got-free-ecards.com Open in urlscan Pro
52.2.231.154 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://got-free-ecards.com/gc/ecardpickup.ecards
Submission: On March 02 via manual (March 2nd 2021, 2:01:00 pm UTC) from GB

Summary HTTP 62 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 62 HTTP transactions. The main IP is 52.2.231.154, located in United States and belongs to AMAZON-AES, US. The main domain is got-free-ecards.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 23rd 2020. Valid for: a year.

This is the only time got-free-ecards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	52.2.231.154 52.2.231.154	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:812::200a	() ()
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
10	2a00:1450:400... 2a00:1450:4001:808::2002	() ()
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	() ()
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	() ()
8	2a00:1450:400... 2a00:1450:4001:811::2002	() ()
1	2600:9000:20d... 2600:9000:20d7:a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2008	() ()
1	142.250.186.34 142.250.186.34	() ()
3	2a00:1450:400... 2a00:1450:4001:812::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:813::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:829::2002	() ()
11	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	() ()
5	2a00:1450:400... 2a00:1450:4001:82b::2003	() ()
1 1	2a00:1450:400... 2a00:1450:4001:812::2004	() ()
62	17

9 52.2.231.154 (United States)

ASN14618 (AMAZON-AES, US)

got-free-ecards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN- ()

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20d7:a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN- ()

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN- ()
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN- ()

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	213 KB
9	got-free-ecards.com got-free-ecards.com	120 KB
8	doubleclick.net googleads.g.doubleclick.net	50 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	73 KB
4	googleapis.com fonts.googleapis.com	2 KB
3	googletagservices.com www.googletagservices.com	94 KB
2	google.com 1 redirects adservice.google.com www.google.com	432 B
2	google-analytics.com ssl.google-analytics.com	18 KB
2	facebook.net connect.facebook.net	62 KB
2	quantserve.com edge.quantserve.com pixel.quantserve.com	9 KB
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	647 B
1	quantcount.com rules.quantcount.com	359 B
1	jquery.com code.jquery.com	77 KB
62	14

	Domain	Requested by
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	got-free-ecards.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	got-free-ecards.com	got-free-ecards.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	got-free-ecards.com googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	ssl.google-analytics.com	got-free-ecards.com
2	connect.facebook.net	got-free-ecards.com connect.facebook.net
1	www.google.com	1 redirects
1	pixel.quantserve.com	got-free-ecards.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	rules.quantcount.com	edge.quantserve.com
1	edge.quantserve.com	got-free-ecards.com
1	code.jquery.com	got-free-ecards.com
62	18

This site contains links to these domains. Also see Links.

Domain
printable-cards.gotfreecards.com
www.coloringpagesus.com
blog.gotfreecards.com
itunes.apple.com

Subject Issuer	Validity	Valid
got-free-ecards.com Go Daddy Secure Certificate Authority - G2	`2020-03-23` - `2021-05-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://got-free-ecards.com/gc/ecardpickup.ecards
Frame ID: E97881BCCC94C9E7D77D0D5D53D486A3
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Frame ID: 88DF8F6E5BA16DD7E72367190C9FE865
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
Frame ID: F1474CFA7BF90C63695CAB94D9226FE9
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
Frame ID: FDCC6ECA8F0230A7F1D4CB0BDAA0D771
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&adk=1812271804&adf=3025194257&lmt=1614693643&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&ea=0&flash=0&pra=7&wgl=1&dt=1614693643614&bpp=1&bdt=474&idt=43&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280%2C198x600&nras=1&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=48
Frame ID: FF7877C108982837DEE4CFE4838F347B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Frame ID: 06150AF847561C806239928F350E0047
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8D93EE673DEB06DCEBFAF867C38B8A65
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js
Frame ID: 24373CE4A64A4A7AE87E4029F9810DC4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 81BEF9C99E3018CC235DA3DDD14C83DE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

62
Requests

100 %
HTTPS

88 %
IPv6

14
Domains

18
Subdomains

17
IPs

3
Countries

720 kB
Transfer

1920 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://printable-cards.gotfreecards.com/
Title: Printable cards

Search URL Search Domain Scan URL

URL: http://www.coloringpagesus.com/
Title: Coloring Pages

Search URL Search Domain Scan URL

URL: http://blog.gotfreecards.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://printable-cards.gotfreecards.com/tos
Title: | Terms of use

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/got-free-cards/id584291669?mt=8
Title: | iOS app for Gotfreecards |

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

62 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ecardpickup.ecards Show response
got-free-ecards.com/gc/ 14 KB
5 KB 430ms
160ms Document
text/html 52.2.231.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://got-free-ecards.com/gc/ecardpickup.ecards
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.231.154 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 3e5aedebf5368cd0cf2097ec200435ebb1c6ee8ca64dbbe4321597d7f513d5da

Request headers

:method: GET
:authority: got-free-ecards.com
:scheme: https
:path: /gc/ecardpickup.ecards
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-type: text/html; charset=UTF-8
content-length: 4194
set-cookie: AWSALB=o3XqVfsQXjGXgr0OuCkR9m0qG6assfddAdGxcY9jbaJDHm4U3+y55qCSoK2OQOZWyB9NByzEDR/SlzrH7+nYJ53t2UK1qQG4AEY2Gc1B4DIqfnAP08lKBWkmO8wQ; Expires=Tue, 09 Mar 2021 14:00:43 GMT; Path=/ AWSALBCORS=o3XqVfsQXjGXgr0OuCkR9m0qG6assfddAdGxcY9jbaJDHm4U3+y55qCSoK2OQOZWyB9NByzEDR/SlzrH7+nYJ53t2UK1qQG4AEY2Gc1B4DIqfnAP08lKBWkmO8wQ; Expires=Tue, 09 Mar 2021 14:00:43 GMT; Path=/; SameSite=None; Secure Gotfreecards=a36ifrs3tu5bcmo0dilkistjql; path=/ Gotfreecards=2rce48jlcd209eqrt6oe9e82it; path=/
server: Apache/2.4.29 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *

GET
H2 200 bootstrap.min.css
got-free-ecards.com/css/ 100 KB
17 KB 110ms
109ms Stylesheet
text/css 52.2.231.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://got-free-ecards.com/css/bootstrap.min.css
Requested by: Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.231.154 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d118145ce8bd815269b239d051dc6f326e644aa3fd608bdc2442b668a675263a

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 00:53:33 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "18ffa-5b5e95f439e5b-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 17205

GET
H2 200 bootstrap-theme.css
got-free-ecards.com/css/ 14 KB
2 KB 105ms
103ms Stylesheet
text/css 52.2.231.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://got-free-ecards.com/css/bootstrap-theme.css
Requested by: Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.231.154 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0e03e991403c446abc0add61a2739c583f3d291af53a1724470cf72fef3a27d8

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 00:53:33 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "399a-5b5e95f3fe53b-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1817

GET
H2 200 style.css
got-free-ecards.com/css/ 19 KB
5 KB 195ms
194ms Stylesheet
text/css 52.2.231.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://got-free-ecards.com/css/style.css
Requested by: Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.231.154 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 58404aa61c07de8c1349fd5d7da39c22d93c24f29e068a62735d4816f169b665

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 18:29:34 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "4a06-5b6c14a4536c9-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4189

GET
H2 200 jquery.min.js Show response
got-free-ecards.com/js/ 94 KB
33 KB 198ms
196ms Script
application/javascript 52.2.231.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://got-free-ecards.com/js/jquery.min.js
Requested by: Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.231.154 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 03:37:52 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "1762a-5b5ebaae5e0af-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 33225

GET
H2 200 bootstrap.min.js Show response
got-free-ecards.com/js/ 27 KB
8 KB 197ms
195ms Script
application/javascript 52.2.231.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://got-free-ecards.com/js/bootstrap.min.js
Requested by: Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.231.154 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 03:37:49 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "6cae-5b5ebaab5d7d2-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7283

GET
H2 200 css
fonts.googleapis.com/ 412 B
420 B 15ms
13ms Stylesheet
text/css 2a00:1450:4001:812::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Special+Elite&display=swap

Requested by

Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

447ce378d8062f597ad101e07bd5f8268c6fe740d956f451aa9ac8fd047fac65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 14:00:43 GMT
server: ESF
date: Tue, 02 Mar 2021 14:00:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Mar 2021 14:00:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 393 B
360 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Satisfy&display=swap

Requested by

Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

04a35f5f117aaa8162d66fe283df6f1d50eb5f86feec1a846a7c9f46e7b8a12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 14:00:43 GMT
server: ESF
date: Tue, 02 Mar 2021 14:00:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Mar 2021 14:00:43 GMT

GET
H2 200 jquery-1.8.3.js Show response
code.jquery.com/ 260 KB
77 KB 26ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.8.3.js
Requested by: Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-40f49"
vary: Accept-Encoding
x-hw: 1614693643.dop213.fr8.t,1614693643.cds288.fr8.hc,1614693643.cds225.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 78927

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
48 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49425
x-xss-protection: 0
server: cafe
etag: 12511417949189125007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 02 Mar 2021 14:00:43 GMT

GET
H2 200 gotfreecards-logo.png
got-free-ecards.com/img/ 3 KB
4 KB 106ms
106ms Image
image/png 52.2.231.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://got-free-ecards.com/img/gotfreecards-logo.png
Requested by: Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.231.154 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6179b9292fc8719197486f0a7bed6b0365a71c3452b026f5f9b5cdaa179a8420

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
last-modified: Tue, 08 Dec 2020 02:18:43 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "d73-5b5ea8fd506f7"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3443

GET
H2 200 M2.jpg
got-free-ecards.com/img/ 28 KB
29 KB 105ms
105ms Image
image/jpeg 52.2.231.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://got-free-ecards.com/img/M2.jpg
Requested by: Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.231.154 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8a651e22a7ef011b676a148b36c6c1d994fcbbcf28a0039bd4e57381468ff228

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
last-modified: Tue, 08 Dec 2020 02:18:43 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "703e-5b5ea8fd5a337"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 28734

GET
H2 200 quant.js Show response
edge.quantserve.com/ 23 KB
9 KB 24ms
7ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash: 2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
etag: "/D8P7qgiWm3WmfjhiS2eTg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 09 Mar 2021 14:00:43 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN (),

Reverse DNS

Software

Resource Hash

f8b8c70604900ff187bc2d70574a757362443a647a6728f911a2117c66ce1d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NRmb2W4ROvjo0tfKe0LmeA==
cross-origin-resource-policy: cross-origin
expires: Tue, 02 Mar 2021 14:18:44 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: QTrX44XU+BM2Oc65ZCChfKCMSdYyhh1wxJe3m9uAn0T77ldCNZbi04/el5GhyI3i7RQUSBFTwdVR8/7LiIx4UA==
x-fb-trip-id: 686109401
x-fb-content-md5: 4f3d013961d8ba7bc1dbb59e2aef155e
date: Tue, 02 Mar 2021 14:00:43 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "5b3c8f203de5281906e5295dc1daa0ab"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 glyphicons-halflings-regular.woff2
got-free-ecards.com/fonts/ 18 KB
18 KB 103ms
103ms Font
application/octet-stream 52.2.231.154
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://got-free-ecards.com/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: got-free-ecards.com
URL: https://got-free-ecards.com/css/bootstrap.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.231.154 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin: https://got-free-ecards.com
Referer: https://got-free-ecards.com/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 02 Mar 2021 14:00:43 GMT
last-modified: Tue, 08 Dec 2020 02:18:43 GMT
server: Apache/2.4.29 (Ubuntu)
accept-ranges: bytes
etag: "466c-5b5ea8fcff617"
content-length: 18028

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ 227 KB
86 KB 71ms
56ms Script
text/javascript 2a00:1450:4001:808::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4536183684306717&plah=got-free-ecards.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Mar 2021 14:00:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame 88DF 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://got-free-ecards.com/gc/ecardpickup.ecards
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://got-free-ecards.com/gc/ecardpickup.ecards

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 02 Mar 2021 00:12:56 GMT
expires: Tue, 16 Mar 2021 00:12:56 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 49667
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rules-p-93D76dF12225c.js Show response
rules.quantcount.com/ 3 B
359 B 94ms
40ms Script
application/x-javascript 2600:9000:20d7:a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-93D76dF12225c.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20d7:a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 09:32:58 GMT
via: 1.1 3180232852f42d0e8ed2a6999ef03c93.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 20:15:09 GMT
server: AmazonS3
age: 16066
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: 0YL9s_rjvVTQv0HKoCr6RWBwtRI1V71jMEvA2GfFtYJG4ZOITLwU-Q==

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:812::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1156
date: Tue, 02 Mar 2021 13:41:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 02 Mar 2021 15:41:27 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 196 KB
60 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=e0bd71494efcbcbeb9991735036288fd&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN (),

Reverse DNS

Software

Resource Hash

b90b03d96d811414caa79c494dd126265ebb8e1569d3273c1bf69c0efdadd372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://got-free-ecards.com
Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ZHH0KlhJVx3SbMJE07yDVQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60506
x-fb-rlafr: 0
x-fb-debug: dLC+QIhPdM/UFtWRHWer3aOgyCCF97faUJXJePNRYVsbxwhVtwHoh13+rgU18HOOZlQHu02YxjyCLU3rrTj+hQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 019213799c3986c17ce4595e4c7e48aa
x-frame-options: DENY
date: Tue, 02 Mar 2021 14:00:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "55693fe0f4a1a96b4f6565308fe8bdf5"
timing-allow-origin: *
expires: Wed, 02 Mar 2022 12:13:51 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 59ms
46ms Image
image/gif 2a00:1450:4001:812::2008

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1716913555&utmhn=got-free-ecards.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Free%20Ecards%2C%20Greeting%20cards%2C%20Animated%20Cards%2C%20%7C%20Gotfreecards&utmhid=2051856277&utmr=-&utmp=%2Fgc%2Fecardpickup.ecards&utmht=1614693643606&utmac=UA-7929140-1&utmcc=__utma%3D56809148.463997049.1614693644.1614693644.1614693644.1%3B%2B__utmz%3D56809148.1614693644.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1442630005&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 14:00:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
647 B 102ms
46ms Script
text/javascript 142.250.186.34

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=got-free-ecards.com&callback=_gfp_s_&client=ca-pub-4536183684306717

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4536183684306717&plah=got-free-ecards.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN (),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

def20d8f674df174daa30baeff81174d94f6c3e34d730a8a5db13a4d3e37692c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=got-free-ecards.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=got-free-ecards.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F147 65 KB
22 KB 666ms
652ms Document
text/html 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

68b2e435852770661940b5de292c14928bf12dba7019562184a6286e5105f930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://got-free-ecards.com/gc/ecardpickup.ecards
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://got-free-ecards.com/gc/ecardpickup.ecards

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 02 Mar 2021 14:00:44 GMT
server: cafe
content-length: 22208
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 14:15:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 02 Mar 2021 14:00:44 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:829::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602243598683"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Tue, 02 Mar 2021 14:00:43 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDCC 71 KB
22 KB 351ms
347ms Document
text/html 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4a84487328be0e4a4ce4c5386dc6fb159e4b5a6b5ebcf72e8aed56ff73821157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://got-free-ecards.com/gc/ecardpickup.ecards
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://got-free-ecards.com/gc/ecardpickup.ecards

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 02 Mar 2021 14:00:43 GMT
server: cafe
content-length: 22736
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 14:15:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 02 Mar 2021 14:00:43 GMT
cache-control: private

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 39ms
38ms Image
image/gif 2a00:1450:4001:808::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&tn=NAV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false

Requested by

Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 14:00:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF78 2 KB
1 KB 101ms
100ms Document
text/html 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&adk=1812271804&adf=3025194257&lmt=1614693643&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&ea=0&flash=0&pra=7&wgl=1&dt=1614693643614&bpp=1&bdt=474&idt=43&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280%2C198x600&nras=1&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=48

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c99d92cb180e0b6282a34c74f8cea477e3abfd7f95c6b739d7cf56d6efeea9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4536183684306717&output=html&adk=1812271804&adf=3025194257&lmt=1614693643&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&ea=0&flash=0&pra=7&wgl=1&dt=1614693643614&bpp=1&bdt=474&idt=43&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280%2C198x600&nras=1&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=48
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://got-free-ecards.com/gc/ecardpickup.ecards
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://got-free-ecards.com/gc/ecardpickup.ecards

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 02 Mar 2021 14:00:43 GMT
server: cafe
content-length: 505
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Mar-2021 14:15:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 02 Mar 2021 14:00:43 GMT
cache-control: private

GET
H2 200 pixel;r=1254960057;rf=0;uht=2;a=p-93D76dF12225c;url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards;fpan=1;fpa=P0-1107954674-1614693643664;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=...
pixel.quantserve.com/ 35 B
371 B 9ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1254960057;rf=0;uht=2;a=p-93D76dF12225c;url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards;fpan=1;fpa=P0-1107954674-1614693643664;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=got-free-ecards.com;je=0;sr=1600x1200x24;dst=1;et=1614693643664;tzo=-60;ogl=

Requested by

Host: got-free-ecards.com
URL: https://got-free-ecards.com/gc/ecardpickup.ecards

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 14:00:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame FDCC 3 KB
1023 B 65ms
49ms Stylesheet
text/css 2a00:1450:4001:812::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 12:58:32 GMT
server: ESF
date: Tue, 02 Mar 2021 14:00:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Mar 2021 14:00:44 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame FDCC 2 KB
1000 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 14:00:36 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame FDCC 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 13:48:48 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame FDCC 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 13:54:13 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDCC 107 KB
33 KB 43ms
28ms Script
text/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Tue, 02 Mar 2021 14:00:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame FDCC 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 13:59:48 GMT

GET
H2 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame FDCC 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 10:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Mar 2021 07:11:17 GMT
server: sffe
age: 11006
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Mon, 31 May 2021 10:57:18 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame FDCC 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3Gg5C0U-YJCeKq6E7_UP4N6ZgAG7it2BYenbloq8CormtLX5ARABILvl_hRglQKgAeTCs-4DyAEJqQK_YGS7KiK0PqgDAcgDywSqBM8BT9CHqn_rgfsaO0S-8RC2ViAF5x5_SeZlI-BMaSabsLftm1DPzxij60RromxQJhBBIan6qeBMBanxrXwBcANv37ozve8qLMl-NWBoCyk05nRgCD0AzrXYG9KhuwHExYNENP1NcvdU7k5qMaTBaFnpp5qLU8QOeEpe_vg4BfvG1lgyjxoB7bu6zncMBrAhJqbjt1joklTblcExkvBa5HbJI62PDsGd3lfX9Qn1Jkk3yQhOhoKXxHELemkiV5Inxndl0MbqdHSfntPRJIvKmou-wATRx5ySigKSBQQIBBgBkgUECAUYBKAGLoAHhL3MEagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCm7gHSCAkIgOGAEBABGB-ACgHICwHYEwyIFAayFxoKGAgAEhRwdWItNDUzNjE4MzY4NDMwNjcxNw&sigh=Y7BB-Iu-X78&template_id=5000&tpd=AGWhJmugL9dXQWk7bzb3RRKHRUtGMpOwtMZgPDxfXuaagAen4A

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 02 Mar 2021 14:00:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 02 Mar 2021 14:00:44 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7601902553968407434/ Frame FDCC 10 KB
10 KB 29ms
13ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7601902553968407434/downsize_200k_v1?w=400&h=209

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

761ba6829d271083438ad4f03bb404518e4e8cc721e082240e812a24ff3ac50b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 13:22:01 GMT
x-content-type-options: nosniff
age: 175123
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9947
x-xss-protection: 0
last-modified: Thu, 13 Aug 2020 16:15:07 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 28 Feb 2022 13:22:01 GMT

GET
DATA 200
OK truncated
/ Frame FDCC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541dfdd33ba595f92b43e902ec1aaaaf9dffef0e65faace3d3f840fdb50bc059

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FDCC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78fa3d5c851dae91631383e144cdc4e34d877fb254b71b863f4e200c24489986

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame FDCC 14 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:32:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 286110
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:32:14 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame FDCC 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:30:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 167390
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:30:54 GMT

GET
H3-Q050 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0615 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 05:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 118100
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Tue, 01 Mar 2022 05:12:24 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame F147 4 KB
651 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 13:45:25 GMT
server: ESF
date: Tue, 02 Mar 2021 14:00:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Mar 2021 14:00:44 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame F147 2 KB
990 B 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 14:00:36 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/ Frame F147 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 18079855114753437313
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 13:48:48 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame F147 3 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 13:54:13 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F147 107 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Tue, 02 Mar 2021 14:00:44 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/ Frame F147 14 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210224/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 13:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 13:59:48 GMT

GET
H3-Q050 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame F147 26 KB
11 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 05:48:51 GMT
server: sffe
age: 285868
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Fri, 28 May 2021 06:36:16 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame F147 0
0 47ms
44ms Fetch
text/html 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpNHnC0U-YNaWKvvV7_UP_Ia06Ay1_JauYbHtitXCDYOuuJy9ARABILvl_hRglQKgAanV7MICyAEBqQK_YGS7KiK0PqgDAcgDywSqBMwBT9COSGDxOOGFxnHA3xXjYg3OOHduKSPepiIA2aQ71j--pyE2so6jfD1g9C8_1JNWi1tlOAE0yQ_uK-ZXAcytXfwMuLMCUeoh8u5reFqWOJWD_YHb46GOE5g58UKKIwC5V63yFxwOtLfRx7elNcJmCENLiPZB1FBLvth9s-E2iBr5EDVe3vcKSSt-tQQpdNWqkNsQygKVvUaeZmUXxGuPBDE-qbU8viSOfHytZUlDYlbGIm35k59CcdtCmA770H6hlpDmCdZSGyet_RiRwATR47m2xAOSBQQIBBgBkgUECAUYBIAHv6qTvQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQmsce0ggJCIDhgBAQARgfgAoByAsB2BMMiBQBshcaChgIABIUcHViLTQ1MzYxODM2ODQzMDY3MTc&sigh=L2SWK4GSjyA&tpd=AGWhJmtDM7QlDz5c9JbAlbhoZPUnuIs1v6a4O8pHpSxpWZyTYQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 02 Mar 2021 14:00:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D93 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn9jnExulzGmLdGT-Rb2iJ1c_AlgzLx0RtUlzDpefojn7H9aqTPxUh_61f8W7I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 02 Mar 2021 13:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1160
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F147 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff1204914018bc20c366cd47ed407749703d448d428870fe1f6ee6035af9b25

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F147 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 10:19:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 358898
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Sat, 26 Feb 2022 10:19:06 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame F147 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 03:58:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 381726
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Sat, 26 Feb 2022 03:58:38 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
26ms XHR
application/json 2a00:1450:4001:808::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ba2ac76757fd2f1b8b760a9be5ce9e3557a5c91ffc27a0f8d5fe7a63bb49c564

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 02 Mar 2021 14:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6489
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8D93
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

14ms
14ms

Document
text/html

2a00:1450:4001:811::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUn9jnExulzGmLdGT-Rb2iJ1c_AlgzLx0RtUlzDpefojn7H9aqTPxUh_61f8W7I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 02 Mar 2021 14:00:44 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 02-Mar-2021 15:00:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 02 Mar 2021 14:00:44 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 02 Mar 2021 14:00:44 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
pagead2.googlesyndication.com/bg/ Frame 2437 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 05:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 118100
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Tue, 01 Mar 2022 05:12:24 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 14:00:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 02 Mar 2021 14:00:44 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 81BE 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://got-free-ecards.com/gc/ecardpickup.ecards
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://got-free-ecards.com/gc/ecardpickup.ecards

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 02 Mar 2021 14:00:06 GMT
expires: Wed, 02 Mar 2022 14:00:06 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 38
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
pagead2.googlesyndication.com/bg/ Frame 81BE 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 05:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 118100
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Tue, 01 Mar 2022 05:12:24 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 42ms
42ms Image
image/gif 2a00:1450:4001:808::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=401897481607522&bg=!m5ilmNvNAAXB_3NtwTsAKQB2-Dxa8TpAWORCqYyRqE6IeE1u4zU0hMOyN_7YHQ5equZt9u47jYMeAgAAAE9SAAAACmgBBwoBUFWiglwq5w6HcScXe1VfrXZvbe2ZaHypKL3uDbW-CMtqo2JcEDH9NLqaIbILYJAAegHv06Bqyrpa2J0caGVkMhiLObORGlgmsr_s68yHnL2Tvr6-WYFBwVmsRuSXO4_m9veRTVs3qQfw4w9ai0z-Fyn1w5BhVWoQ_DI9Wp0bhGFL4KAM1L5aUKp8FqIhMYqg4pij0SVWuFKS_Ecnxfas_QF93-VeZVQEYRkLBGARGPMIAYJ0AxuxlVrDPXmuqG-1yUDIIGJcblTJR_bSUiDs9vN75crk-7VEuc9HRW6j-tqeJ0VU3-HEJ9GD5M1sOwU76O3KamT55tUhmC5oU4WESyQCZofXeCfEAOBGH9c1PEYXjd891ZGPrQF4kWc0tikjC9uKx4PMF00SpTQcmWJ1P6c8cFEiByEdg1b17iMvBpRrcbnmbSf2OOZTOXGNxBHRXpkBzUBZnmGjYV_GQSd4JpU4qik5TW1JXc4VKF7CWOTyTA8RH6RybcpWh9x3d5IsjpHaBK-ac41GNFhlWcjKDk2ZJR8cj4tcF8Lav6JgoP_mYdu2u0SlWW9FxvzUXs8hUMVRMD3AtKmwLJwd5PaeBixKLAYLPFOrDJJcvvSDiKZeGkSf-KdAl2BZWxS-4Z85CUWr-6RRSkJv2kTlcJi23hPE0VlXt4zcX3knofTOegJ3J0Y-Vu0cNf2eUTW3mhkVXFAMd_bbo4ASwEQj0q6WZFFyWyHVOBLwBsTpo2S0rZyl5Ez32Q21AEhGsZtGbge-F9CNtKHqdDg6F7-HzVJ1L4B6qDs8f5lNrzxnoXubx19MYEe2OMxh2B1xusRbeqBz6HXfXYTK66w23JLa3F7MuT9t5OhjqmVAa6M1kaeMnpMciyZwGod1PRtd-ayVhDm3uJgOilrfMWKle4pcl1GIlNGI7RAeYkmZdd3KKrr4iyYkYKS8H5aSv-FGSVaCF5GlmprhtIRM-QGl9F9Tzc0sE8lSUiW3yDD4LeTDPyLOdwONROekGXG2awHR2C7gQp7yAWG0AS_4tVLGsEQPPEGbUfgkZLsUZsq_nsQh9AGK-Pxj

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://got-free-ecards.com/gc/ecardpickup.ecards
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 14:00:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FDCC 42 B
155 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:808::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKFXdf_S6qohIT1P3eyhe5OtJyAg3DD8Yi4tqVJtPxIWspfunZ0X1S38Zc2Yke5UjcE1tmAvvXTXemktCJEnPNPk2If10QFMPAe4hyeztfpeMjet3OhXyC3iWqpg&sai=AMfl-YRA8tm5KmDeM9q_zgtPQJLjbMBhg0A3AiI4XOflRt784JPDVdY8esR7QyVsu1BbFiGFXrU-jjS_63-Y&sig=Cg0ArKJSzJlF4N--3uceEAE&id=osdim&mcvt=1001&p=65,1330,665,1528&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3785523242&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614693643655&dlt=354&rpt=42&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=600&slotname=4174497404&adk=3785523242&adf=2440633853&pi=t.ma~as.4174497404&w=198&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=198x600&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1614693643522&bpp=10&bdt=382&idt=128&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1018x280&correlator=6273182360660&frm=20&pv=1&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1330&ady=65&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=fFmARcPYkY&p=https%3A//got-free-ecards.com&dtd=132
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 14:00:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F147 42 B
66 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:808::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvITlpih9PRZUHSOW6wcEA4sZmHrs06skWnVTov454qJFKcqzr79jjBosrFmAyvjEqxjbhpgFxOyI301CCGP6mNkybA5E66CvOl86xym8qfMJD58IDsitjoP4S_SA&sai=AMfl-YSKwC_XFBtldD8kwjuikdP5izq7CLbD_mhT5oMfHyOxy_Y8CkjYBdNSGfRatqQGa7u-yA6NvbAkWars&sig=Cg0ArKJSzLUts4nr8lG7EAE&id=osdim&mcvt=1001&p=71,247,351,1265&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210301&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2641185008&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1614693643646&dlt=668&rpt=63&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4536183684306717&output=html&h=280&slotname=7140000172&adk=2641185008&adf=1310720920&pi=t.ma~as.7140000172&w=1018&fwrn=4&fwrnh=100&lmt=1614693643&rafmt=1&psa=0&format=1018x280&url=https%3A%2F%2Fgot-free-ecards.com%2Fgc%2Fecardpickup.ecards&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1614693643513&bpp=9&bdt=373&idt=110&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6273182360660&frm=20&pv=2&ga_vid=463997049.1614693644&ga_sid=1614693644&ga_hid=2051856277&ga_fc=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=247&ady=71&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066612&oid=3&pvsid=401897481607522&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Bi08naeOn7&p=https%3A//got-free-ecards.com&dtd=128
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 14:00:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:31:34	Name: test_cookie Value: CheckForPermission
.got-free-ecards.com/	1970-01-20 10:02:45	Name: __utma Value: 56809148.463997049.1614693644.1614693644.1614693644.1
.got-free-ecards.com/	1970-01-19 16:31:34	Name: __utmt Value: 1
.got-free-ecards.com/	1970-01-19 20:54:21	Name: __utmz Value: 56809148.1614693644.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.doubleclick.net/	1970-01-20 01:53:09	Name: IDE Value: AHWqTUn9jnExulzGmLdGT-Rb2iJ1c_AlgzLx0RtUlzDpefojn7H9aqTPxUh_61f8W7I
.got-free-ecards.com/	1970-01-20 01:53:09	Name: __gads Value: ID=9c55206252337c6d-22a6d024f3a600f9:T=1614693643:RT=1614693643:S=ALNI_MYhh6vXJiqxVwn6vSMBvLF-sAOi8Q
.got-free-ecards.com/	1970-01-20 01:56:02	Name: __qca Value: P0-1107954674-1614693643664
.got-free-ecards.com/	1970-01-19 16:31:35	Name: __utmb Value: 56809148.1.10.1614693644
.got-free-ecards.com/	1969-12-31 23:59:59	Name: __utmc Value: 56809148
got-free-ecards.com/	1970-01-19 16:41:38	Name: AWSALBCORS Value: QZIPgV7XkmRW3qi1oQtRWaNSqBpfRyWqKRE2fLL1D81DKnh2UgLM8rIv/rzw62oOl/WTBVC0McJ3LDMGIb4VHU8F8uMr3WUsfUJv/VWrnITXOneLCYZaELB4xO8u
got-free-ecards.com/	1970-01-19 16:41:38	Name: AWSALB Value: QZIPgV7XkmRW3qi1oQtRWaNSqBpfRyWqKRE2fLL1D81DKnh2UgLM8rIv/rzw62oOl/WTBVC0McJ3LDMGIb4VHU8F8uMr3WUsfUJv/VWrnITXOneLCYZaELB4xO8u
got-free-ecards.com/	1969-12-31 23:59:59	Name: Gotfreecards Value: 2rce48jlcd209eqrt6oe9e82it

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
connect.facebook.net
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
got-free-ecards.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
rules.quantcount.com
ssl.google-analytics.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.186.34
2001:4de0:ac19::1:b:1a
2600:9000:20d7:a00:6:44e3:f8c0:93a1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a03:2880:f01c:8012:face:b00c:0:3
52.2.231.154
04a35f5f117aaa8162d66fe283df6f1d50eb5f86feec1a846a7c9f46e7b8a12d
0e03e991403c446abc0add61a2739c583f3d291af53a1724470cf72fef3a27d8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
2190c16423c2557bcb20ccba2edc176fbeb16e6a3de2b2af297f650aae85a43e
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
3e5aedebf5368cd0cf2097ec200435ebb1c6ee8ca64dbbe4321597d7f513d5da
447ce378d8062f597ad101e07bd5f8268c6fe740d956f451aa9ac8fd047fac65
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4a84487328be0e4a4ce4c5386dc6fb159e4b5a6b5ebcf72e8aed56ff73821157
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
541dfdd33ba595f92b43e902ec1aaaaf9dffef0e65faace3d3f840fdb50bc059
58404aa61c07de8c1349fd5d7da39c22d93c24f29e068a62735d4816f169b665
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e2a22b1971df590c6430eedb9cb1c3148d033040b34f92df454ad040ca97187
6179b9292fc8719197486f0a7bed6b0365a71c3452b026f5f9b5cdaa179a8420
68b2e435852770661940b5de292c14928bf12dba7019562184a6286e5105f930
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
756d7dfac4a35bb57543f677283d6c682e8d704e5350884b27325badd2b3c4a7
761ba6829d271083438ad4f03bb404518e4e8cc721e082240e812a24ff3ac50b
78fa3d5c851dae91631383e144cdc4e34d877fb254b71b863f4e200c24489986
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8a651e22a7ef011b676a148b36c6c1d994fcbbcf28a0039bd4e57381468ff228
8ff1204914018bc20c366cd47ed407749703d448d428870fe1f6ee6035af9b25
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
b90b03d96d811414caa79c494dd126265ebb8e1569d3273c1bf69c0efdadd372
ba2ac76757fd2f1b8b760a9be5ce9e3557a5c91ffc27a0f8d5fe7a63bb49c564
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c3628da8fa7768e8c2bdb2fb0856093807a7a9a9837ac50139c4afb94cc4a20a
c99d92cb180e0b6282a34c74f8cea477e3abfd7f95c6b739d7cf56d6efeea9c1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d118145ce8bd815269b239d051dc6f326e644aa3fd608bdc2442b668a675263a
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
def20d8f674df174daa30baeff81174d94f6c3e34d730a8a5db13a4d3e37692c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
f8b8c70604900ff187bc2d70574a757362443a647a6728f911a2117c66ce1d1c
fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

got-free-ecards.com Open in urlscan Pro 52.2.231.154 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

88 %IPv6

14 Domains

18 Subdomains

17 IPs

3 Countries

720 kBTransfer

1920 kBSize

12 Cookies

5 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

got-free-ecards.com Open in urlscan Pro
52.2.231.154 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

88 %
IPv6

14
Domains

18
Subdomains

17
IPs

3
Countries

720 kB
Transfer

1920 kB
Size

12
Cookies

62 HTTP transactions
3 data transactions