSettings function| Validate_FamilyMember_SettingPage function| SetTypoValMarriedFamilyMemberSettingsPage function| Validate_AddReminder_Manually function| Add_New_Reminder function| Validate_Manual_Contact function| SetTypoValManualContact function| init_scheduled_card function| Validate_AddReminder_Logout function| Validate_AddReminder_Login function| Validate_AddFriendsReminder_Logout function| Validate_AddFriendsReminder_Login function| Validate_ChangeMindReminder_Logout function| scrollToAnchor function| dropDownMonthDayChanged object| track_dataarr_received function| callAjaxMyPage function| SaveNewPassword function| SaveBdaySettings function| SaveAnniversarySettings function| SaveEventSettings function| SaveFollowUpdatesSettings function| SavePrivacySettings function| SaveNewEmailAddress function| ResendEmailVerification function| RemoveSecondaryEmail function| UpdatePrimaryCommEmail function| SaveFBConnectSettings function| Do_Blockuser function| Show_Paging function| Show_Paging_New function| DoExtra function| ConnectBlocks_in123g function| CallPlugin_api function| connect_blocks function| Show_ImportfrmCookie function| Show_EmptyAddrBook function| Show_PendingFrndReq function| TimestamptoDays function| showDateTxt function| Show_Thank_DeliveryDtl function| showContactsInvites object| bubble_data function| getServPath function| getCrossDomainMsgPost function| showNotificationCounts function| connectNotification_init object| sendCardData object| recvCardData undefined| sendCardDataCount undefined| recvCardDataCount function| showRecvdCards function| showSntCards function| showMyecardsSuggessions function| showUpBdays function| showBdayReminder function| showUpEvents function| showEventReminder function| showSuggessions function| ShowEventsCards function| connectWithFacebook function| LinkAuthed function| DelinkFB function| InviteFrnd function| InviteFB_Friends object| jQuery182008174362550214931 object| card_contents string| affId string| cardId string| user_card_no string| cat_q1 string| sub_cat_q1 string| receiver_email_enc object| isPhotoCard boolean| pdf_highlight object| qs_params string| q1_thank number| left object| others_cards string| is_sender object| animation function| unblockCallFunc object| adsbygoogle object| FB function| publish function| publish_pint function| getpdf function| addCalendar string| site_rtn_overlay function| gtag object| dataLayer object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga object| config_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| c2 number| c1 object| card_details boolean| isopen boolean| flag object| boxFunc object| top_menu object| tagclouds_cards function| loadQ1Json object| list object| details object| more object| generated_time object| cards object| q1_dtl object| music_dtl number| int_more_cards object| avntsWebpackJsonp number| avnts_player object| GoogleGcLKhOms function| avPlayer object| storageAni object| closure_lm_902747 object| closure_lm_717976 object| closure_lm_9015 object| closure_lm_500732 function| getRndInteger function| animations_preload function| PlayAnamations function| showBalloons function| showBalloons_mobile function| showBalloons_preview function| showSnowFlakes function| showSnowFlakes_mobile function| showSnowFlakes_preview function| showFireworks function| showFireworks_mobile function| showFireworks_preview function| showHearts function| showHearts_mobile function| showHearts_preview

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

59e2045d79da705643c99e35fc7da487.safeframe.googlesyndication.com
ads.adaptv.advertising.com
adservice.google.com
adservice.google.de
assets.pinterest.com
avm.avantisvideo.com
biddr.brealtime.com
c.123g.us
cdn.avantisvideo.com
cdn1.avantisvideo.com
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
hb.emxdgt.com
htlb.casalemedia.com
i.123g.us
ib.adnxs.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
play.aniview.com
player.aniview.com
pm.w55c.net
pubads.g.doubleclick.net
px.owneriq.net
s.amazon-adsystem.com
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.avantisvideo.com
sync-tm.everesttech.net
sync.aniview.com
tpc.googlesyndication.com
track1.aniview.com
trkn.us
ups.analytics.yahoo.com
v.123g.us
www.123greetings.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.123g.us
c.123g.us
pagead2.googlesyndication.com
104.17.119.107
13.248.242.197
142.250.181.226
142.250.184.194
142.250.186.66
151.101.14.49
18.197.99.6
184.72.244.154
184.73.215.136
185.33.220.241
185.94.180.124
2.17.5.147
2.18.69.96
209.54.177.54
2600:9000:2156:4600:1c:38a0:8a40:93a1
2600:9000:2190:0:8:9ed9:9c40:93a1
2600:9000:2190:c00:3:748e:7940:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2004
2a00:1450:4001:810::200a
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a02:26f0:6c00:28a::2c79
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1f::84
3.120.211.246
3.123.143.157
3.126.56.137
35.156.230.193
37.252.172.37
44.194.158.136
52.1.46.74
52.34.57.2
52.70.122.68
66.155.71.149
67.27.157.124
67.27.233.252
8.248.139.252
8.253.95.245
92.123.21.100
00d2454ee3db7d2a389c0e7cefd7a4b84c26a983af51e38fa9a7621c9be5f66c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
016c2c0accbbe81c1f60a0f1e04ef069a58be9c70dcf46cc2703906a8acf5325
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
0800bed438f39e8f6856cf1ba978cdea20c7a088caccb50ac1815dcf2d12becf
09fc93fe9786a55c5daf6c517a2e4d65d764e8f22985807737b9f64dcca28594
0ae485367eb0862700624f4b18563586fe0fd2ecd7abd1efb8a4896ead71fdd3
0b4e1a2aa6c65e59940239bbc7a2a6e9f39520ae4746415b5314483b89ec359a
0e99486cc20c5d59fe2389b3059e7e4512f43cb18d372455226f542a2dc94c93
0f4ff39f3cc273f4e0fdf99345ed383fe4fd212b1622cc08e325c59885591935
0fbe8ac90edf1af5508d89417ab916da0892806ca5259c435ef897160dca6daa
10bda34b2a767f9313bab5797a0a7733d0366cbece27caf11860de930fdc180c
1121d7f8fb131bce05cbaf9b75a1272f9fbed57a53cd239d2fe91ece63ed9424
11f89c7c24445c87cd794ad7f76d96ec1a5748d3cde2c4bab7a5bc4e7bad78cd
12ba93c7b0114439929f7ac0efcdc60e6eee9da57a2fe6ce68bb969f00f4a54e
14fcad34fa7927180b82c153fb04f34d6ad117f259ca35df5c86776092876bb8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1c831783877cf0dfece90797ae797427d74cfe9a280b4475248de3decc86a1e7
1db4192beb02ec6f72c44ef42854726d6cd6164b0b0dee15ea98d3f1eccd2594
1db78caab4487db707ddf2dfa5a49c7c3be19ce73ac5a67e56d62a8cefe55c19
1e0fd336c5f4de6d70af82e28401ac82f47bd3654ee18ab6e7590c3a6f0049ff
1e66c06ab180f7bf3da83626313d8c1b45efa2ddd191b430ffec9993a3f9675f
2088e223a122cec51041f526f56d242ffd07f16a4bd7f66e794d0a788bfa9e0e
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
22020831ba75cba9f00729e784de02c83810e7ce2176f8db3ce7b0649b80c063
242168124aa6af25c61ab950efad75ae538bb25aa8e570655cb1ec34fcae02fd
2428394929a2616c09cb6ae140d8dbe70642a77ca330f7e3251d2c6e05ec1461
24c155117b7ea2b45a2c874ad3ea071d1d462efb1fb65cf34c3775e6c8ad5331
250244c507692fcec1d3aa02ed3877780f22c5148cc175e5ec827a50b662a865
25a3bd032da353d8b8fc7d6307a434172a21e5cf3d86c859a23d1bd3a2db4693
273ffa22a05d17350adcecc0f89ba86f151558f2e6fa66ffb53b624bd6eddc07
2a5b1ca669678ad7bec1dc63ae558f6a93aad04528279aa86dee423c336680ac
2ea99be57a06cc6cf83a0f92d7fc768b06c3011876bf147711412bfc554dc67b
2ffeb0a68cecd94b58a1962f335b04d6d148882ecc74b3eb49a569e5c8c28eba
308dd37e982a2e24c752052672611ada0af5ce069f6b15c749489fe701d09a2f
3639aad147940edb1227605e15cd4d2a3836c4854785c54cf67f2de327097415
36de27231aea4e9c0598de167550524827d2380083d1d9917f58385c580c54a9
386e9c19b83e428bfc738f35b7ae65118eb778ba6c153e32b97919a6b8c4aa81
3fac6fcea268523d827b4512f268a9bb1df0479b8a4603d118c9e4df7489a038
3fba73faf0d6b800414f6469ca6bb213608629b56cc967f3c1f917f9b42a16ba
40ef8e657d759f1c799a2381bafeb8fa5c64f364992f22448f82772cbf05faa4
416c66b64adf83bfdfcdd37b98c3d88ae15cc77370bd0f7b5edcc3e5b480e641
42f9e1454594114ac69809f4d5e48510936150a2384c892228e8685a468bdc82
46e77f0a98afc9173873a17e8143037c3abd60e59db20c9072b1d8cc23caf7ea
49034d09c3bb28b7d89df2e9ca7173a8d2e1e2adf149d04f94baa16c986db701
498fbee887511ae8ddbbe0c42d784bae3c4ad66ee6603e4a71d85a6aa8c65d21
4bfdedaaa161864ace3e83b7aabdd68f375844db244d4ca79f31ab5db2a685dc
4f8933d7e94d9053a4c1db518764463d73286b3d15cc9db469652bd37c8751f1
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5010abc38d335ee8205f1ebf7d7c29fbc266076903263054feb2a070a16a4633
50c97192f054b13ed760fc3034541d6c4319358f8a9f1a53d051995b613a8f05
529c68f2c05d1b0f201eb43556d98c01fbc3f58a4c896cc82f229d58333b2e96
53bf6b31410588fc6d33861734be464a8156b3f9455dbbe5f8619d77421e3299
55c1913ad5d39835049e68ba8fcb5b1e09e60c379873051dc3824d1c553a8a8c
55ea373ef58bd2a711a78b32290441199f4c145286f23b8b5876b27f579bf6a8
565e9c88cdd8e817ccb861163867e1fb772a410c96245b3ef00a11ef910935d9
5680cb5e6c2f3c97f9d29ff0bb3c9ba1319a940e4053878f5bf812701551074e
597590f68c3c16a93a177199ac174d31151732cceb80dbba54d9445027901f55
5bad0c836739481ec8e188a5123fd4bf0a48403f452942732f25034d1c85cdac
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5efd5b56288920905e7fa8f41db051e3d0560715c1fee4dbacfe0d3ee250bd39
602645e9e1cc8f6b4c55133f84eb5d77ece53c91b6b46fce6d1f8e47a86a0a0b
6328eb0364e2cf7b87130ea869d659e72bed69f8df31fe99bec423f37e6f1a8e
6450ffe1ef235af9478c5d116bd0d3a8f99f0f238f39608e7dabafbc62127b55
66f531760dc702e07e9c0457278ec8d5dfa25466a2b8db029e051cf956895d63
69303f97bf43e5d9fd7a0c8e6b5f4b49de4466684c7e2b8e2108de98e5c98483
695bdb1852f894d821f50b60a7df38d0264d47b0cc4a7c99040d2a8e6ed7997b
6972bda47773785bdd8ad0666be5781e7d6e6eb5b05ccf07e5097f9a5d3a5698
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d5a1805248cc27514993c66668a475e9c0f86a2b634d77139d1b130668d6ad8
6d9f881bced29824538dfc0f6b098f5410580c1851176fa169cae6da114ebef4
6f628a9fca92eaadb33c8662a0ce39324b6c198e7f7af90bdfac307cecb79603
725357795d74005e827803e1496c876dffbb0f96928f8837eaf6db2284f91b5c
72ab9d3d6e9dfa553ef2f8d32ed0e0d1d0d5ae732f96d23949edd896c3749c6b
730bc75426e65dcad3195f292c84ed448433b250d9f5101cbb59c92f8a294946
74b978d6e5a78f78b0ccecf1047d6d8c6aa875e7257b1c192b7bb2b7d35ffaf7
755725260e477cad09022e749cd40fb90bc38838ef13517b718933acf01b0bfe
7a2478978968eefdc87127bfe6619a9de514b2ccb89b2a95824a53e6bea1f9cf
7cbc6b3b892ef40aa06c3a87b2d40688662db348be7623e6bffd50db8ad0150c
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
80ebd3a754ff9556e65230e934a5d57246f12166e157e654ed6e514978cf4a0f
845cd680a96aedb37993839de4717f3b5e26dba2fd854cbed9b6fb12987ce522
8528e6f56a5fbfa15ce727fee044cc8cb3f859689aa35a43691819981fc73cbb
86004aba5435fd4a14892a5f47e53a870f8e8b815b33737be419bee2bef6080e
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
89b03d4a2f2ca3d04df1fda63a5247ef31cea689a0ca553e353122ab3d22b646
89c945017c3159fc9e65f930a9852bfb0e8a09d65472c4f8717c8d194c4c74df
8a4a4dfac1d187a4eeaf1f9d90fae93ab7d76f1ff885b43ef1edab642f4a5c9a
8a5d9ce4bec12be00c877fc48c5fa374de33216c66166a4319079be9e57afca5
8ae9e0a8e36e038b20339b8f1000d4bfe805e226eb5138ab00a5e0802d693fc8
8b909b0ca962aaa8e304102c11c95a5902b6250dbb270625e822bea12330f9a4
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea7f2f636150833a991bc985fbb219d85e6ed4d13cb2edffe425931352bc897
90d466809fe0a7684d6d072c0486b13f168fb61cc1312023e7d28afe686fd905
9107cbfb613c2a822dd1deea38560a39dc36ba8a19dec6fe296dc4887a574e49
91350e85de8a73c5d958c415545987bc2d90fa8ed608fc0ab45edbffcca3ea57
91619da50e9566f5e5c50bcf7c89722f430898688cb76674bdee4466a4878d40
940d55f419c328ba45d8a3a4a669eddf2cf116e87c712e3d06d5fd467304dc0a
95b879f5df030c129a806754f583d82932a231605e37278a98c9b2e6de1824b6
969cfdee4bd0977fdc16895cc9f97e342e7f722518333f2145a0ea47f8662944
96bfab476c88152624085aaac2c913878ce5b17d6fb34f96f803917954db4daa
9992e8b958b7af69be8efbd5bcf4b6f778ce412a3ed7f49160be144f692c8926
9ec7a2c23d14eb76c0f5bac272f9a01b2a70c489a9908efdd3e3355b2d9da0d6
a0107f3b429a748b372ac903335db91b368ca71ca33db04d8f1bf4d4027e9eeb
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a17f6c5dc08fbfe625a54b8c0c8906367b1e0c4aefd4761fc0e53b047f863cda
a20b17332d1941584584ea53a67a1068f59aa9890688330be27a843b117b6969
a39db460764f4b7faf2513f5dad3897f2f293777109b9d76f620294866db7a07
a46c24006508edf5245275cd1ac673d022d2a5da0d94c041d248c2f7562957de
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55fad400471602940d5bfd7a08a149eb8a295f70d5f45107ba4fc4b90ff84ea
a56942dfaa7ac1d7c5cab0b8aaa5ceeb711c8be5c2a4d0db4622cdddce94b13a
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a88c2dda67fb3fcc0a4d28cd3bf815d90946f0545f1c98b96e8d909abf6702a7
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
abfaa28e509b104c2edc0bd048809340d5e006ec872e1966baff8383ff8a0e22
ada19e5da8432a3b86e69fa73501a29d35350876f4d495519c6e34962aa6420a
ada32021a43ce541eedf0c9badd13431e9a9ec5fd91e00c6a87266cb35f20b63
ae36a06a38cf0dc7ff3f85990fc45bd5983fda8517494345df59733bf20e2f08
ae83112ffd3b9df051f6617b4207ac9c9a782466ecf70196dbdff09efb4da5a1
ae8a1c5bd4880208b2b23bed7772451aa04ae773c3b3d299bb04ee1411d85848
b1254df573d769a6c40d4a8a8649832a9f5494c28ec4c1c9ec48df9013940e1d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3a469ecf40c321ba7f007e80a52f75dc8355966061a1866cd0b464d1edbcee8
b6c786dd27c273ef3d6ea242ecb8b7717de0f68e44bcebf6e606b3597162cc86
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7fa2ddd090d2a9539192c0d37a35999ec91e51d6b212ce5f86c62d525964b01
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbccf741c8b2ba240dd1b98332f008865d8de7fd346ffc5ac33e4dad085c8153
be6e4de2baf2d2b675b731818b218af006f0aa281d7cb7bbe2292fc6e064b795
be8e3fb00d98e93afe954eb362d24a5d80537eb55c896bba9734e5771b6b34b3
c152998f0ae61102cd5a0d40734a89c4513404192f3dcfe31100dd2b53b0056d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c306801776acd85fdfdd30e8cab17cb470d4189decbbcf642c642ba9649bdf1d
c3d320f084f555026f4eda84a827311676374aa1ea917e3850824d15dd3aa04f
c40c9c0117af4abd3ab87c81eb1725c442ec682095d29cc8bc2206e3e5ac1c23
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c7f7f9b809a015f11eea30004de11bf64730e7b5cd7e05115238a02ee0d5ffbb
c8aba5a821df184d25014d3dda38619d690d340b154bb2d7725187e074c3c542
cafd612ebd6bc497a7a05d3dfef133a0b793f1e04e277b31c424d6d8892a1d48
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccbc24cafcee7f8999fa903cd1ccb2eb34c92e9dbc693937d4c178800e86f659
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2d2846040ce0726ba6ace389110fad3b2c7f1cc23caf00adc4f8a016892ad57
d300b762d8d56a7f5e4e4143e64510cab36eb5a990e525ba2a2f287f2fb273e8
d311f758e6105f399e6418ab39da57fa549eaf00c06a490e60bac66bb367b48d
d4fd70934ff0f5ee1d0532a77b78824aa035865292c57d5f86baf08694cd03cc
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d81386cb76a2f803a6a7674bab45293bde918693a683a583ccd20f85619df9ef
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
d9b4d9cdafdd2ede5d8a810b99f8f970870f2670e9e8011e1290ade700e33ef4
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dd610ceb9cdd0e2af0ce31dfeba06660f62f31d7250ea93adb0be0399ae4aeb3
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
df45cfb8e55a1ca5e110a9a9b8eafd1d8af537856519bcefc4716186dcf71b3d
e042d45d87c9a3577e985db0797bda2d38c2212da0529217052bb5f1a8abf4a8
e1fdbdcba1848c280a2b22badce5f60cd7d249369aa21230cfd1d7178ac4291c
e2c395dde4dda4ad49030f2877bcbdcc5ac1c8b213e4da115536bdb204c23d27
e311967bd2169b557358661ddc594137207a274ada1aa5060fc63165063286ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50923eeab2fab42aabd0b1dd0295ed74f9bf5eec3f91bdcb4b36316a40860bc
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e6843b1295a9f1f35b1f085aff3fe2f9121969f67aaedad7fc9a85c0488cba11
e91e7d4b434bf577e8f9f0fef4a45ab94c41fd0493ff9e760bcd398732f6fdc4
e9faa86097d4247b080565b7efddfca848c4bd5ba404d215fdcc235a9422a3bb
ed803b366eb23b6b07413dc766d262ccd1238c712acf3f80019b47e0c7b68209
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4bcc0e3e3ad9f45a206ca105d6fe43459678367c29b25ca13b84fd5e9dce4e
f0da630b841fa023fccc46750cfd2599ee2a6dac6c2778d0236cc8304f282c96
f1e39db75b34ff4da77fbb5d728ae7278c79ab84cd41553cbe757463d8a38796
f2964eaaa17b81ff911681e57089511c35c7ebbbb8cce98e8c64bad2de197149
f38f2ad6a134d1148f9d271c315e4c6750fe98738015124a481df8c349496e60
f48f1b088976f2de3bb46a5c5bc609160ef0a6f919109e08f784596b0a93b7d8
f4a28c182d37f562d958a1a223a8833208e6117fadc9507804db8ce55c38c953
f4a838063ed7125e6c3372d6d0cf2a3e14b5a56731ff09b5b6dbc72ab9305172
f5b963dcb1a64bed590c4f8f7566bb9cef96d23199f0122e0f174003325cead3
f5cd004f08957fc15219255834962ebb30583cf2a7111d377e720401171047f5
fa8823759eda94746d46078d38282bba21e854d65bc052ed7476bef309bebb9f
fe36b7009115550cdeb81ea112eebe3a124453434f8cccff83e62732548c40a3
fe46df2fe23d98fe0830cb336a3e44c5e82efd2d76edb6b93d7738dddbb927f9