www.wondergreetings.com Open in urlscan Pro
204.93.161.19 Public Scan

URL:
http://www.wondergreetings.com/
Submission: On April 23 via api (April 23rd 2021, 11:02:47 am UTC) from BE

Summary HTTP 94 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 24 domains to perform 94 HTTP transactions. The main IP is 204.93.161.19, located in United States and belongs to SERVERCENTRAL, US. The main domain is www.wondergreetings.com.

This is the only time www.wondergreetings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 27	204.93.161.19 204.93.161.19	23352 (SERVERCEN...) (SERVERCENTRAL)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:202... 2600:9000:2021:3800:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:303... 2606:4700:3035::6815:4bac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:202... 2600:9000:2021:4200:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:f600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	3.122.26.231 3.122.26.231	16509 (AMAZON-02) (AMAZON-02)
2 3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1 1	54.93.142.164 54.93.142.164	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3	16509 (AMAZON-02) (AMAZON-02)
94	26

27 204.93.161.19 (United States) 4 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ecards.correomagico.com

www.wondergreetings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.correomagico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2021:3800:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:4bac (United States)

ASN13335 (CLOUDFLARENET, US)

img.mailinblue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1460 (United States)

ASN41041 (VCLK-EU-SE, US)

direct.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (United States)

ASN41041 (VCLK-EU-SE, US)

cookie.sync.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2021:4200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:f600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.26.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-26-231.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.142.164 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-142-164.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	335 KB
17	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	58 KB
17	wondergreetings.com www.wondergreetings.com	316 KB
10	correomagico.com 4 redirects www.correomagico.com	18 KB
7	gstatic.com fonts.gstatic.com	220 KB
5	google.com 2 redirects adservice.google.com www.google.com	1004 B
3	googletagservices.com www.googletagservices.com	98 KB
3	google.de adservice.google.de www.google.de	1 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	33 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	762 B
2	google-analytics.com www.google-analytics.com	19 KB
2	dotomi.com direct.ad.cpe.dotomi.com cookie.sync.ad.cpe.dotomi.com	167 B
1	innovid.com ag.innovid.com	295 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	agkn.com 1 redirects d.agkn.com	761 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	647 B
1	consensu.org c.sharethis.mgr.consensu.org	1 KB
1	mailinblue.com img.mailinblue.com	4 KB
1	fastclick.net secure.cdn.fastclick.net	4 KB
1	googletagmanager.com www.googletagmanager.com	35 KB
94	24

	Domain	Requested by
17	www.wondergreetings.com	www.wondergreetings.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	www.correomagico.com	4 redirects www.wondergreetings.com
9	pagead2.googlesyndication.com	www.wondergreetings.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	fonts.gstatic.com	fonts.googleapis.com
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	www.google.com	2 redirects www.wondergreetings.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	fonts.googleapis.com	www.wondergreetings.com googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.google.de	www.wondergreetings.com
1	l.sharethis.com	platform-api.sharethis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	cookie.sync.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	direct.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	img.mailinblue.com	www.wondergreetings.com
1	secure.cdn.fastclick.net	www.wondergreetings.com
1	platform-api.sharethis.com	www.wondergreetings.com
1	www.googletagmanager.com	www.wondergreetings.com
94	32

This site contains links to these domains. Also see Links.

Domain
instagram.com
www.facebook.com
pinterest.com
www.twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2021-03-11` - `2022-03-15`	a year	crt.sh
www.correomagico.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-13` - `2021-07-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 12 frames:

Primary Page: http://www.wondergreetings.com/
Frame ID: 58FE3CD24CDFCFDF170C0A7823D2C311
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html
Frame ID: E01C821EBE37DA91F1504B39735B76BE
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 6B24FD51FB4C9EACF41607BC97FF21B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&adk=1812271804&adf=3025194257&lmt=1619175748&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wondergreetings.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1619175747877&bpp=19&bdt=338&idt=255&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5556675401309&frm=20&pv=2&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&dtd=282
Frame ID: C067BF4032B2AA69635389598AE2D562
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=284&slotname=5974378618&adk=102645600&adf=869763061&pi=t.ma~as.5974378618&w=1200&lmt=1619175748&rafmt=11&psa=0&format=1200x284&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&wgl=1&dt=1619175747955&bpp=6&bdt=416&idt=222&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oeylxwInfo&p=http%3A//www.wondergreetings.com&dtd=255
Frame ID: AB6241C925ABAC88FD11ED7354EAECDA
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=90&adk=1295442208&adf=2597918638&pi=t.aa~a.1495003939~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619175748&rafmt=1&to=qs&pwprc=5340667952&psa=0&format=1200x90&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1619175748368&bpp=2&bdt=829&idt=2&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a93050506993722-222a5665a3a70087%3AT%3D1619175748%3ART%3D1619175748%3AS%3DALNI_MZ08p-q7JZ-ZPxd4MJ9KPG7wf8VLg&prev_fmts=0x0%2C1200x284&nras=2&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SMb9ACnJ2z&p=http%3A//www.wondergreetings.com&dtd=33
Frame ID: EF927CBDE88A01534432BAE871F16B69
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0A092C2A56F5F64D0CF4FDE96BC4A2E3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: C67D80BD3A007AABAEE5D084B556DDF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: FC9B1EA3F8D68B5B9763A418B59F193E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DD381CF0F7127D80135F5F6108823E63
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js
Frame ID: A6D812CCD648146EEA67771DFFEA9A46
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: F195A04681E3418EFC755C922EC03FAB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

94
Requests

82 %
HTTPS

67 %
IPv6

24
Domains

32
Subdomains

26
IPs

4
Countries

1147 kB
Transfer

1951 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/correomagico

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CorreoMagico-Oficial-109402274276124

Search URL Search Domain Scan URL

URL: https://pinterest.com/correomagico

Search URL Search Domain Scan URL

URL: https://www.twitter.com/correomagico

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/correomagico

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

http://www.correomagico.com/imagenes/iconos/redes/rnb_ico_ig.png HTTP 301
https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_ig.png

Request Chain 25

http://www.correomagico.com/imagenes/iconos/redes/rnb_ico_pi.png HTTP 301
https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_pi.png

Request Chain 26

http://www.correomagico.com/imagenes/iconos/redes/rnb_ico_tw.png HTTP 301
https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_tw.png

Request Chain 27

http://www.correomagico.com/imagenes/iconos/redes/rnb_ico_yt.png HTTP 301
https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_yt.png

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 80

https://d.agkn.com/pixel/2175/?google_gid=CAESEHebwpQzGhdXYKmfWeom1CM&google_cver=1&google_push=AQvitUKnkiVsqYXgzl-hZEr7ltZyHcmUtnNMn-QBIjuSXdTI0-Fxg7sMtWSKzwYLiGuvpaGzlxWUiinWFkgWh406YQAj8SzYQQTs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKnkiVsqYXgzl-hZEr7ltZyHcmUtnNMn-QBIjuSXdTI0-Fxg7sMtWSKzwYLiGuvpaGzlxWUiinWFkgWh406YQAj8SzYQQTs&google_hm=Q0FFU0VIZWJ3cFF6R2hkWFlLbWZXZW9tMUNN

Request Chain 81

https://rtb.openx.net/sync/dds?google_gid=CAESENMH8rYWK8ir5s2wEM53Vgk&google_cver=1&google_push=AQvitUKrFLCLlh12k0HR4f0c8_kfyIYap9xmNjUD5kP4u9vMpoEmhVav9mG6HvDbXnkCDxKM_XltWCbrmIh9GLGIPMkXCwWW_RU1 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESENMH8rYWK8ir5s2wEM53Vgk&google_cver=1&google_push=AQvitUKrFLCLlh12k0HR4f0c8_kfyIYap9xmNjUD5kP4u9vMpoEmhVav9mG6HvDbXnkCDxKM_XltWCbrmIh9GLGIPMkXCwWW_RU1&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKrFLCLlh12k0HR4f0c8_kfyIYap9xmNjUD5kP4u9vMpoEmhVav9mG6HvDbXnkCDxKM_XltWCbrmIh9GLGIPMkXCwWW_RU1&google_hm=mq4qgCiMz1UL0O8vnx7loQ==

Request Chain 82

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJzQVDHUBTAj2-z-JD1FOZk&google_cver=1&google_push=AQvitULZcp2YZe0dfJ5lWLK_VmFkaLpAn4OXrXva7q1trAgbNd7FtfGa_1ClCdw6iRDqGGadGpwRhJEQr6bmgWcyTjZu_QandXpM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJzQVDHUBTAj2-z-JD1FOZk&google_cver=1&google_push=AQvitULZcp2YZe0dfJ5lWLK_VmFkaLpAn4OXrXva7q1trAgbNd7FtfGa_1ClCdw6iRDqGGadGpwRhJEQr6bmgWcyTjZu_QandXpM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PgKZTK_GTiqNwWzVQ-01cw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULZcp2YZe0dfJ5lWLK_VmFkaLpAn4OXrXva7q1trAgbNd7FtfGa_1ClCdw6iRDqGGadGpwRhJEQr6bmgWcyTjZu_QandXpM

Request Chain 83

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKVUC9StMiIrh4hypu1VW58&google_cver=1&google_push=AQvitULbm4D3RAFtRHmUSwYxTUS3XmTWpKW7xR6Ac9gP5slNq3MCgJbRCUj_rK7A_HOEfkIlftuF-x_Elx3wYiPMuv8alkPzoV0q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05VN0ZPOEotMVgtR0VCRA==&google_push=AQvitULbm4D3RAFtRHmUSwYxTUS3XmTWpKW7xR6Ac9gP5slNq3MCgJbRCUj_rK7A_HOEfkIlftuF-x_Elx3wYiPMuv8alkPzoV0q

Request Chain 84

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMm2B8AVofvu0pudbjlRp_w&google_cver=1&google_push=AQvitUK4yzdjmGPm2LxMEG-YlCokS1muMpTo0JnPFQ12wH8njAG1L9SNWylp5wSChTR6EhD9wImXNY4UCtFW5ZfRGtYb198dB7f5 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMm2B8AVofvu0pudbjlRp_w&google_cver=1&google_push=AQvitUK4yzdjmGPm2LxMEG-YlCokS1muMpTo0JnPFQ12wH8njAG1L9SNWylp5wSChTR6EhD9wImXNY4UCtFW5ZfRGtYb198dB7f5&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIKpRXS50XlS_316EW1M7AAABFMAAAAB&google_gid=CAESEMm2B8AVofvu0pudbjlRp_w&google_cver=1&google_push=AQvitUK4yzdjmGPm2LxMEG-YlCokS1muMpTo0JnPFQ12wH8njAG1L9SNWylp5wSChTR6EhD9wImXNY4UCtFW5ZfRGtYb198dB7f5

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

94 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.wondergreetings.com/ 67 KB
68 KB 538ms
414ms Document
text/html 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 284869c7498d2bc8d80187ad658ac53bc92b11d68c1bd80cd8854094d8665d20

Request headers

Host: www.wondergreetings.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/10.0
Set-Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE; path=/
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Content-Length: 69000

GET
H/1.1 200
OK global.css
www.wondergreetings.com/css/ 4 KB
4 KB 211ms
195ms Stylesheet
text/css 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://www.wondergreetings.com/css/global.css
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2521940f5117725652dc31841774c0ca07cc4dedfbd3c5845e3ce034c78e3710

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Thu, 22 Oct 2020 19:26:29 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "8020933da9a8d61:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3677

GET
H/1.1 200
OK pagination.css
www.wondergreetings.com/css/ 2 KB
2 KB 211ms
196ms Stylesheet
text/css 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: http://www.wondergreetings.com/css/pagination.css
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 665e8ca5ac8d49c55ff6a1a4501a9cf2a95e50e1ced9799fc5701390e762191b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Mon, 24 Sep 2018 11:25:54 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0db5bf953d41:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2167

GET
H2 200 css
fonts.googleapis.com/ 7 KB
732 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Requested by

Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9769961274520466f30da2f63030d5adbaaabfcdfba561471df48ec282d30ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 09:33:56 GMT
server: ESF
date: Fri, 23 Apr 2021 11:02:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Apr 2021 11:02:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 713 B
445 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Freckle+Face

Requested by

Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6c49ddae87542b06a9ffb0a334aa7578c3683e74d55d0010ea1ba58111afb9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:02:27 GMT
server: ESF
date: Fri, 23 Apr 2021 11:02:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Apr 2021 11:02:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-221037-2

Requested by

Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56a84241b2b9ba2d54e74bb2a662603213f742c90c5e30df4934fa3d322bc23e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35691
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Apr 2021 11:02:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
48 KB 43ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c440837e8b60255f7abd6ef13974a040f7205887ee0ca2d258ad5a43ddf4ef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48211
x-xss-protection: 0
server: cafe
etag: 5147372195871429648
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Apr 2021 11:02:27 GMT

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 101 KB
32 KB 107ms
34ms Script
text/javascript 2600:9000:2021:3800:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:3800:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:01:29 GMT
content-encoding: gzip
age: 58
etag: W/"192cc-3TBOdKYF02HlA++J6fQ0dmTq6Ow"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 c126163fdc452c400ffe65744c8b6612.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: lODlSaD3W6q8DnRJM9hLPMAzhjG8mZDphZBtJPmubguxzZriKTOBQA==

GET
H2 200 pubcode.min.js Show response
secure.cdn.fastclick.net/js/adcodes/ 10 KB
4 KB 98ms
24ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=21132&placement_id=32085fe8-cac5-47fb-8a3f-49bdc1b55645&version=1.4&exc=1
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: aeb4e91ace2fa32384064caa3eb3d1355e938bbb7d0a86b0b5280ee649d24544

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:27 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 22:08:18 GMT
server: Apache
etag: "269f-5a7c214d0c865-gzip"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3788

GET
H2 200 spacer.gif
www.correomagico.com/varios/ 67 B
238 B 346ms
110ms Image
image/gif 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correomagico.com/varios/spacer.gif
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 23 Apr 2021 11:02:29 GMT
last-modified: Tue, 21 Dec 2010 21:42:01 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "801a68e657a1cb1:0"
content-type: image/gif
accept-ranges: bytes
content-length: 67

GET
H/1.1 200
OK logo_white.gif
www.wondergreetings.com/images/varios/ 770 B
1 KB 115ms
110ms Image
image/gif 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/varios/logo_white.gif
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a266e99c8731963ee5896b161d58befd54f7eeab9f0088ad9010fcb6024a1c15

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Thu, 22 Oct 2020 00:07:01 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "80c0d0437a8d61:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 770

GET
H2 200 iso.png
www.correomagico.com/image2018/ 3 KB
3 KB 346ms
111ms Image
image/png 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correomagico.com/image2018/iso.png
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 251e37829fc45f854c7f5bc06c123cb472284aee840a8e4e8b0d9907d85b4a67

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 23 Apr 2021 11:02:29 GMT
last-modified: Mon, 11 Jun 2018 17:39:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0a2d627ab1d41:0"
content-type: image/png
accept-ranges: bytes
content-length: 2862

GET
H/1.1 200
OK pascuas_alegriaverdadera_th.jpg
www.wondergreetings.com/images/th_300_play/ 20 KB
21 KB 115ms
110ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/pascuas_alegriaverdadera_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cb6fecb580beb63bbefa6ddc25100bf406ff9f44c7e8e7ca664f9331b434d3a2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Thu, 25 Mar 2021 14:05:22 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "132635e57f21d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 20927

GET
H/1.1 200
OK pascuas_peluche_th.jpg
www.wondergreetings.com/images/th_300_play/ 14 KB
15 KB 115ms
110ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/pascuas_peluche_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 711c7a2e08a619afe620c72a0ce87267c9a607d32028015d9b0a10b9f0f70380

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Thu, 18 Mar 2021 13:10:54 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "a3a3e220f81bd71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 14763

GET
H/1.1 200
OK pascuas_conejoblanco_th.jpg
www.wondergreetings.com/images/th_300_play/ 8 KB
9 KB 222ms
202ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/pascuas_conejoblanco_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 90778dfedbfa581f0c9cc5098993f90f50c9c7656697d2c4e0e56a96ad6966d6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Wed, 10 Mar 2021 15:30:13 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "2774a443c215d71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 8432

GET
H/1.1 200
OK pascuas_bendiciones_th.jpg
www.wondergreetings.com/images/th_300_play/ 17 KB
17 KB 215ms
196ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/pascuas_bendiciones_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 262b3ed0576b4c914a42cb2d4f2472defd2a6b98ab4d3891895ed544cd45aa83

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Thu, 18 Mar 2021 13:10:49 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "7a1ac21df81bd71:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 17386

GET
H/1.1 200
OK navidad_adornosrojos_th.jpg
www.wondergreetings.com/images/th_300_play/ 17 KB
17 KB 211ms
196ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/navidad_adornosrojos_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d72e9b267c0caf9ef162ab5b65788c2a684ae5b9dcdfe69c5bf9ba3828c33c73

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Wed, 29 Jul 2020 20:06:47 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "80e5b3c9e365d61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 16997

GET
H/1.1 200
OK navidad_santaclaus_v_th.jpg
www.wondergreetings.com/images/th_300_play/ 17 KB
17 KB 111ms
110ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/navidad_santaclaus_v_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2d9c20c2d0bc31066105da2578c9123245dd3c860588dc2eb3c517c783e8b955

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Thu, 11 Jul 2019 15:22:05 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "808c6965fc37d51:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 17034

GET
H/1.1 200
OK navidad_medias_e_th.jpg
www.wondergreetings.com/images/th_300_play/ 21 KB
22 KB 110ms
108ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/navidad_medias_e_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 63e6b14491a6230e389c55ff834d7431ba9b5dbdcda5eb359c477f70ab44e4e7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Tue, 28 Jul 2020 23:16:45 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "80ec6293565d61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 21771

GET
H/1.1 200
OK navidad_morada_th.jpg
www.wondergreetings.com/images/th_300_play/ 12 KB
12 KB 110ms
109ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/navidad_morada_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4bffd3266ef925cba06a56e476909b94282a2f91dc70e1900f9811693c61d671

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Wed, 02 Sep 2020 19:53:40 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "07a12c16281d61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 12405

GET
H/1.1 200
OK cumple_regalodehoy_th.jpg
www.wondergreetings.com/images/th_300_play/ 16 KB
16 KB 112ms
111ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/cumple_regalodehoy_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e0aeccfd6574e47093eda070a7061b166db1c2e8aea94280df2268dc4ec83289

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Wed, 11 Nov 2020 13:02:05 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "8049fda2ab8d61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 16463

GET
H/1.1 200
OK cumple_suerte_th.jpg
www.wondergreetings.com/images/th_300_play/ 15 KB
15 KB 112ms
111ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/cumple_suerte_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 89f585328dc833216894d6934bc8a2a4394d9adca02da4e72214a2a1f7a2ab42

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Wed, 02 Sep 2020 19:28:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "02e50325f81d61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 14964

GET
H/1.1 200
OK cumple_365globos_th.jpg
www.wondergreetings.com/images/th_300_play/ 16 KB
16 KB 131ms
111ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/cumple_365globos_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: acfcfeeab4c96db218d308e7773fd08c7074a033fadf05f7bc9d904aef204744

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Wed, 22 Jul 2020 21:53:31 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "807fe4897260d61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 16085

GET
H/1.1 200
OK cumple_regalodivino_th.jpg
www.wondergreetings.com/images/th_300_play/ 17 KB
17 KB 131ms
111ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/images/th_300_play/cumple_regalodivino_th.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 071e8cab2a36697d1599e9c2e098e5d2949e43373782fef7f38c171b44888aa0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Tue, 21 Jul 2020 19:43:51 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "80f53c42975fd61:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 16938

GET
H2

200

rnb_ico_ig.png
www.correomagico.com/imagenes/iconos/redes/
Redirect Chain

http://www.correomagico.com/imagenes/iconos/redes/rnb_ico_ig.png
https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_ig.png

3 KB
4 KB

125ms
120ms

Image
image/png

204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_ig.png
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 093961bba51fca9ba8f59018d758d5444945f7705155ddbd81b42895f9ac8eaa

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 23 Apr 2021 11:02:29 GMT
last-modified: Mon, 06 May 2019 15:06:25 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "806edd451d4d51:0"
content-type: image/png
accept-ranges: bytes
content-length: 3522

Redirect headers

Location: https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_ig.png
Date: Fri, 23 Apr 2021 11:02:29 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 188
X-Powered-By-Plesk: PleskWin
Content-Type: text/html; charset=UTF-8

GET
H2 200 rnb_ico_fb.png
img.mailinblue.com/new_images/rnb/theme2/ 4 KB
4 KB 59ms
27ms Image
image/png 2606:4700:3035::6815:4bac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.mailinblue.com/new_images/rnb/theme2/rnb_ico_fb.png
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:4bac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e93e05fbffa6761955b46f710726c96c95e3ff3b28cabfdac7bdf10a70d0176d

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:27 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6912
cf-ray: 6446998869361786-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3730
x-amz-id-2: MKVWqWvVbI4DfJOIi8Tco9bWvPkT0PRO14Or0h4tgnAbviWG+JV3Mpj1Mwikh0mWq7n5aJsyTgo=
last-modified: Tue, 03 Jan 2017 07:56:27 GMT
server: cloudflare
etag: "807f7db86179eb4876461c0945d5a30b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aONsbq5G3yA6foFpOKc4BK%2BgDDm%2FJxzfhBW79xvn1urmjX4aFXtb1VSC1aQNtUJWVj90O5tWu4FFnilDtUaGq9qUCtyGheiPmncjmK1e0Eu04UW%2BkD0biSaR2zxelDI%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: S5BDB7K9SWKRNC43
cache-control: max-age=14400
cf-request-id: 099ffe494900001786abb44000000001
accept-ranges: bytes
content-type: image/png

GET
H2

200

rnb_ico_pi.png
www.correomagico.com/imagenes/iconos/redes/
Redirect Chain

http://www.correomagico.com/imagenes/iconos/redes/rnb_ico_pi.png
https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_pi.png

4 KB
4 KB

113ms
107ms

Image
image/png

204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_pi.png
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f84ff871a9663042ac17bf4973c96a2e563f5143b00242898af40a7c80379bfc

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 23 Apr 2021 11:02:29 GMT
last-modified: Mon, 06 May 2019 15:06:38 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "0139d4d1d4d51:0"
content-type: image/png
accept-ranges: bytes
content-length: 3690

Redirect headers

Location: https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_pi.png
Date: Fri, 23 Apr 2021 11:02:29 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 188
X-Powered-By-Plesk: PleskWin
Content-Type: text/html; charset=UTF-8

GET
H2

200

rnb_ico_tw.png
www.correomagico.com/imagenes/iconos/redes/
Redirect Chain

http://www.correomagico.com/imagenes/iconos/redes/rnb_ico_tw.png
https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_tw.png

3 KB
3 KB

106ms
105ms

Image
image/png

204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_tw.png
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7211c105f6de845f1c10263376fa9ea6352ed721bab30ed97537481d338020df

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 23 Apr 2021 11:02:29 GMT
last-modified: Mon, 06 May 2019 15:06:15 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "808de73f1d4d51:0"
content-type: image/png
accept-ranges: bytes
content-length: 3452

Redirect headers

Location: https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_tw.png
Date: Fri, 23 Apr 2021 11:02:29 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 188
X-Powered-By-Plesk: PleskWin
Content-Type: text/html; charset=UTF-8

GET
H2

200

rnb_ico_yt.png
www.correomagico.com/imagenes/iconos/redes/
Redirect Chain

http://www.correomagico.com/imagenes/iconos/redes/rnb_ico_yt.png
https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_yt.png

3 KB
3 KB

107ms
107ms

Image
image/png

204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_yt.png
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8f2895469a569635c795237c1820c223231fd29c0549deec8e91887167b44587

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Fri, 23 Apr 2021 11:02:29 GMT
last-modified: Mon, 06 May 2019 15:06:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "08c94a1d4d51:0"
content-type: image/png
accept-ranges: bytes
content-length: 3505

Redirect headers

Location: https://www.correomagico.com/imagenes/iconos/redes/rnb_ico_yt.png
Date: Fri, 23 Apr 2021 11:02:29 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 188
X-Powered-By-Plesk: PleskWin
Content-Type: text/html; charset=UTF-8

GET
H2 204 get.media Show response
direct.ad.cpe.dotomi.com/w/ 0
82 B 61ms
15ms Script
text/plain 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://direct.ad.cpe.dotomi.com/w/get.media?sid=21132&d=j&t=n&vcm_acv=1.4&version=1.12&c=0.13483872337588454&vcm_ifr=0&vcm_xy=200..45&vcm_vv=true&vcm_vm=false&vcm_pr=http%3A//www.wondergreetings.com/&vcm_tr=&vcm_cr=&mo=1&placement_id=32085fe8-cac5-47fb-8a3f-49bdc1b55645
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=21132&placement_id=32085fe8-cac5-47fb-8a3f-49bdc1b55645&version=1.4&exc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:27 GMT
cache-control: no-cache
server: nginx
expires: 0

GET
H2 200 cookie_sync Show response
cookie.sync.ad.cpe.dotomi.com/w/ 0
85 B 53ms
13ms Script
text/plain 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://cookie.sync.ad.cpe.dotomi.com/w/cookie_sync?sid=21132&cb=0.8637525278392131
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=21132&placement_id=32085fe8-cac5-47fb-8a3f-49bdc1b55645&version=1.4&exc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:13::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:28 GMT
cache-control: no-cache
server: nginx
content-length: 0
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-221037-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5113
date: Fri, 23 Apr 2021 09:37:15 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 23 Apr 2021 11:37:15 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ 223 KB
83 KB 52ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6802863666004650&plah=www.wondergreetings.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84531
x-xss-protection: 0
server: cafe
etag: 18044138429448666955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 23 Apr 2021 11:02:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/ Frame E01C 10 KB
5 KB 42ms
5ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210422/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wondergreetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.wondergreetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 22 Apr 2021 19:34:12 GMT
expires: Thu, 06 May 2021 19:34:12 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 55695
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v15/ 33 KB
34 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.wondergreetings.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:57 GMT
server: sffe
age: 435529
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34260
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 28 KB
28 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.wondergreetings.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:43 GMT
server: sffe
age: 435529
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28968
x-xss-protection: 0
expires: Mon, 18 Apr 2022 10:03:38 GMT

GET
H/1.1 200
OK cumpleanos-home-d_0.jpg
www.wondergreetings.com/image2018/caratulas/home/ 48 KB
49 KB 114ms
108ms Image
image/jpeg 204.93.161.19
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.wondergreetings.com/image2018/caratulas/home/cumpleanos-home-d_0.jpg
Requested by: Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/
Protocol: HTTP/1.1
Server: 204.93.161.19 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ecards.correomagico.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ac2b833783c28dc1e9135f612523f76ed8e12b1d6fb62a4dee75fdb14799d44e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.wondergreetings.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.wondergreetings.com/
Cookie: ASPSESSIONIDSASRAQAC=PHPHBIEBBAHHDPFIHFMLJBNE
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk: PleskWin
Date: Fri, 23 Apr 2021 11:02:29 GMT
Last-Modified: Thu, 31 May 2018 16:16:56 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "0cc49cbfaf8d31:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 49551

GET
H3-29 200 AMOWz4SXrmKHCvXTohxY-YIEVFi3.woff2
fonts.gstatic.com/s/freckleface/v9/ 39 KB
39 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/freckleface/v9/AMOWz4SXrmKHCvXTohxY-YIEVFi3.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Freckle+Face

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9babf1917ae762ae27a3f8ec7704ac57dc4bd5cb86723852aeb53b4857522202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.wondergreetings.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 08:41:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Jul 2020 19:45:27 GMT
server: sffe
age: 267685
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39652
x-xss-protection: 0
expires: Wed, 20 Apr 2022 08:41:02 GMT

GET
H3-29 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 37 KB
37 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.wondergreetings.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:31 GMT
server: sffe
age: 265719
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38108
x-xss-protection: 0
expires: Wed, 20 Apr 2022 09:13:48 GMT

GET
H2 200 5f7e12081a793400126ba3ae.js Show response
buttons-config.sharethis.com/js/ 465 B
844 B 498ms
428ms Script
text/javascript 2600:9000:2021:4200:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5f7e12081a793400126ba3ae.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2021:4200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a718637b65f084e255b736b1fb50f7779aa9ed46682ee3ef4b12cff35a649f31

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 23 Apr 2021 11:02:29 GMT
via: 1.1 cc61fd5dae580ac4dd735e074a4fbe83.cloudfront.net (CloudFront)
last-modified: Wed, 07 Oct 2020 19:12:09 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-C2
etag: "6b39e8c0bb1d3d75e348b7609b271f6f"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 465
x-amz-cf-id: bER7baYgfweLAnniA8a0dIN7YqpAMmCc7uNiVN15jNFfNdZFjSdneQ==

GET
H2 200 portal-v2.html Show response
c.sharethis.mgr.consensu.org/ Frame 6B24 2 KB
1 KB 41ms
11ms Document
text/html 2600:9000:2190:f600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:f600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wondergreetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.wondergreetings.com/

Response headers

content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=3600, public
date: Fri, 23 Apr 2021 11:00:14 GMT
etag: W/"83a-K1Ex0xzH2LCxSyRnDnyZEg18N68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9c70db7b93d63d4e23f775d04664db64.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: HbgDN3vkeVtOdPOYqU_61ead1Q74KLjR6TpOM4H1UxwRohLmYjhu4g==
age: 134

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
647 B 97ms
31ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.wondergreetings.com&callback=_gfp_s_&client=ca-pub-6802863666004650

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6802863666004650&plah=www.wondergreetings.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

462a8c6267c6314bf6f9030fc43e877bc47dae10d46eeb0e9b69f34cafadbd24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 64ms
16ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wondergreetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Apr 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 63ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wondergreetings.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Apr 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C067 3 KB
653 B 105ms
78ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&adk=1812271804&adf=3025194257&lmt=1619175748&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wondergreetings.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1619175747877&bpp=19&bdt=338&idt=255&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5556675401309&frm=20&pv=2&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&dtd=282

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d81a1384d9ec05665775333c1d8240d4510705c1e770f97a8772e0c724b13b55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6802863666004650&output=html&adk=1812271804&adf=3025194257&lmt=1619175748&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.wondergreetings.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1619175747877&bpp=19&bdt=338&idt=255&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5556675401309&frm=20&pv=2&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1024&bc=23&ifi=1&uci=a!1&fsb=1&dtd=282
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wondergreetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.wondergreetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Apr 2021 11:02:28 GMT
server: cafe
content-length: 630
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Apr-2021 11:17:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Apr 2021 11:02:28 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017352525402"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28270
x-xss-protection: 0
expires: Fri, 23 Apr 2021 11:02:28 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB62 82 KB
27 KB 711ms
710ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=284&slotname=5974378618&adk=102645600&adf=869763061&pi=t.ma~as.5974378618&w=1200&lmt=1619175748&rafmt=11&psa=0&format=1200x284&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&wgl=1&dt=1619175747955&bpp=6&bdt=416&idt=222&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oeylxwInfo&p=http%3A//www.wondergreetings.com&dtd=255

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32625828dab201aa483c4a0dddf851349ef566008f083e0ccc9a190a1caf8e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6802863666004650&output=html&h=284&slotname=5974378618&adk=102645600&adf=869763061&pi=t.ma~as.5974378618&w=1200&lmt=1619175748&rafmt=11&psa=0&format=1200x284&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&wgl=1&dt=1619175747955&bpp=6&bdt=416&idt=222&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oeylxwInfo&p=http%3A//www.wondergreetings.com&dtd=255
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wondergreetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.wondergreetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Apr 2021 11:02:28 GMT
server: cafe
content-length: 27720
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Apr-2021 11:17:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Apr 2021 11:02:28 GMT
cache-control: private

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1168657110&t=pageview&_s=1&dl=http%3A%2F%2Fwww.wondergreetings.com%2F&ul=en-us&de=UTF-8&dt=Free%20Birthday%20eCards%2C%20postcards%20and%20printable%20cards%20-%20WonderGreetings.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=2017747386&gjid=1084594695&cid=183072636.1619175748&tid=UA-221037-2&_gid=829260481.1619175748&_r=1&gtm=2ou4e1&z=1930531196

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.wondergreetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
95 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-221037-2&cid=183072636.1619175748&jid=2017747386&gjid=1084594695&_gid=829260481.1619175748&_u=IAhAAUAAAAAAAC~&z=1342288337

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Apr 2021 11:02:28 GMT
content-type: text/plain
access-control-allow-origin: http://www.wondergreetings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
344 B 134ms
37ms XHR
text/plain 3.122.26.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=www.wondergreetings.com&location=%2F&product=sop&url=http%3A%2F%2Fwww.wondergreetings.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Free%20Birthday%20eCards%2C%20postcards%20and%20printable%20cards%20-%20WonderGreetings.com&cms=unknown&publisher=5f7e12081a793400126ba3ae&sop=true&bsamesite=true&consent_cookie_duration=218&consent_duration=218&gdpr_domain=.consensu.org&gdpr_method=cookie&version=st_sop.js&lang=en
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.26.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-26-231.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 11:02:28 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://www.wondergreetings.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 17ms
16ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-221037-2&cid=183072636.1619175748&jid=2017747386&_u=IAhAAUAAAAAAAC~&z=1868386047

Requested by

Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 43ms
21ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-221037-2&cid=183072636.1619175748&jid=2017747386&_u=IAhAAUAAAAAAAC~&z=1868386047

Requested by

Host: www.wondergreetings.com
URL: http://www.wondergreetings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
20ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wondergreetings.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Apr 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 36ms
21ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wondergreetings.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Apr 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EF92 60 KB
23 KB 786ms
775ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=90&adk=1295442208&adf=2597918638&pi=t.aa~a.1495003939~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619175748&rafmt=1&to=qs&pwprc=5340667952&psa=0&format=1200x90&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1619175748368&bpp=2&bdt=829&idt=2&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a93050506993722-222a5665a3a70087%3AT%3D1619175748%3ART%3D1619175748%3AS%3DALNI_MZ08p-q7JZ-ZPxd4MJ9KPG7wf8VLg&prev_fmts=0x0%2C1200x284&nras=2&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SMb9ACnJ2z&p=http%3A//www.wondergreetings.com&dtd=33

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6550c20261d878ebc7ac0e9bfb937c2d935ec75ca0eeacd9165d95f4c90cdd54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6802863666004650&output=html&h=90&adk=1295442208&adf=2597918638&pi=t.aa~a.1495003939~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619175748&rafmt=1&to=qs&pwprc=5340667952&psa=0&format=1200x90&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1619175748368&bpp=2&bdt=829&idt=2&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a93050506993722-222a5665a3a70087%3AT%3D1619175748%3ART%3D1619175748%3AS%3DALNI_MZ08p-q7JZ-ZPxd4MJ9KPG7wf8VLg&prev_fmts=0x0%2C1200x284&nras=2&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SMb9ACnJ2z&p=http%3A//www.wondergreetings.com&dtd=33
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wondergreetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.wondergreetings.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Apr 2021 11:02:29 GMT
server: cafe
content-length: 24019
x-xss-protection: 0
set-cookie: IDE=AHWqTUmQBHJi2PzYhxtWUh4SfW1AgF9w7_4n8gJuk-gdWOMehzh1N5u-hWoPtORTz_w; expires=Wed, 18-May-2022 11:02:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Apr 2021 11:02:29 GMT
cache-control: private

GET
H3-29 200 css
fonts.googleapis.com/ Frame AB62 5 KB
678 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400|Ubuntu:300,500&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=284&slotname=5974378618&adk=102645600&adf=869763061&pi=t.ma~as.5974378618&w=1200&lmt=1619175748&rafmt=11&psa=0&format=1200x284&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&wgl=1&dt=1619175747955&bpp=6&bdt=416&idt=222&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oeylxwInfo&p=http%3A//www.wondergreetings.com&dtd=255

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

722f52cb5038a77b5f4937b54a317c013f6eae4dca1a48bdc839680ccfecf799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:02:28 GMT
server: ESF
date: Fri, 23 Apr 2021 11:02:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Apr 2021 11:02:28 GMT

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame AB62 30 KB
12 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

549c4af1c41dfa002351b2c2fdf4705224dcd414bee3f8b2f61ed4f1c792b8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 09:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12005
x-xss-protection: 0
server: cafe
etag: 7444956747656014467
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 09:17:05 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5976497367284683232/ Frame AB62 94 KB
94 KB 26ms
10ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5976497367284683232/downsize_200k_v1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b6362f93a05df3d7d7e4438e3af1535cf46daadaad0cdb77ae789960fe411b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 04:47:51 GMT
x-content-type-options: nosniff
age: 108877
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96175
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 20:11:02 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Apr 2022 04:47:51 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame AB62 17 KB
7 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 11:02:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame AB62 2 KB
1 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 11:01:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB62 116 KB
35 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Fri, 23 Apr 2021 11:02:28 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame AB62 13 KB
5 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 11:01:55 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame AB62 0
0 47ms
45ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK7BMRKmCYOOTDoK13gP0uYSQB5nAvaph5bb27pkN5-3K5uohEAEgtoyCA2CVAqABgtqR_wPIAQapAq7moBzyLbQ-qAMByAPLBKoEugFP0GwBbggNOWuBxtMg0WTG0Rt0h6aYPUch-UgE96VmMDo6qq-B053mE2QKZa7hbIRvpw-xBIbuS44GBxeSBCpLAtXB41WXFgQ3Ikj3q7nid-3dncqPHs0GyegwyySrsJ5LSNaYBilt7upjjVZWF8Q8jYG8KrFVWxhbk_AHUKIl3XNDWF8-81iWKcnSqeeTo8KTK6UUAMHia53O-IEH-1doLP1_epEFs_bBvullxPnEj24DfoVZSGaIFk_ABNKJ85DAA5IFBAgEGAGSBQQIBRgEoAY3gAfmpW6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwUQ1I31AdIICQiA4YAQEAEYH4AKAcgLAdgTDYgUBLIXGgoYCAASFHB1Yi02ODAyODYzNjY2MDA0NjUw&sigh=E416AHgnJIw&template_id=492

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=284&slotname=5974378618&adk=102645600&adf=869763061&pi=t.ma~as.5974378618&w=1200&lmt=1619175748&rafmt=11&psa=0&format=1200x284&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&wgl=1&dt=1619175747955&bpp=6&bdt=416&idt=222&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oeylxwInfo&p=http%3A//www.wondergreetings.com&dtd=255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Apr 2021 11:02:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 23 Apr 2021 11:02:29 GMT

GET
H3-29 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame AB62 29 KB
29 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400|Ubuntu:300,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 19:10:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:34 GMT
server: sffe
age: 229909
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
expires: Wed, 20 Apr 2022 19:10:39 GMT

GET
H3-29 200 4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame AB62 37 KB
37 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400|Ubuntu:300,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 09:13:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:31 GMT
server: sffe
age: 265720
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38108
x-xss-protection: 0
expires: Wed, 20 Apr 2022 09:13:48 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame AB62 15 KB
15 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400|Ubuntu:300,500&lang=de

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 308828
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 19 Apr 2022 21:15:20 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0A09 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=284&slotname=5974378618&adk=102645600&adf=869763061&pi=t.ma~as.5974378618&w=1200&lmt=1619175748&rafmt=11&psa=0&format=1200x284&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&wgl=1&dt=1619175747955&bpp=6&bdt=416&idt=222&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oeylxwInfo&p=http%3A//www.wondergreetings.com&dtd=255
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlvcFgURieLIW7aJi-dCVmYlVD2OolLWQ07uf037gZCBtFXP2mRjGkOXoZPiyA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=284&slotname=5974378618&adk=102645600&adf=869763061&pi=t.ma~as.5974378618&w=1200&lmt=1619175748&rafmt=11&psa=0&format=1200x284&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&wgl=1&dt=1619175747955&bpp=6&bdt=416&idt=222&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=173&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=1152&bc=23&ifi=2&uci=a!2&fsb=1&xpc=oeylxwInfo&p=http%3A//www.wondergreetings.com&dtd=255

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 23 Apr 2021 10:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1990
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AB62 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8cdd773538938e8f91099b5c72858ef95184e696aedaf49961d6662c8847b483

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0A09
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmQBHJi2PzYhxtWUh4SfW1AgF9w7_4n8gJuk-gdWOMehzh1N5u-hWoPtORTz_w
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Apr 2021 11:02:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 23-Apr-2021 12:02:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Apr 2021 11:02:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Apr 2021 11:02:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame C67D 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 10:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 1168
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 10:43:01 GMT

GET
H3-29 200 6801011678096784395
tpc.googlesyndication.com/simgad/ Frame EF92 25 KB
25 KB 7ms
7ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6801011678096784395?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql9BVnBZvzOYDZFzmeyPMVxj0VTSA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=90&adk=1295442208&adf=2597918638&pi=t.aa~a.1495003939~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619175748&rafmt=1&to=qs&pwprc=5340667952&psa=0&format=1200x90&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1619175748368&bpp=2&bdt=829&idt=2&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a93050506993722-222a5665a3a70087%3AT%3D1619175748%3ART%3D1619175748%3AS%3DALNI_MZ08p-q7JZ-ZPxd4MJ9KPG7wf8VLg&prev_fmts=0x0%2C1200x284&nras=2&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SMb9ACnJ2z&p=http%3A//www.wondergreetings.com&dtd=33

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c48ea7b863ddcdd36ba0d6a900d26ed23684a25f9e1ecd35e04b79e1b046cc32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 22:47:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 13 Sep 2020 18:55:37 GMT
server: sffe
age: 44124
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25718
x-xss-protection: 0
expires: Fri, 22 Apr 2022 22:47:05 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame EF92 17 KB
7 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 3134275839577271762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 11:02:21 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame EF92 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 11:01:13 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF92 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619017370605640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36032
x-xss-protection: 0
expires: Fri, 23 Apr 2021 11:02:29 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame EF92 13 KB
5 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:01:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 May 2021 11:01:55 GMT

GET
H3-29 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame EF92 25 KB
10 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 23:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10420
x-xss-protection: 0
server: cafe
etag: 5410920360913075790
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 May 2021 23:01:48 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame EF92 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0UOmRKmCYInqGtrm3wPp-r7wBIeBkLdipb3_9ZMMnL3-sqsJEAEgtoyCA2CVAqABifqV4QPIAQKoAwHIA8kEqgS4AU_Q0cj-trZy5eKh3ZAZebCWUNW_y7GkZGPbsD87BPOoHBba0Xa36ony712SEnenUHKfOleEQBXWCGZS6d2SXDnhuTFupv7zHHIeOd8567p_POeiGMjk7ldRVhhQ6HyK1XiKNd_OqM-4TVdhlmPnQoRB6iALcLtJkIMyxo7KWixUCxNyhl6ZVEu0nJZYRn9TS6zQWsjEesTSThLp9WUN_YrtHDFcZTw6U7JM7ByYFscF1VqU8_ozDAbABIHrqsKSA5IFBAgEGAGSBQQIBRgEoAYCgAffheoeqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEELjZetIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi02ODAyODYzNjY2MDA0NjUw&sigh=Nn_MprpOcwk

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=90&adk=1295442208&adf=2597918638&pi=t.aa~a.1495003939~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619175748&rafmt=1&to=qs&pwprc=5340667952&psa=0&format=1200x90&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1619175748368&bpp=2&bdt=829&idt=2&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a93050506993722-222a5665a3a70087%3AT%3D1619175748%3ART%3D1619175748%3AS%3DALNI_MZ08p-q7JZ-ZPxd4MJ9KPG7wf8VLg&prev_fmts=0x0%2C1200x284&nras=2&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SMb9ACnJ2z&p=http%3A//www.wondergreetings.com&dtd=33
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Apr 2021 11:02:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC9B 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=90&adk=1295442208&adf=2597918638&pi=t.aa~a.1495003939~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619175748&rafmt=1&to=qs&pwprc=5340667952&psa=0&format=1200x90&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1619175748368&bpp=2&bdt=829&idt=2&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a93050506993722-222a5665a3a70087%3AT%3D1619175748%3ART%3D1619175748%3AS%3DALNI_MZ08p-q7JZ-ZPxd4MJ9KPG7wf8VLg&prev_fmts=0x0%2C1200x284&nras=2&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SMb9ACnJ2z&p=http%3A//www.wondergreetings.com&dtd=33
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmQBHJi2PzYhxtWUh4SfW1AgF9w7_4n8gJuk-gdWOMehzh1N5u-hWoPtORTz_w; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=90&adk=1295442208&adf=2597918638&pi=t.aa~a.1495003939~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619175748&rafmt=1&to=qs&pwprc=5340667952&psa=0&format=1200x90&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1619175748368&bpp=2&bdt=829&idt=2&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a93050506993722-222a5665a3a70087%3AT%3D1619175748%3ART%3D1619175748%3AS%3DALNI_MZ08p-q7JZ-ZPxd4MJ9KPG7wf8VLg&prev_fmts=0x0%2C1200x284&nras=2&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SMb9ACnJ2z&p=http%3A//www.wondergreetings.com&dtd=33

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 23 Apr 2021 10:29:19 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1990
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DD38 1 KB
749 B 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 23 Apr 2021 03:14:09 GMT
expires: Sat, 24 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 28100
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame EF92 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eea9c3ea5341aa9730a0bc79e19e47870a77db8f55f935852c809b35fc5578ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame DD38 35 B
463 B 29ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBS2QUZxR_HIuVSfet1ks3Q&google_cver=1&google_push=AQvitUIhFqTiR0NqAV20GEuPq6BGAeHsC2LZL_UrMNhsiot2Rw0Fw185DyQA24s4x6JDqq9BZg_c-hJ9RPU679wBHRa1y3EfPeZv

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DD38
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEHebwpQzGhdXYKmfWeom1CM&google_cver=1&google_push=AQvitUKnkiVsqYXgzl-hZEr7ltZyHcmUtnNMn-QBIjuSXdTI0-Fxg7sMtWSKzwYLiGuvpaGzlxWUiinWFkgWh406YQAj8SzYQQTs
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKnkiVsqYXgzl-hZEr7ltZyHcmUtnNMn-QBIjuSXdTI0-Fxg7sMtWSKzwYLiGuvpaGzlxWUiinWFkgWh406YQAj8SzYQQTs&google_hm=Q0FFU0VIZWJ3cFF6R2hkW...

170 B
188 B

63ms
37ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKnkiVsqYXgzl-hZEr7ltZyHcmUtnNMn-QBIjuSXdTI0-Fxg7sMtWSKzwYLiGuvpaGzlxWUiinWFkgWh406YQAj8SzYQQTs&google_hm=Q0FFU0VIZWJ3cFF6R2hkWFlLbWZXZW9tMUNN

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Apr 2021 11:02:28 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUKnkiVsqYXgzl-hZEr7ltZyHcmUtnNMn-QBIjuSXdTI0-Fxg7sMtWSKzwYLiGuvpaGzlxWUiinWFkgWh406YQAj8SzYQQTs&google_hm=Q0FFU0VIZWJ3cFF6R2hkWFlLbWZXZW9tMUNN
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DD38
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESENMH8rYWK8ir5s2wEM53Vgk&google_cver=1&google_push=AQvitUKrFLCLlh12k0HR4f0c8_kfyIYap9xmNjUD5kP4u9vMpoEmhVav9mG6HvDbXnkCDxKM_XltWCbrmIh9GLGIPMkXCwWW_RU1
https://rtb.openx.net/sync/dds?google_gid=CAESENMH8rYWK8ir5s2wEM53Vgk&google_cver=1&google_push=AQvitUKrFLCLlh12k0HR4f0c8_kfyIYap9xmNjUD5kP4u9vMpoEmhVav9mG6HvDbXnkCDxKM_XltWCbrmIh9GLGIPMkXCwWW_RU1&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKrFLCLlh12k0HR4f0c8_kfyIYap9xmNjUD5kP4u9vMpoEmhVav9mG6HvDbXnkCDxKM_XltWCbrmIh9GLGIPMkXCwWW_RU1&google_hm=mq4qgCiMz1UL0O8vnx7loQ==

170 B
188 B

49ms
34ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKrFLCLlh12k0HR4f0c8_kfyIYap9xmNjUD5kP4u9vMpoEmhVav9mG6HvDbXnkCDxKM_XltWCbrmIh9GLGIPMkXCwWW_RU1&google_hm=mq4qgCiMz1UL0O8vnx7loQ==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:28 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUKrFLCLlh12k0HR4f0c8_kfyIYap9xmNjUD5kP4u9vMpoEmhVav9mG6HvDbXnkCDxKM_XltWCbrmIh9GLGIPMkXCwWW_RU1&google_hm=mq4qgCiMz1UL0O8vnx7loQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 5gl7jksbujr7nn8l2fa5q7iimrjol0up

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DD38
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PgKZTK_GTiqNwWzVQ-01cw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

48ms
36ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PgKZTK_GTiqNwWzVQ-01cw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULZcp2YZe0dfJ5lWLK_VmFkaLpAn4OXrXva7q1trAgbNd7FtfGa_1ClCdw6iRDqGGadGpwRhJEQr6bmgWcyTjZu_QandXpM

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PgKZTK_GTiqNwWzVQ-01cw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitULZcp2YZe0dfJ5lWLK_VmFkaLpAn4OXrXva7q1trAgbNd7FtfGa_1ClCdw6iRDqGGadGpwRhJEQr6bmgWcyTjZu_QandXpM
Date: Fri, 23 Apr 2021 11:02:27 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DD38
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKVUC9StMiIrh4hypu1VW58&google_cver=1&google_push=AQvitULbm4D3RAFtRHmUSwYxTUS3XmTWpKW7xR6Ac9gP5slNq3MCgJbRCUj_rK7A_HOEfkIlftu...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05VN0ZPOEotMVgtR0VCRA==&google_push=AQvitULbm4D3RAFtRHmUSwYxTUS3XmTWpKW7xR6Ac9gP5slNq3MCgJbRCUj_rK7A_HOEfkIlftuF-x_Elx3wYiPMuv8alkPzoV0q

170 B
188 B

67ms
34ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05VN0ZPOEotMVgtR0VCRA==&google_push=AQvitULbm4D3RAFtRHmUSwYxTUS3XmTWpKW7xR6Ac9gP5slNq3MCgJbRCUj_rK7A_HOEfkIlftuF-x_Elx3wYiPMuv8alkPzoV0q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S05VN0ZPOEotMVgtR0VCRA==&google_push=AQvitULbm4D3RAFtRHmUSwYxTUS3XmTWpKW7xR6Ac9gP5slNq3MCgJbRCUj_rK7A_HOEfkIlftuF-x_Elx3wYiPMuv8alkPzoV0q
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame DD38
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMm2B8AVofvu0pudbjlRp_w&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMm2B8AVofvu0pudbjlRp_w&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIKpRXS50XlS_316EW1M7AAABFMAAAAB&google_gid=CAESEMm2B8AVofvu0pudbjlRp_w&google_cver=1&google_push=AQvitUK4yzdjmGPm2LxMEG-YlCokS1muMpTo0...

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIKpRXS50XlS_316EW1M7AAABFMAAAAB&google_gid=CAESEMm2B8AVofvu0pudbjlRp_w&google_cver=1&google_push=AQvitUK4yzdjmGPm2LxMEG-YlCokS1muMpTo0JnPFQ12wH8njAG1L9SNWylp5wSChTR6EhD9wImXNY4UCtFW5ZfRGtYb198dB7f5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 23 Apr 2021 11:02:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIKpRXS50XlS_316EW1M7AAABFMAAAAB&google_gid=CAESEMm2B8AVofvu0pudbjlRp_w&google_cver=1&google_push=AQvitUK4yzdjmGPm2LxMEG-YlCokS1muMpTo0JnPFQ12wH8njAG1L9SNWylp5wSChTR6EhD9wImXNY4UCtFW5ZfRGtYb198dB7f5
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Fri, 23 Apr 2021 11:02:29 GMT

GET
H2 200 trk
ag.innovid.com/ Frame DD38 43 B
295 B 74ms
20ms Image
image/gif 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEElod7okjbDpq2O3V0b2isI&google_cver=1&google_push=AQvitULOLIAzbJp-669hdbiJRjHb6CWxV1tMBueYxidajUuLaX--qC5LCMP_0kBnSgxl6mlzBKfyDYwekIho0EFqHlNcobpuvU_k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6802863666004650&output=html&h=90&adk=1295442208&adf=2597918638&pi=t.aa~a.1495003939~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1619175748&rafmt=1&to=qs&pwprc=5340667952&psa=0&format=1200x90&url=http%3A%2F%2Fwww.wondergreetings.com%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1619175748368&bpp=2&bdt=829&idt=2&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6a93050506993722-222a5665a3a70087%3AT%3D1619175748%3ART%3D1619175748%3AS%3DALNI_MZ08p-q7JZ-ZPxd4MJ9KPG7wf8VLg&prev_fmts=0x0%2C1200x284&nras=2&correlator=5556675401309&frm=20&pv=1&ga_vid=183072636.1619175748&ga_sid=1619175748&ga_hid=1168657110&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=1318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21066431%2C31060840&oid=3&pvsid=4302793505474246&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=SMb9ACnJ2z&p=http%3A//www.wondergreetings.com&dtd=33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:29 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DD38 0
227 B 102ms
33ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWtsteM6LiaESx9MnJuQSUnhrT3-swkca4HuUBSoba7HBzyD1peY9UvPxlMB8mkO-CWor8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:29 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 35ms
19ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a22afdd326d3a6fcdb31ee5266bbdc8a8f4fcc06b54f76ebc121570d4969c2d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Apr 2021 11:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6943
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FC9B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

39ms
38ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmQBHJi2PzYhxtWUh4SfW1AgF9w7_4n8gJuk-gdWOMehzh1N5u-hWoPtORTz_w; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Apr 2021 11:02:29 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 23-Apr-2021 12:02:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 23 Apr 2021 11:02:29 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Apr 2021 11:02:29 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame A6D8 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 10:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 1168
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 10:43:01 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 11:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 23 Apr 2021 11:02:29 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame F195 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.wondergreetings.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.wondergreetings.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 23 Apr 2021 10:40:17 GMT
expires: Sat, 23 Apr 2022 10:40:17 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1332
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js Show response
pagead2.googlesyndication.com/bg/ Frame F195 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/04GNmuDwX4NjTp5JBnlTI2cBXBmJ_FOcmcCRO2VtSUE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 10:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 09:18:00 GMT
server: sffe
age: 1168
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5636
x-xss-protection: 0
expires: Sat, 23 Apr 2022 10:43:01 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=4302793505474246&bg=!zc6lzorNAAZUuIlwVLg7ACkAdvg8WiVKOmZATbH4ug3Szp3ECuEZ9U7Wgqvx468CLGOYcKlMkryG5wIAAABtUgAAAAxoAQcKAL1T_gGEflv032Xb_nYUvwWRkQWd9n40P6Yx9JBZ_vu_hHIHlY4jgUgJmLcxrDPZtL85jSp795w3Ua-8q5f339_cxzYEPgbbNLKGdmzvAoNnkZ5VNYJfXYQ7_kAFSNX7d2m6KFu39eI4D34WlA5uwlVlqKmFl-i2XTT1jNCGO1YVkZ68RwKSaNN3Kftj77HceOjrkNDaL7ax7UZo5ehob9L316SDQ1pPZ3GtF2tNTDjYTSY1WAlKb4sLD43bOk2ZAiUzjwLH3gK8ojGFo3w1e_IYnC0GPcWN2f4JEDvI_I3XCuKjATZLv01KpNL5V-voDXerYGfd8LEdeF3Xwump-r7g9GiD95hMn2BFMSJy_3egWYLBKLXc7TTkzGRFHeQyBg2Rh7YURO3uq5NS0iKOZxp9gP_N92qHhilJr2-05DZK7uN0upZebUWafCuV0-BQRwnuRRS0JNKnNiAfAQUxlJLQ3nPmRH5QI1PpQJ_LOKSxciFYfkaK7Ki7GFOGq6QvnVwLMtB6Fu2Nf3PIT1G24SeHojrHrrRrcD0MtNKj_fkZ7B0hUf-KsRq5yyyG0ICdNnCn4fBkpgfH8GgSwOElU6Y0JhJOP6FSilqsD1KMfHGPuyM-Ro0XoWgX7ltHCmShhJQrPumbPiOGxpggW7l_ahVfL20zyGc-ZZ0HGhFoiDegiQDu8u4xMR2NHFRKyM1B6cx7x9GPzQ9Hb8xIA8fgRbM2Iw3NCH3xGBWiYRiUsRp5MZT3Rc5E5bid-svUQA_r5AEdCbHJegXEy54jzTEttLyqIODbVjLFGXZWFalGan3HUX6vaiAxiu76XyiXA4FeBILOpJxas7DpdkMxXUhn-jmEpHNoujejq-_BDuXUF8awFbwuHBFtgh_xQlbj3vzu0Ta4JEIY_-IIQcL2zNJ6-mgiEtbEtpz49TGGmC31eZ1XYO6AEN7v4g-xH5jJqHA2ofn9nwbWLkn_X2FqJoeaHp2_AuYGqxY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.wondergreetings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AB62 42 B
64 B 18ms
17ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTeSVS_WRK_cNC0LCdDkC-j-_Cn2UFw0MqTKHzKnlGboJ_EhwPHDyv3uMmTAhUGyoGuD6h37OGww7MpH3fs-xgA2b3_epvNZ2EQy_Hmwv8IqcYcgA1UFax2V6Ogw&sai=AMfl-YQHIo6RH-WpF3ksl4HwSoLt2x3uLlEB-RL4hv-V0ak3T-3EYBEBBfasoj2TpxZwbLKJY-95BNycx_HC&sig=Cg0ArKJSzLi3PM3RxTEsEAE&id=lidar2&mcvt=1000&p=173,200,741,1400&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&app=0&itpl=14&adk=102645600&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619175748211&dlt=715&rpt=910&msd=0&r=v&fum=1&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Apr 2021 11:02:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:46:19	Name: DSID Value: NO_DATA
.wondergreetings.com/	1970-01-20 03:07:51	Name: __gads Value: ID=6a93050506993722-222a5665a3a70087:T=1619175748:RT=1619175748:S=ALNI_MZ08p-q7JZ-ZPxd4MJ9KPG7wf8VLg
www.wondergreetings.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDSASRAQAC Value: PHPHBIEBBAHHDPFIHFMLJBNE
.wondergreetings.com/	1970-01-19 17:46:15	Name: _gat_gtag_UA_221037_2 Value: 1
.doubleclick.net/	1970-01-20 03:07:51	Name: IDE Value: AHWqTUmQBHJi2PzYhxtWUh4SfW1AgF9w7_4n8gJuk-gdWOMehzh1N5u-hWoPtORTz_w
.wondergreetings.com/	1970-01-19 17:47:42	Name: _gid Value: GA1.2.829260481.1619175748
.wondergreetings.com/	1970-01-20 11:17:27	Name: _ga Value: GA1.2.183072636.1619175748

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cm.g.doubleclick.net
cms.quantserve.com
cookie.sync.ad.cpe.dotomi.com
d.agkn.com
direct.ad.cpe.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
img.mailinblue.com
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
platform-api.sharethis.com
rtb.openx.net
secure.cdn.fastclick.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.correomagico.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.wondergreetings.com
104.111.219.144
142.250.185.130
172.217.23.98
185.64.190.78
2.18.234.21
204.93.161.19
2600:9000:2021:3800:1c:8a07:5e80:93a1
2600:9000:2021:4200:c:abe:f440:93a1
2600:9000:2190:f600:c:a9b7:ddc0:93a1
2606:4700:3035::6815:4bac
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2002
2a00:1450:4001:803::2001
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:810::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9b
2a02:fa8:8806:13::1460
2a02:fa8:8806:16::1460
2a05:d01c:1d8:8101:ac20:41f1:bf24:9b3
3.122.26.231
35.186.253.211
54.93.142.164
69.173.144.138
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
071e8cab2a36697d1599e9c2e098e5d2949e43373782fef7f38c171b44888aa0
093961bba51fca9ba8f59018d758d5444945f7705155ddbd81b42895f9ac8eaa
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
251e37829fc45f854c7f5bc06c123cb472284aee840a8e4e8b0d9907d85b4a67
2521940f5117725652dc31841774c0ca07cc4dedfbd3c5845e3ce034c78e3710
262b3ed0576b4c914a42cb2d4f2472defd2a6b98ab4d3891895ed544cd45aa83
284869c7498d2bc8d80187ad658ac53bc92b11d68c1bd80cd8854094d8665d20
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d9c20c2d0bc31066105da2578c9123245dd3c860588dc2eb3c517c783e8b955
32625828dab201aa483c4a0dddf851349ef566008f083e0ccc9a190a1caf8e61
38c288b893b166348ca23e242921ba2f260e3444cb2027e0c844304a894f0bbe
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
462a8c6267c6314bf6f9030fc43e877bc47dae10d46eeb0e9b69f34cafadbd24
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
4bffd3266ef925cba06a56e476909b94282a2f91dc70e1900f9811693c61d671
4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4524f7e1a87079bc50a64681f880ccf3e6f5db1ec5fc27949377532a3881da
549c4af1c41dfa002351b2c2fdf4705224dcd414bee3f8b2f61ed4f1c792b8a1
56a84241b2b9ba2d54e74bb2a662603213f742c90c5e30df4934fa3d322bc23e
63e6b14491a6230e389c55ff834d7431ba9b5dbdcda5eb359c477f70ab44e4e7
6550c20261d878ebc7ac0e9bfb937c2d935ec75ca0eeacd9165d95f4c90cdd54
665e8ca5ac8d49c55ff6a1a4501a9cf2a95e50e1ced9799fc5701390e762191b
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6c440837e8b60255f7abd6ef13974a040f7205887ee0ca2d258ad5a43ddf4ef9
6c49ddae87542b06a9ffb0a334aa7578c3683e74d55d0010ea1ba58111afb9fd
711c7a2e08a619afe620c72a0ce87267c9a607d32028015d9b0a10b9f0f70380
7211c105f6de845f1c10263376fa9ea6352ed721bab30ed97537481d338020df
722f52cb5038a77b5f4937b54a317c013f6eae4dca1a48bdc839680ccfecf799
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f585328dc833216894d6934bc8a2a4394d9adca02da4e72214a2a1f7a2ab42
8b6362f93a05df3d7d7e4438e3af1535cf46daadaad0cdb77ae789960fe411b1
8cdd773538938e8f91099b5c72858ef95184e696aedaf49961d6662c8847b483
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
8f2895469a569635c795237c1820c223231fd29c0549deec8e91887167b44587
90778dfedbfa581f0c9cc5098993f90f50c9c7656697d2c4e0e56a96ad6966d6
9769961274520466f30da2f63030d5adbaaabfcdfba561471df48ec282d30ef3
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9babf1917ae762ae27a3f8ec7704ac57dc4bd5cb86723852aeb53b4857522202
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a22afdd326d3a6fcdb31ee5266bbdc8a8f4fcc06b54f76ebc121570d4969c2d1
a266e99c8731963ee5896b161d58befd54f7eeab9f0088ad9010fcb6024a1c15
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a718637b65f084e255b736b1fb50f7779aa9ed46682ee3ef4b12cff35a649f31
ac2b833783c28dc1e9135f612523f76ed8e12b1d6fb62a4dee75fdb14799d44e
ac84513c4c5ea7e4458e91c46e33ba71b56e19fabf93cc079ffcb01a975c2e3d
acfcfeeab4c96db218d308e7773fd08c7074a033fadf05f7bc9d904aef204744
aeb4e91ace2fa32384064caa3eb3d1355e938bbb7d0a86b0b5280ee649d24544
c48ea7b863ddcdd36ba0d6a900d26ed23684a25f9e1ecd35e04b79e1b046cc32
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
cb6fecb580beb63bbefa6ddc25100bf406ff9f44c7e8e7ca664f9331b434d3a2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d3818d9ae0f05f83634e9e490679532367015c1989fc539c99c0913b656d4941
d72e9b267c0caf9ef162ab5b65788c2a684ae5b9dcdfe69c5bf9ba3828c33c73
d81a1384d9ec05665775333c1d8240d4510705c1e770f97a8772e0c724b13b55
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0aeccfd6574e47093eda070a7061b166db1c2e8aea94280df2268dc4ec83289
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93e05fbffa6761955b46f710726c96c95e3ff3b28cabfdac7bdf10a70d0176d
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
eea9c3ea5341aa9730a0bc79e19e47870a77db8f55f935852c809b35fc5578ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef701bcdb11abe6ee6b906497f307cf8591be7b46258e201b2da192ba009e308
f84ff871a9663042ac17bf4973c96a2e563f5143b00242898af40a7c80379bfc

www.wondergreetings.com Open in urlscan Pro 204.93.161.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

94 Requests

82 %HTTPS

67 %IPv6

24 Domains

32 Subdomains

26 IPs

4 Countries

1147 kBTransfer

1951 kBSize

7 Cookies

5 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.wondergreetings.com Open in urlscan Pro
204.93.161.19 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

82 %
HTTPS

67 %
IPv6

24
Domains

32
Subdomains

26
IPs

4
Countries

1147 kB
Transfer

1951 kB
Size

7
Cookies

94 HTTP transactions
2 data transactions