urlscan.io logo urlscan.io
SecurityTrails logo

mensaycards.com Open in urlscan Pro
34.215.172.255  Public Scan

Go To Rescan Add Verdict Report
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A...
Submission: On January 04 via manual from IE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 64 HTTP transactions. The main IP is 34.215.172.255, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is mensaycards.com.
TLS certificate: Issued by E5 on November 28th 2024. Valid for: 3 months.
This is the only time mensaycards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 34.215.172.255 16509 (AMAZON-02)
1 142.250.64.106 15169 (GOOGLE)
3 3.93.117.208 14618 (AMAZON-AES)
4 142.251.40.162 15169 (GOOGLE)
3 57.144.180.128 32934 (FACEBOOK)
2 146.75.32.157 54113 (FASTLY)
4 57.144.180.1 32934 (FACEBOOK)
2 23.56.163.34 16625 (AKAMAI-AS)
4 142.251.40.98 15169 (GOOGLE)
1 151.101.64.84 54113 (FASTLY)
12 142.251.41.14 15169 (GOOGLE)
1 142.251.32.98 15169 (GOOGLE)
2 142.251.35.161 15169 (GOOGLE)
1 142.250.72.100 15169 (GOOGLE)
64 14
24    34.215.172.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-172-255.us-west-2.compute.amazonaws.com
mensaycards.com
1    142.250.64.106 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f10.1e100.net
ajax.googleapis.com
3    3.93.117.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-117-208.compute-1.amazonaws.com
pwk.mensaycards.com
4    142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
pagead2.googlesyndication.com
3    57.144.180.128 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-lga3.fbcdn.net
connect.facebook.net
2    146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
platform.twitter.com
4    57.144.180.1 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-03-lga3.facebook.com
www.facebook.com
2    23.56.163.34 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-163-34.deploy.static.akamaitechnologies.com
assets.pinterest.com
4    142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
googleads.g.doubleclick.net
1    151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
log.pinterest.com
12    142.251.41.14 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f14.1e100.net
fundingchoicesmessages.google.com
1    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
ep1.adtrafficquality.google
2    142.251.35.161 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f1.1e100.net
ep2.adtrafficquality.google
1    142.250.72.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
27 mensaycards.com
mensaycards.com
pwk.mensaycards.com
229 KB
13 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
78 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
273 B
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
198 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 pinterest.com
assets.pinterest.com — Cisco Umbrella Rank: 4275
log.pinterest.com — Cisco Umbrella Rank: 6001
19 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
83 KB
2 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1634
27 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
33 KB
64 10
Domain Requested by
24 mensaycards.com mensaycards.com
12 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 www.facebook.com mensaycards.com
connect.facebook.net
4 pagead2.googlesyndication.com mensaycards.com
pagead2.googlesyndication.com
3 connect.facebook.net mensaycards.com
connect.facebook.net
3 pwk.mensaycards.com mensaycards.com
pwk.mensaycards.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 assets.pinterest.com mensaycards.com
assets.pinterest.com
2 platform.twitter.com mensaycards.com
platform.twitter.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 log.pinterest.com mensaycards.com
1 ajax.googleapis.com mensaycards.com
64 14

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
replayshot.com
E5		 2024-11-28 -
2025-02-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
pwk.mensaycards.com
E6		 2024-11-08 -
2025-02-06		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-13 -
2025-01-11		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-24 -
2025-07-25		 a year crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-08-02 -
2025-08-07		 a year crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
adtrafficquality.google
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
www.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Frame ID: 45C07A697B36915359FDD25D0C9DEBF0
Requests: 54 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://mensaycards.com&send=false&layout=button_count&width=100&show_faces=true&action=like&colorscheme=light&font=tahoma&height=21&appId=728140083887335
Frame ID: ED2E34E95FB449631089844F1F0F35F1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2Fmensaycardscom%2F913329112018422&width=290&height=340&colorscheme=light&show_faces=true&border_color&stream=false&header=true
Frame ID: F47F80E1456432C776AA4C88B1DF9FBC
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fmensaycards.com
Frame ID: E1565BCEB7210621E5AD922716F11421
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 6A9CDF708CB3C05C2ABED18E3D557CEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6691222809324346&output=html&h=90&slotname=6906948516&adk=1823414837&adf=2021939151&pi=t.ma~as.6906948516&w=728&abgtt=9&lmt=1735983935&format=728x90&url=https%3A%2F%2Fmensaycards.com%2Flogin%3Furl%3D%252Fcreate_ecard%252F%253Fc%253Dc1.png%2526t%253D001animals.png%2526cat%253D35%2526text%253D%252B%25250D%25250A%252B%25250D%25250AMarketing%252Binvestments%252Bshould%252Balways%252Bdeliver%252Bresults.%252BA%252Bplatform%252Bprofile%252Bdelivers%252Ba%252Bhigh%252BROI%252Bby%252Bdriving%252Bvisibility%25252C%252Benhancing%252Brankings%25252C%252Band%252Benhancing%252Byour%252Bcredibility.%252B%25250D%25250AUnlike%252Bexpensive%252Bpromotions%25252C%252Bdirectories%252Bfocus%252Bon%252Bongoin&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735983934912&bpp=6&bdt=907&idt=62&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=2704966866156&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089336%2C95332925&oid=2&pvsid=3909684435149246&tmod=1701970313&uas=0&nvt=1&fc=896&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=101
Frame ID: F0B13A1B3888B9833AC032C567146A45
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6691222809324346&output=html&h=250&slotname=3674280516&adk=28220291&adf=2257037737&pi=t.ma~as.3674280516&w=300&abgtt=9&lmt=1735983935&format=300x250&url=https%3A%2F%2Fmensaycards.com%2Flogin%3Furl%3D%252Fcreate_ecard%252F%253Fc%253Dc1.png%2526t%253D001animals.png%2526cat%253D35%2526text%253D%252B%25250D%25250A%252B%25250D%25250AMarketing%252Binvestments%252Bshould%252Balways%252Bdeliver%252Bresults.%252BA%252Bplatform%252Bprofile%252Bdelivers%252Ba%252Bhigh%252BROI%252Bby%252Bdriving%252Bvisibility%25252C%252Benhancing%252Brankings%25252C%252Band%252Benhancing%252Byour%252Bcredibility.%252B%25250D%25250AUnlike%252Bexpensive%252Bpromotions%25252C%252Bdirectories%252Bfocus%252Bon%252Bongoin&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735983934918&bpp=2&bdt=913&idt=110&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=728x90&correlator=2704966866156&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1018&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089336%2C95332925&oid=2&pvsid=3909684435149246&tmod=1701970313&uas=0&nvt=1&fc=896&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=120
Frame ID: 32AEC2C49DA5BFC299334308F7102E26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6691222809324346&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1735983935&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fmensaycards.com%2Flogin%3Furl%3D%252Fcreate_ecard%252F%253Fc%253Dc1.png%2526t%253D001animals.png%2526cat%253D35%2526text%253D%252B%25250D%25250A%252B%25250D%25250AMarketing%252Binvestments%252Bshould%252Balways%252Bdeliver%252Bresults.%252BA%252Bplatform%252Bprofile%252Bdelivers%252Ba%252Bhigh%252BROI%252Bby%252Bdriving%252Bvisibility%25252C%252Benhancing%252Brankings%25252C%252Band%252Benhancing%252Byour%252Bcredibility.%252B%25250D%25250AUnlike%252Bexpensive%252Bpromotions%25252C%252Bdirectories%252Bfocus%252Bon%252Bongoin&pra=7&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735983934920&bpp=7&bdt=915&idt=127&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=728x90%2C300x250&nras=1&correlator=2704966866156&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089336%2C95332925&oid=2&pvsid=3909684435149246&tmod=1701970313&uas=0&nvt=1&fsapi=1&fc=896&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=142
Frame ID: AA0903A00F0D2667DD759E2205CB2D0D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like_box.php?app_id=728140083887335&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff2b32cdc38f3cc7f%26domain%3Dmensaycards.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmensaycards.com%252Ff7b4b47738983f353%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fmensaycardscom-913329112018422%2F&locale=en_US&sdk=joey&show_border=false&show_faces=true&stream=false&width=466
Frame ID: 5A9A4DA663C6D2A3590F34A665AB7F47
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 5240297E01D73B65023CEE2D96285F8E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F4B6FCD322699807220F32C5180895A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | Men Say Cards

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • //assets\.pinterest\.com/js/pinit\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

14
IPs

2
Countries

687 kB
Transfer

1719 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
mensaycards.com/ 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
c7835bed42c9ca0dd1931c1e8bdfb3028212c50e4bb0a1a05e9e5bf270d5b2f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 04 Jan 2025 09:45:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx/1.16.1
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.3.11
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
style20160131.css
mensaycards.com/css/ 		49 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mensaycards.com/css/style20160131.css?v1
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
b72a29d2c6fdacaf0ac47af0be6348ee52b6bcaf029d483638a7121d8bd8e5dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
content-encoding
gzip
etag
W/"5bd84acb-c2e5"
expires
Sat, 11 Jan 2025 09:45:34 GMT
date
Sat, 04 Jan 2025 09:45:34 GMT
content-type
text/css
last-modified
Tue, 30 Oct 2018 12:12:59 GMT
server
nginx/1.16.1
vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.106 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
gzip
age
100193
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 03 Jan 2026 05:55:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 03 Jan 2025 05:55:41 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33576
x-xss-protection
0
server
sffe
tabber.js
mensaycards.com/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mensaycards.com/js/tabber.js
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
953df0bf45c894e0362078c50a87d5f4bed8efec1261ae11253504e78ef076d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
content-encoding
gzip
etag
W/"52f8f2b6-3f87"
expires
Sat, 11 Jan 2025 09:45:34 GMT
date
Sat, 04 Jan 2025 09:45:34 GMT
content-type
application/javascript
last-modified
Mon, 10 Feb 2014 15:39:34 GMT
server
nginx/1.16.1
vary
Accept-Encoding
jquery.carouFredSel-6.2.1-packed.js
mensaycards.com/js/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mensaycards.com/js/jquery.carouFredSel-6.2.1-packed.js
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
9930f4e26cb466c1b9941f65c5b628e548d914c415d8857b143356264fb34855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
content-encoding
gzip
etag
W/"52f8f2b6-d60b"
expires
Sat, 11 Jan 2025 09:45:34 GMT
date
Sat, 04 Jan 2025 09:45:34 GMT
content-type
application/javascript
last-modified
Mon, 10 Feb 2014 15:39:34 GMT
server
nginx/1.16.1
vary
Accept-Encoding
jquery.cookie.js
mensaycards.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mensaycards.com/js/jquery.cookie.js
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
9fc1ebdd1d49741a4f0aeb25fafa46d73290cb1381aed455ff8d23b44570acc1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=604800, public, must-revalidate, proxy-revalidate
content-encoding
gzip
etag
W/"51d6e320-910"
expires
Sat, 11 Jan 2025 09:45:34 GMT
date
Sat, 04 Jan 2025 09:45:34 GMT
content-type
application/javascript
last-modified
Fri, 05 Jul 2013 15:15:44 GMT
server
nginx/1.16.1
vary
Accept-Encoding
matomo.php
pwk.mensaycards.com/ 		43 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwk.mensaycards.com/matomo.php?idsite=2&rec=1
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
3.93.117.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-117-208.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

cache-control
max-age=315360000
x-content-type-options
nosniff
referrer-policy
origin
expires
Thu, 31 Dec 2037 23:55:55 GMT
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/gif
server
nginx/1.16.1
join.gif
mensaycards.com/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/images/join.gif
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
1bf9c8b55896a4c7567de18527a04b966a6aa134b41c74a220279060a6747935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
etag
"51af3a3e-6bc7"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
27591
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/gif
last-modified
Wed, 05 Jun 2013 13:16:46 GMT
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
logo.png
mensaycards.com/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/images/logo.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
14e0ec4b496a5daea158bcd1d4da90b48b63bb72f8c67f3e86ba9e526e9d424f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
etag
"52f8f282-1900"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
6400
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Mon, 10 Feb 2014 15:38:42 GMT
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
e773e49efb906a9dc0b3ca8a056fd3d60bbc64632037b9f07681afdd6f9134f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
br
etag
17123132408221771584
x-content-type-options
nosniff
expires
Sat, 04 Jan 2025 09:45:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 04 Jan 2025 09:45:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53610
x-xss-protection
0
server
cafe
261.png
mensaycards.com/cardsthumb/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/cardsthumb/261.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
f7f219acce74dc92aed15019703a0b1ce75bde48cdb68ea8d6b88fa25e5af7f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
PHP/7.3.11
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
600.png
mensaycards.com/cardsthumb/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/cardsthumb/600.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
a8be7352ac60ed94ed85e43b5039b6bc0c265fbb152876bcf7f20ebd6fc79b2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
PHP/7.3.11
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
770.png
mensaycards.com/cardsthumb/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/cardsthumb/770.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
89d484e12b01c634113cceef3cef59885ed9a29aebca7a5d7960bbbfaf82498d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
PHP/7.3.11
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
490.png
mensaycards.com/cardsthumb/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/cardsthumb/490.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
182c458c788434633812f1973e10c17ecef1afdc9450027cabfe17e6713b1bf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
PHP/7.3.11
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
354.png
mensaycards.com/cardsthumb/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/cardsthumb/354.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
cd8245e804b09e9c0fca53e17be4fb46154c982b5f2f2a02c054c5924f2f7cff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
PHP/7.3.11
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
502.png
mensaycards.com/cardsthumb/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/cardsthumb/502.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
66fe86e5a027ac831e573208aa37334a7ebc8d935771e9bd4671862695bfc34b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
PHP/7.3.11
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
835.png
mensaycards.com/cardsthumb/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/cardsthumb/835.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
4bd84cea709b39a263987fc2d2a45476f425f079091199460f6651f9a3ba5094
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
PHP/7.3.11
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
305.png
mensaycards.com/cardsthumb/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/cardsthumb/305.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
f827a1e2831bb9c61641f96476c31dc2c6169a46d020d21989db54ea80ff8e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
PHP/7.3.11
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
890.png
mensaycards.com/cardsthumb/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/cardsthumb/890.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
d53c17a804fac88d081b7adefdaee36d7433a264b459654f18f01f170bcb76a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
PHP/7.3.11
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
822.png
mensaycards.com/cardsthumb/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/cardsthumb/822.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 / PHP/7.3.11
Resource Hash
47d2bda7f2b1a726797ccbda425b27d95d3c3a0b42198b4e9b2ef60bb556f341
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
pragma
no-cache
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
x-powered-by
PHP/7.3.11
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
slider-lft-arrow.jpg
mensaycards.com/images/ 		449 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/images/slider-lft-arrow.jpg
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
cca536ffeb1559d00d3ef5621f8d9cc5a53f6d534ed4a05840186d2227738531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
etag
"52f8f28a-1c1"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
449
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 10 Feb 2014 15:38:50 GMT
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
slider-rghtt-arrow.jpg
mensaycards.com/images/ 		429 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/images/slider-rghtt-arrow.jpg
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
90f4c1f20a01511d66231c5213efe66da389d497c1d023a00c74c2745179d5b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

cache-control
max-age=315360000
etag
"52f8f28a-1ad"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
429
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 10 Feb 2014 15:38:50 GMT
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
matomo.js
pwk.mensaycards.com/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwk.mensaycards.com/matomo.js
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
3.93.117.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-117-208.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

cache-control
max-age=3600, public
content-encoding
gzip
etag
W/"66f661a0-10784"
pragma
public
expires
Sat, 04 Jan 2025 10:45:34 GMT
date
Sat, 04 Jan 2025 09:45:34 GMT
content-type
application/javascript
last-modified
Fri, 27 Sep 2024 07:41:20 GMT
server
nginx/1.16.1
vary
Accept-Encoding
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-lga3.fbcdn.net
Software
/
Resource Hash
7e472f305c7ee86d99782d1292ee2114461622b39a4a2ec1f78092525b4b9c8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-md5
EZUp4mVm55peFt0VyllVWg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"263e988a2329800495cee9ee96e90589"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 04 Jan 2025 09:48:41 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 04 Jan 2025 09:45:34 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
e54e4979cedc3b7bd349c8ea4a4655c4
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=13, mss=1392, tbw=7278, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
1X/qYsxizCcU24Ay7ZQNoc/TTsO7yD4OgVZvcc5JP+s2tXSveQnTqPhofZhWunucZzGF8pwesiAvHFeOKG0Srw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1687
origin-agent-cluster
?1
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Sat, 04 Jan 2025 09:45:34 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kjyo7100042-IAD
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
like.php
www.facebook.com/plugins/ Frame ED2E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://mensaycards.com&send=false&layout=button_count&width=100&show_faces=true&action=like&colorscheme=light&font=tahoma&height=21&appId=728140083887335
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-lga3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mensaycards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' 'report-sample' 'nonce-rd6ASr0D' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jan 2025 09:45:34 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455994224244321836"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7455994224244321836", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1392, tbw=3009, tp=-1, tpl=-1, uplat=109, ullat=0
x-fb-debug
qMfPSVjd88do0tR6R8G7MIoe/Jidv1+wqmm1+p1W/AFtnvGen+gvo9fHVYQ5+KXUPlC9Y9B/8rq6hcLlCGN/4Q==
x-xss-protection
0
likebox.php
www.facebook.com/plugins/ Frame F47F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2Fpages%2Fmensaycardscom%2F913329112018422&width=290&height=340&colorscheme=light&show_faces=true&border_color&stream=false&header=true
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-lga3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mensaycards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jan 2025 09:45:35 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455994223445683506"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7455994223445683506", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=15, rtx=0, c=25, mss=1392, tbw=22537, tp=-1, tpl=-1, uplat=421, ullat=0
x-fb-debug
7sept8/5pfleUt40kBidMgmg+TM1kP7dJ3TymOzWRaXDAU4Ay1V/1fVORKbHBHiLM8L2Idd01SrG1oj9k6srlw==
x-xss-protection
0
pinit.js
assets.pinterest.com/js/ 		361 B
444 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit.js
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

access-control-max-age
86400
cache-control
max-age=187
access-control-expose-headers
X-CDN
content-encoding
br
etag
"62d32c28f14783b94192cd8d35bc010d"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
access-control-allow-origin
*
content-length
203
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding, Origin
fbds.js
connect.facebook.net/en_US/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbds.js
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-lga3.fbcdn.net
Software
/
Resource Hash
53794a665db60a36bd23d8a6a5970881195f8bb7a8fe52b774e383689d052d61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-md5
Fu8Q085ShLIpko/FDcZB+A==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"6b9040a1deb80cb19a842577989c5f3c"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 04 Jan 2025 09:57:02 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 04 Jan 2025 09:45:34 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
c6c7756dd85135887e2508e697768781
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=13, mss=1392, tbw=3016, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
7Lo2PKkb4DcYeMdUyniZC2viU9w6j+E9M0W6/3d6+3gzgatTNzwaIKJPUC3ZNDaCbD9bkP7Jph26po+wAShiRg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
2182
origin-agent-cluster
?1
bg.jpg
mensaycards.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/images/bg.jpg
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/css/style20160131.css?v1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
5613caa5937ee6fbbe0dbb6377e9ad385218e172118c61dac3d8afafb8a8340c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/css/style20160131.css?v1

Response headers

cache-control
max-age=315360000
etag
"52f8f278-4da"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
1242
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 10 Feb 2014 15:38:32 GMT
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
drop.png
mensaycards.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/images/drop.png
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/css/style20160131.css?v1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
8c26ea8f5188ab6645c0213c16ba7cbd0b51458adad93c10fbf7af68e4ef0b19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/css/style20160131.css?v1

Response headers

cache-control
max-age=315360000
etag
"52f8f280-416"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
1046
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Mon, 10 Feb 2014 15:38:40 GMT
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
srch-btn.jpg
mensaycards.com/images/ 		618 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/images/srch-btn.jpg
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/css/style20160131.css?v1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
74d79fd6fe78854e7dde7f8fa0ce0426ff4091340de6c16bdffb2615f005bc70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/css/style20160131.css?v1

Response headers

cache-control
max-age=315360000
etag
"52f8f28a-26a"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
618
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 10 Feb 2014 15:38:50 GMT
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
footer-rght-brdr-img.jpg
mensaycards.com/images/ 		304 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mensaycards.com/images/footer-rght-brdr-img.jpg
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/css/style20160131.css?v1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
098d12931f60fe40717f09c0ecb73391b1e704c4ec1733ce93a44e66ea7e6d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/css/style20160131.css?v1

Response headers

cache-control
max-age=315360000
etag
"52f8f280-130"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
content-length
304
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 10 Feb 2014 15:38:40 GMT
server
nginx/1.16.1
x-frame-options
SAMEORIGIN
matomo.php
pwk.mensaycards.com/ 		0
180 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pwk.mensaycards.com/matomo.php?action_name=Login%20%7C%20Men%20Say%20Cards&idsite=2&rec=1&r=491751&h=23&m=45&s=34&url=https%3A%2F%2Fmensaycards.com%2Flogin%3Furl%3D%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin&_id=4c7c69b5a83e6367&_idn=1&send_image=0&_refts=0&pv_id=PZMRZu&pf_net=316&pf_srv=238&pf_tfr=3&pf_dm1=490&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: pwk.mensaycards.com
URL: https://pwk.mensaycards.com/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
3.93.117.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-93-117-208.compute-1.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://mensaycards.com/

Response headers

x-content-type-options
nosniff
access-control-allow-origin
https://mensaycards.com
date
Sat, 04 Jan 2025 09:45:34 GMT
x-xss-protection
1; mode=block
server
nginx/1.16.1
access-control-allow-credentials
true
referrer-policy
origin
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame E156 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fmensaycards.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://mensaycards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Sat, 04 Jan 2025 09:45:34 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT
x-served-by
cache-iad-kjyo7100157-IAD
sdk.js
connect.facebook.net/en_US/ 		254 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=63f096a1898427ebc6608ebd9cc91c58
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-03-lga3.fbcdn.net
Software
/
Resource Hash
b558e4a9a0c40c98c0c03b6cd0afafaa6f1888368a1295cc9e9aa7914928e41a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mensaycards.com
Referer
https://mensaycards.com/

Response headers

content-md5
nqwlLO9jl097+/VvpdsVaQ==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"c979ffd34cb447330a15a22a699cc60a"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 07:24:47 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 04 Jan 2025 09:45:35 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
0e6ce6d8caef78bcefc1582ec9e16eb7
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=14, mss=1392, tbw=3003, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
bWSWa+M8fuL6g9M7UjztjoH5EoIcZYU/6/RkUxBuatptiMExFFV+TtfEvmwqAXfhzIKxXI/QG9fYPWW1v8DdrQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
76640
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=null&ev=6025102724709&dl=https%3A%2F%2Fmensaycards.com%2Flogin%3Furl%3D%252Fcreate_ecard%252F%253Fc%253Dc1.png%2526t%253D001animals.png%2526cat%253D35%2526text%253D%252B%25250D%25250A%252B%25250D%25250AMarketing%252Binvestments%252Bshould%252Balways%252Bdeliver%252Bresults.%252BA%252Bplatform%252Bprofile%252Bdelivers%252Ba%252Bhigh%252BROI%252Bby%252Bdriving%252Bvisibility%25252C%252Benhancing%252Brankings%25252C%252Band%252Benhancing%252Byour%252Bcredibility.%252B%25250D%25250AUnlike%252Bexpensive%252Bpromotions%25252C%252Bdirectories%252Bfocus%252Bon%252Bongoin&rl=&if=false&ts=1735983934885&cd[value]=0.00&cd[currency]=USD
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1392, tbw=2996, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 04 Jan 2025 09:45:35 GMT
content-type
text/plain
server
proxygen-bolt
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 		435 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
br
etag
4174761130244020438
age
30580
x-content-type-options
nosniff
expires
Sat, 18 Jan 2025 01:15:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 04 Jan 2025 01:15:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147831
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 6A9C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mensaycards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
18208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jan 2025 04:42:07 GMT
etag
17661348622971093804
expires
Sat, 18 Jan 2025 04:42:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F0B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6691222809324346&output=html&h=90&slotname=6906948516&adk=1823414837&adf=2021939151&pi=t.ma~as.6906948516&w=728&abgtt=9&lmt=1735983935&format=728x90&url=https%3A%2F%2Fmensaycards.com%2Flogin%3Furl%3D%252Fcreate_ecard%252F%253Fc%253Dc1.png%2526t%253D001animals.png%2526cat%253D35%2526text%253D%252B%25250D%25250A%252B%25250D%25250AMarketing%252Binvestments%252Bshould%252Balways%252Bdeliver%252Bresults.%252BA%252Bplatform%252Bprofile%252Bdelivers%252Ba%252Bhigh%252BROI%252Bby%252Bdriving%252Bvisibility%25252C%252Benhancing%252Brankings%25252C%252Band%252Benhancing%252Byour%252Bcredibility.%252B%25250D%25250AUnlike%252Bexpensive%252Bpromotions%25252C%252Bdirectories%252Bfocus%252Bon%252Bongoin&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735983934912&bpp=6&bdt=907&idt=62&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=2704966866156&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=280&ady=317&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089336%2C95332925&oid=2&pvsid=3909684435149246&tmod=1701970313&uas=0&nvt=1&fc=896&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mensaycards.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jan 2025 09:45:35 GMT
expires
Sat, 04 Jan 2025 09:45:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 32AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6691222809324346&output=html&h=250&slotname=3674280516&adk=28220291&adf=2257037737&pi=t.ma~as.3674280516&w=300&abgtt=9&lmt=1735983935&format=300x250&url=https%3A%2F%2Fmensaycards.com%2Flogin%3Furl%3D%252Fcreate_ecard%252F%253Fc%253Dc1.png%2526t%253D001animals.png%2526cat%253D35%2526text%253D%252B%25250D%25250A%252B%25250D%25250AMarketing%252Binvestments%252Bshould%252Balways%252Bdeliver%252Bresults.%252BA%252Bplatform%252Bprofile%252Bdelivers%252Ba%252Bhigh%252BROI%252Bby%252Bdriving%252Bvisibility%25252C%252Benhancing%252Brankings%25252C%252Band%252Benhancing%252Byour%252Bcredibility.%252B%25250D%25250AUnlike%252Bexpensive%252Bpromotions%25252C%252Bdirectories%252Bfocus%252Bon%252Bongoin&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735983934918&bpp=2&bdt=913&idt=110&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=728x90&correlator=2704966866156&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1018&ady=525&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089336%2C95332925&oid=2&pvsid=3909684435149246&tmod=1701970313&uas=0&nvt=1&fc=896&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mensaycards.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
413
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jan 2025 09:45:35 GMT
expires
Sat, 04 Jan 2025 09:45:35 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AA09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6691222809324346&output=html&adk=1812271804&adf=3025194257&abgtt=9&lmt=1735983935&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fmensaycards.com%2Flogin%3Furl%3D%252Fcreate_ecard%252F%253Fc%253Dc1.png%2526t%253D001animals.png%2526cat%253D35%2526text%253D%252B%25250D%25250A%252B%25250D%25250AMarketing%252Binvestments%252Bshould%252Balways%252Bdeliver%252Bresults.%252BA%252Bplatform%252Bprofile%252Bdelivers%252Ba%252Bhigh%252BROI%252Bby%252Bdriving%252Bvisibility%25252C%252Benhancing%252Brankings%25252C%252Band%252Benhancing%252Byour%252Bcredibility.%252B%25250D%25250AUnlike%252Bexpensive%252Bpromotions%25252C%252Bdirectories%252Bfocus%252Bon%252Bongoin&pra=7&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735983934920&bpp=7&bdt=915&idt=127&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=728x90%2C300x250&nras=1&correlator=2704966866156&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089336%2C95332925&oid=2&pvsid=3909684435149246&tmod=1701970313&uas=0&nvt=1&fsapi=1&fc=896&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=142
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mensaycards.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5445
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jan 2025 09:45:36 GMT
expires
Sat, 04 Jan 2025 09:45:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pinit_main.js
assets.pinterest.com/js/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pinterest.com/js/pinit_main.js?0.09503282907975574
Requested by
Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.56.163.34 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-163-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79e9f1410dfcf6f141bae90a3c3195c275ec390f5d35fce5bcba4b4927a1a7e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

access-control-max-age
86400
cache-control
max-age=153
access-control-expose-headers
X-CDN
content-encoding
br
etag
"539011b799990d9851f6350858332e47"
x-cdn
akamai
access-control-allow-methods
GET
accept-ranges
bytes
access-control-allow-origin
*
content-length
18698
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding, Origin
x-amz-server-side-encryption
AES256
/
log.pinterest.com/ 		0
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.pinterest.com/?type=pidget&guid=DDPSkmVx83yc&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fmensaycards.com%2Flogin%3Furl%3D%252Fcreate_ecard%252F%253Fc%253Dc1.png%2526t%253D001animals.png%2526cat%253D35%2526text%253D%252B%25250D%25250A%252B%25250D%25250AMarketing%252Binvestments%252Bshould%252Balways%252Bdeliver%252Bresults.%252BA%252Bplatform%252Bprofile%252Bdelivers%252Ba%252Bhigh%252BROI%252Bby%252Bdriving%252Bvisibility%25252C%252Benhancing%252Brankings%25252C%252Band%252Benhancing%252Byour%252Bcredibility.%252B%25250D%25250AUnlike%252Bexpensive%252Bpromotions%25252C%252Bdirectories%252Bfocus%252Bon%252Bongoin
Requested by
Host: mensaycards.com
URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

access-control-max-age
86400
x-pinterest-rid-128bit
7b06e61c34db4d42021d793c5768f07d
access-control-allow-methods
GET, POST, OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443";ma=600
x-cache
MISS
date
Sat, 04 Jan 2025 09:45:36 GMT
x-served-by
cache-ewr-kewr1740067-EWR
x-cache-hits
0
cache-control
no-cache,no-store,must-revalidate,max-age=0
pragma
no-cache
x-envoy-upstream-service-time
0
x-timer
S1735983936.315998,VS0,VE7
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-pinterest-rid
1524112624719586
server
envoy
ca-pub-6691222809324346
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-6691222809324346?href=https%3A%2F%2Fmensaycards.com%2Flogin&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
0a98c8d6bfe9e8ad0622005cf23f1e34b2fd8de112377f20b589dbdcb695cbd6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-CNV4zxrEhCBjCN19lQUAXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:36 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1pBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC_FwHGh7sptN4MXsN5uYlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMjQyN9AwM4wsMAJkGRd0"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-CNV4zxrEhCBjCN19lQUAXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://mensaycards.com/

Response headers
AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DuCgZ9i18VDzFr_wWjjXWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mensaycards.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfjYNuT3WwCDbtXnmJUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRqYGhgZGegZm8QUGAPY2Kso"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DuCgZ9i18VDzFr_wWjjXWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mensaycards.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVRxX4T8UzIoCUS74P5_YXlWrBlufOAXv2TVywM5tZESUamm80HfOfj80ORp6ISfK8Q-ZrteObphSJV_yDNw1RnHSO4e1lvILRf2AdMwEkM8XmJPyKSnFBjTxNWlpaxXvYr-mzl9g==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVRxX4T8UzIoCUS74P5_YXlWrBlufOAXv2TVywM5tZESUamm80HfOfj80ORp6ISfK8Q-ZrteObphSJV_yDNw1RnHSO4e1lvILRf2AdMwEkM8XmJPyKSnFBjTxNWlpaxXvYr-mzl9g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1OTgzOTM3LDM1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL21lbnNheWNhcmRzLmNvbS9sb2dpbiIsbnVsbCxbWzgsIklNejU3eWM1aFZ3Il0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
626e7824146bfd8c99b34874ae20524824c8919428c1120aeba605a082c1435d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FPqtrw8BefGzkhTnr7Ta_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1JBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC3FzHGx7sptNYMGiycpKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoZGhkZ6BobxBQYALKlErw"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-FPqtrw8BefGzkhTnr7Ta_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxW9b-cMWL_ZUs_2rV9Jt0UhsMUJt5Hg21jUVGEpKfp79bTI5RMTBIj7JmfgeHLhOkWrAAEeRQc-uo_Na5iLZ5YG0R963NINXeiBUAh3cqQxqo-b4h-UOkcEpv__JNp3OIs7vHsWDQ==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW9b-cMWL_ZUs_2rV9Jt0UhsMUJt5Hg21jUVGEpKfp79bTI5RMTBIj7JmfgeHLhOkWrAAEeRQc-uo_Na5iLZ5YG0R963NINXeiBUAh3cqQxqo-b4h-UOkcEpv__JNp3OIs7vHsWDQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1OTgzOTM3LDEwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbWVuc2F5Y2FyZHMuY29tL2xvZ2luIixudWxsLFtbOCwiSU16NTd5YzVoVnciXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
993ab3206a84dc043f7490ef8103c9b0444c04fc98d5030bc2bd641bef51e9ba
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Yhn9TA9NkdQfVhIQTdesPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC3FzHGx7sptN4MHmbW5KGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJoZGhkZ6BobxBQYASZdFSg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-Yhn9TA9NkdQfVhIQTdesPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
cafe /
Resource Hash
f66967e444758b0b5c396f4bb5bc91b83168c8b6f8386050bf011c7ffcb4e78a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13097
date
Sat, 04 Jan 2025 09:45:37 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
like_box.php
www.facebook.com/v3.2/plugins/ Frame 5A9A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/like_box.php?app_id=728140083887335&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff2b32cdc38f3cc7f%26domain%3Dmensaycards.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fmensaycards.com%252Ff7b4b47738983f353%26relation%3Dparent.parent&container_width=0&header=false&href=https%3A%2F%2Fwww.facebook.com%2Fmensaycardscom-913329112018422%2F&locale=en_US&sdk=joey&show_border=false&show_faces=true&stream=false&width=466
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=63f096a1898427ebc6608ebd9cc91c58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.144.180.1 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-03-lga3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mensaycards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jan 2025 09:45:37 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v16.0
origin-agent-cluster
?1
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7455994235807548001"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7455994235807548001", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1392, tbw=37925, tp=-1, tpl=-1, uplat=70, ullat=0
x-fb-debug
8IssKT3MZNLQ/9rjB9oZLsqv7z1MGXfUjnUMlFoRw1LNSzZAo6hfR+jrF/TMMdPL0XYYci6Vs0Q0rR4pa40qTw==
x-xss-protection
0
favicon.ico
mensaycards.com/ 		1 KB
909 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mensaycards.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
34.215.172.255 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-172-255.us-west-2.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ee0ff5238f57680efe99a9c14885f99f41a77e9265bbc094581eab39192088ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin

Response headers

x-frame-options
SAMEORIGIN
cache-control
max-age=315360000
content-encoding
gzip
etag
W/"530c70f2-47e"
x-content-type-options
nosniff
expires
Thu, 31 Dec 2037 23:55:55 GMT
x-ua-compatible
IE=Edge
date
Sat, 04 Jan 2025 09:45:37 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon
last-modified
Tue, 25 Feb 2014 10:31:14 GMT
server
nginx/1.16.1
vary
Accept-Encoding
fif.html
fundingchoicesmessages.google.com/f/AGSKWxX_WlLdDRrmrPyAGvjU8z2jtCSlde_6uqrr3lGNj6dVDoTE6p20JdeJAHRvlKvvGKeHzY0ymp2lDG8d2fIRwJjhvTJ46rlxM3JNVkckJ_i9VFJfCUdPlVuRSkUqVjbOEsb_jDX1vj00yJE9S6C2q9aIVi4sk... 		54 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX_WlLdDRrmrPyAGvjU8z2jtCSlde_6uqrr3lGNj6dVDoTE6p20JdeJAHRvlKvvGKeHzY0ymp2lDG8d2fIRwJjhvTJ46rlxM3JNVkckJ_i9VFJfCUdPlVuRSkUqVjbOEsb_jDX1vj00yJE9S6C2q9aIVi4sk4r4TnVpGuamFlKtyRJnnZHUO_wEoTJi/_/js.ng/site=.intad//pushdownAd./fif.html?s=_728x90ad_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
44ddf501be33257295665751dd7e2290addbb75e639879a4f3e77be929bf8759
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vcVYA9NLPF-YFxf4IXO5FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0ZBiOHHrNtMFIJb4-pJJA4id0mewBgFx681zrFOB2GjteVYnIE76d561CIgNFS6xOoJw0SVWTyBW7bnEagrE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrE1AzPD1CisHEAvxcBxse7KbTeDG-5NNzEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkYmhkaGRnoGhvEFBgDp1Urm"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-vcVYA9NLPF-YFxf4IXO5FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
osd.js
pagead2.googlesyndication.com/pagead/ 		61 B
173 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzvURqnN7XWAIROf2f0Q-7GMaIk_w/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
br
etag
16023549773543154165
age
3480
x-content-type-options
nosniff
expires
Sat, 04 Jan 2025 09:47:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 04 Jan 2025 08:47:37 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
51
x-xss-protection
0
server
cafe
AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
fundingchoicesmessages.google.com/el/ 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-x_gck3bi1IusDqvnbBEyIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mensaycards.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfjYNuT3WwCDZcmtjAruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDI1MDQwMjPQOz-AIDANxSKnY"
content-security-policy
script-src 'report-sample' 'nonce-x_gck3bi1IusDqvnbBEyIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mensaycards.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
fundingchoicesmessages.google.com/el/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EOb_J0ECp0fEGkKS6MxosA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mensaycards.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfjYNuT3WwCNx69Xc-s5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwNDA2M9AzM4gsMACV9K28"
content-security-policy
script-src 'report-sample' 'nonce-EOb_J0ECp0fEGkKS6MxosA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mensaycards.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
fundingchoicesmessages.google.com/el/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NmvdHXU5xWjihfywbTl5Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mensaycards.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfjYNuT3WwCDXcXbmVWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRqYGhgZGegZm8QUGAPcYKs4"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-NmvdHXU5xWjihfywbTl5Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mensaycards.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
fundingchoicesmessages.google.com/el/ 		0
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6MF3LB2AJ7ZIZJAZzMej6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mensaycards.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0pBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfjYNuT3WwCK-Yc3cGs5JKUXxifnJ9XkppXopuYUqwLYhdlJpWW5BehsFPLQCpy8tPTM_PS440MjEwNDA2M9AzM4gsMAPnSKtk"
content-security-policy
script-src 'report-sample' 'nonce-6MF3LB2AJ7ZIZJAZzMej6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mensaycards.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWHoFoMDQq5Ap8sVXn37RXrWULMcGkcHo5SLXAU9bupn_q04M5C2B-XEmdaGLpNNhQp2jnFGq20gv7cuy8A6ypVTi3cFeacWr63pbKHvHQqCyvym7RbUXIq7KUN_Q27gV_49aJiHA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWHoFoMDQq5Ap8sVXn37RXrWULMcGkcHo5SLXAU9bupn_q04M5C2B-XEmdaGLpNNhQp2jnFGq20gv7cuy8A6ypVTi3cFeacWr63pbKHvHQqCyvym7RbUXIq7KUN_Q27gV_49aJiHA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM1OTgzOTM3LDg3NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9tZW5zYXljYXJkcy5jb20vbG9naW4iLG51bGwsW1s4LCJJTXo1N3ljNWhWdyJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
2528f210ed037b5763b5f21a452959c7d646d4f512d6a3571ecc1b2a76c009a3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AEqqy1XpAHbz08neuuPbyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBikPj6kkkDiJ3SZ7AGAXHrzXOsU4HYaO15VicgTvp3nrUIiA0VLrE6gnDRJVZPIFbtucRqCsT3111ifQ7EH-ovs_4A4hnnL7MuAOIiiSusTUDM8PUKKwcQC_FwHGx7sptN4MCWnxuZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMjQyN9AwM4wsMAJnGRd0"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-AEqqy1XpAHbz08neuuPbyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mensaycards.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sat, 04 Jan 2025 09:45:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:38 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
AGSKWxUdI_06260RDfjfXICGsas7pMnsmpQDWSLITuboHHaNNTubA3gsGWpQdIagUDM3QUdRRUkjITlTHM_P2jgAixnBT3tUi_sbdxGFc7E-CnbieYErOPHHeewisdY3OJFnbvfJC2NGLA==
fundingchoicesmessages.google.com/el/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUdI_06260RDfjfXICGsas7pMnsmpQDWSLITuboHHaNNTubA3gsGWpQdIagUDM3QUdRRUkjITlTHM_P2jgAixnBT3tUi_sbdxGFc7E-CnbieYErOPHHeewisdY3OJFnbvfJC2NGLA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2BoJmfkZXadIQ1RYIwd8IA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mensaycards.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoExB_qL7P-AGKGr1dYOYBYiIfjYNuT3WwCM2b3XmBWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRqYGhgZGegZm8QUGAOyAKqo"
content-security-policy
script-src 'report-sample' 'nonce-2BoJmfkZXadIQ1RYIwd8IA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mensaycards.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
fundingchoicesmessages.google.com/el/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUqI1oh-RZ_NkjBFzINY_ZjA0IQioUhUbTg46zXnjgQoiqn46pUo-HQOXvXbgVSAaLl3dHXXlvTQmE5ouMFvBrJXMAmEQr6xQZH1WGRAkbJwqKkYgB-nM-oWJAePTORK0y-YXB5-w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.IMz57yc5hVw.es5.O/am=DAY/d=1/rs=AJlcJMw3zS1wjusUi0gw9griloTCXJzNKw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.14 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1KyPK1G0uxFvjh4RO-266g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mensaycards.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 09:45:37 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1JBiWMS_i8kpfQZrEBB_qL_M-gOIGb5eYeUAYiEejoNtT3azCay4-_kms5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyNTA0MNIzMIsvMAAAxrws2Q"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1KyPK1G0uxFvjh4RO-266g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://mensaycards.com
content-length
0
x-xss-protection
0
server
ESF
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 5240 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.161 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mensaycards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2263
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jan 2025 09:07:55 GMT
expires
Sat, 04 Jan 2025 09:57:55 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F4B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fip9IDtMDoje-CmKFf24aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mensaycards.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Fip9IDtMDoje-CmKFf24aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Jan 2025 09:45:38 GMT
expires
Sat, 04 Jan 2025 09:45:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 function| $ function| jQuery function| tabberObj function| tabberAutomatic function| tabberAutomaticOnLoad object| _paq object| adsbygoogle object| _fbq string| ns3 object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| __twttrll object| twttr object| __twttr object| FB object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| PIN_20092 object| PIN_1735983935199 string| value object| PinUtils object| __buffer object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YWRmNGFkYjE3ZjI4YjIwOWxvYWRlcl9qcw== string| YWRmNGFkYjE3ZjI4YjIwOWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady boolean| ace0ef7c-39cb-4a17-87a0-f15f31a0f8b5 object| GoogleGcLKhOms

9 Cookies

Domain/Path Name / Value
mensaycards.com/ Name: PHPSESSID
Value: vr7hqrfq8qrk9p282o8nkpsnkr
mensaycards.com/ Name: 20160131
Value: 1
mensaycards.com/ Name: _pk_id.2.d216
Value: 4c7c69b5a83e6367.1735983935.
mensaycards.com/ Name: _pk_ses.2.d216
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mensaycards.com/ Name: __gads
Value: ID=56dfccf024ea6add:T=1735983935:RT=1735983935:S=ALNI_MYhAHXyEhxkzfbtIfc4ABSbgPA6eQ
.mensaycards.com/ Name: __gpi
Value: UID=00000fcb058290b4:T=1735983935:RT=1735983935:S=ALNI_Mbri8LAQ1EkU0oyFOi5yo_qOVlw0g
.mensaycards.com/ Name: __eoi
Value: ID=dbe47c74b4a8e281:T=1735983935:RT=1735983935:S=AA-Afjbmc1b5RLRrh8igTF4MExQ6
.mensaycards.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8bhRIw8vJjGEQDI7LZnwiaMXDsN9hC5pMyCYi2h1xSCbiOB5Cu04euvEhpUoVVohP-oHdMmr6gTPmdHQACIDBnGCDAO0cjbuCttci7Ab7mAMmvBqVba0QEeP9xBYnrrPikqupaM4-UfB15GmVH6N51k5PgHg%3D%3D%22%5D%5D

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://mensaycards.com/login?url=%2Fcreate_ecard%2F%3Fc%3Dc1.png%26t%3D001animals.png%26cat%3D35%26text%3D%2B%250D%250A%2B%250D%250AMarketing%2Binvestments%2Bshould%2Balways%2Bdeliver%2Bresults.%2BA%2Bplatform%2Bprofile%2Bdelivers%2Ba%2Bhigh%2BROI%2Bby%2Bdriving%2Bvisibility%252C%2Benhancing%2Brankings%252C%2Band%2Benhancing%2Byour%2Bcredibility.%2B%250D%250AUnlike%2Bexpensive%2Bpromotions%252C%2Bdirectories%2Bfocus%2Bon%2Bongoin
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.pinterest.com
connect.facebook.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
log.pinterest.com
mensaycards.com
pagead2.googlesyndication.com
platform.twitter.com
pwk.mensaycards.com
www.facebook.com
www.google.com
142.250.64.106
142.250.72.100
142.251.32.98
142.251.35.161
142.251.40.162
142.251.40.98
142.251.41.14
146.75.32.157
151.101.64.84
23.56.163.34
3.93.117.208
34.215.172.255
57.144.180.1
57.144.180.128
098d12931f60fe40717f09c0ecb73391b1e704c4ec1733ce93a44e66ea7e6d77
0a98c8d6bfe9e8ad0622005cf23f1e34b2fd8de112377f20b589dbdcb695cbd6
14e0ec4b496a5daea158bcd1d4da90b48b63bb72f8c67f3e86ba9e526e9d424f
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
182c458c788434633812f1973e10c17ecef1afdc9450027cabfe17e6713b1bf4
1bf9c8b55896a4c7567de18527a04b966a6aa134b41c74a220279060a6747935
2528f210ed037b5763b5f21a452959c7d646d4f512d6a3571ecc1b2a76c009a3
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
44ddf501be33257295665751dd7e2290addbb75e639879a4f3e77be929bf8759
47d2bda7f2b1a726797ccbda425b27d95d3c3a0b42198b4e9b2ef60bb556f341
4bd84cea709b39a263987fc2d2a45476f425f079091199460f6651f9a3ba5094
53794a665db60a36bd23d8a6a5970881195f8bb7a8fe52b774e383689d052d61
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5613caa5937ee6fbbe0dbb6377e9ad385218e172118c61dac3d8afafb8a8340c
626e7824146bfd8c99b34874ae20524824c8919428c1120aeba605a082c1435d
66fe86e5a027ac831e573208aa37334a7ebc8d935771e9bd4671862695bfc34b
74d79fd6fe78854e7dde7f8fa0ce0426ff4091340de6c16bdffb2615f005bc70
79e9f1410dfcf6f141bae90a3c3195c275ec390f5d35fce5bcba4b4927a1a7e1
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
7e472f305c7ee86d99782d1292ee2114461622b39a4a2ec1f78092525b4b9c8d
89d484e12b01c634113cceef3cef59885ed9a29aebca7a5d7960bbbfaf82498d
8c26ea8f5188ab6645c0213c16ba7cbd0b51458adad93c10fbf7af68e4ef0b19
90f4c1f20a01511d66231c5213efe66da389d497c1d023a00c74c2745179d5b3
953df0bf45c894e0362078c50a87d5f4bed8efec1261ae11253504e78ef076d9
9930f4e26cb466c1b9941f65c5b628e548d914c415d8857b143356264fb34855
993ab3206a84dc043f7490ef8103c9b0444c04fc98d5030bc2bd641bef51e9ba
9fc1ebdd1d49741a4f0aeb25fafa46d73290cb1381aed455ff8d23b44570acc1
a8be7352ac60ed94ed85e43b5039b6bc0c265fbb152876bcf7f20ebd6fc79b2e
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b558e4a9a0c40c98c0c03b6cd0afafaa6f1888368a1295cc9e9aa7914928e41a
b72a29d2c6fdacaf0ac47af0be6348ee52b6bcaf029d483638a7121d8bd8e5dd
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c7835bed42c9ca0dd1931c1e8bdfb3028212c50e4bb0a1a05e9e5bf270d5b2f6
cca536ffeb1559d00d3ef5621f8d9cc5a53f6d534ed4a05840186d2227738531
cd8245e804b09e9c0fca53e17be4fb46154c982b5f2f2a02c054c5924f2f7cff
d53c17a804fac88d081b7adefdaee36d7433a264b459654f18f01f170bcb76a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e773e49efb906a9dc0b3ca8a056fd3d60bbc64632037b9f07681afdd6f9134f7
ee0ff5238f57680efe99a9c14885f99f41a77e9265bbc094581eab39192088ca
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d
f66967e444758b0b5c396f4bb5bc91b83168c8b6f8386050bf011c7ffcb4e78a
f7f219acce74dc92aed15019703a0b1ce75bde48cdb68ea8d6b88fa25e5af7f0
f827a1e2831bb9c61641f96476c31dc2c6169a46d020d21989db54ea80ff8e7f
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99