allbad.cards Open in urlscan Pro
2606:4700:3030::6812:3f89 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://allbad.cards/
Effective URL:
https://allbad.cards/
Submission: On September 22 via manual (September 22nd 2020, 10:08:19 pm UTC) from US

Summary HTTP 44 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 11 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3030::6812:3f89, located in United States and belongs to CLOUDFLARENET, US. The main domain is allbad.cards.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2020. Valid for: a year.

This is the only time allbad.cards was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:303... 2606:4700:3030::6812:3f89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
4	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0b	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
1	99.84.144.17 99.84.144.17	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:eb:... 2a02:26f0:eb:3af::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
4	2600:9000:21c... 2600:9000:21c7:d600:19:d208:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20e8:e200:11:af01:b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	13.224.193.57 13.224.193.57	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	99.84.144.69 99.84.144.69	16509 (AMAZON-02) (AMAZON-02)
44	15

15 2606:4700:3030::6812:3f89 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

allbad.cards	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4a0:1338:28::c38a:ff0b (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.144.17 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-17.txl52.r.cloudfront.net

sak.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:eb:3af::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21c7:d600:19:d208:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:e200:11:af01:b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.57 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-57.fra2.r.cloudfront.net

cdw-dcl.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.144.69 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-69.txl52.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	allbad.cards 1 redirects allbad.cards	1 MB
9	userreport.com 1 redirects sak.userreport.com cdn.userreport.com tag.userreport.com cdw-dcl.userreport.com audex.userreport.com	85 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	143 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	106 B
5	typekit.net use.typekit.net p.typekit.net	72 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	adform.net 2 redirects dmp.adform.net	594 B
1	googletagservices.com www.googletagservices.com	27 KB
1	google.com adservice.google.com	168 B
1	google.de adservice.google.de	168 B
1	googleapis.com fonts.googleapis.com	889 B
44	11

	Domain	Requested by
15	allbad.cards	1 redirects allbad.cards
4	cdn.userreport.com	sak.userreport.com cdn.userreport.com
4	use.typekit.net	allbad.cards use.typekit.net
4	pagead2.googlesyndication.com	allbad.cards pagead2.googlesyndication.com
3	www.google-analytics.com	allbad.cards www.google-analytics.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	dmp.adform.net	2 redirects
2	cdw-dcl.userreport.com	1 redirects
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	audex.userreport.com
1	cm.g.doubleclick.net	1 redirects
1	tag.userreport.com	cdn.userreport.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	p.typekit.net	use.typekit.net
1	sak.userreport.com	allbad.cards
1	fonts.googleapis.com	allbad.cards
44	19

This site contains links to these domains. Also see Links.

Domain
notallbad.cards
flycarepod.link
soundcloud.com
www.novellusaesthetics.co.uk
justlikejane.com
leisurelandps.com
patreon.com
www.senahugheslauer.com
feedback.userreport.com
jakelauer.com
reddit.com
github.com
twitter.com

Subject Issuer	Validity	Valid
allbad.cards Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.userreport.com RapidSSL RSA CA 2018	`2019-01-10` - `2021-03-10`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://allbad.cards/
Frame ID: 7DA292A88E1EA420E32F0555C86A4A16
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200918/r20190131/zrt_lookup.html
Frame ID: 01768737A529CA4ECC72F2223479CCB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8346501809638313&output=html&adk=1812271804&adf=3025194257&lmt=1599865168&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fallbad.cards%2F&ea=0&flash=0&pra=5&wgl=1&dt=1600812481883&bpp=12&bdt=48&idt=239&shv=r20200918&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7320047980567&frm=20&pv=2&ga_vid=2027261320.1600812482&ga_sid=1600812482&ga_hid=250423489&ga_fc=0&iag=0&icsg=43663&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2743485752004039&pem=432&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=253
Frame ID: 77AB0EEB5F6A717387056BFC501F6294
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8346501809638313&output=html&h=90&slotname=6335602272&adk=1410688466&adf=2096668710&w=1200&lmt=1599865168&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fallbad.cards%2F&flash=0&wgl=1&adsid=NT&dt=1600812482383&bpp=8&bdt=548&idt=8&shv=r20200918&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7320047980567&frm=20&pv=1&ga_vid=2027261320.1600812482&ga_sid=1600812482&ga_hid=250423489&ga_fc=0&iag=0&icsg=567951&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2743485752004039&pem=432&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cm%7CeE%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q5JbDXP8g7&p=https%3A//allbad.cards&dtd=25
Frame ID: 4A0BF289028DDC1F9808127233B71A75
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 26819CC2426DAEC185011075BBEAD07E
Requests: 1 HTTP requests in this frame

Frame: https://tag.userreport.com/server.html
Frame ID: 8B0787CE8976797B18EB51FEA948F7B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://allbad.cards/ HTTP 301
https://allbad.cards/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

44
Requests

100 %
HTTPS

75 %
IPv6

11
Domains

19
Subdomains

15
IPs

5
Countries

1400 kB
Transfer

2928 kB
Size

9
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://notallbad.cards/
Title: Family-Friendly Version

Search URL Search Domain Scan URL

URL: https://flycarepod.link/games
Title: 🐾 Need a vacay to fly away with our pets 🐶

Search URL Search Domain Scan URL

URL: https://soundcloud.com/damndirtydrivein?source=abc
Title: Damn Dirty Drive-In Podcast

Search URL Search Domain Scan URL

URL: https://www.novellusaesthetics.co.uk/
Title: Everyone will notice, no one will know

Search URL Search Domain Scan URL

URL: https://justlikejane.com/?source=abc
Title: 🧼 wash out your mouth!

Search URL Search Domain Scan URL

URL: http://leisurelandps.com/
Title: A Unique Palm Springs Experience

Search URL Search Domain Scan URL

URL: http://patreon.com/allbadcards
Title: + Sponsor

Search URL Search Domain Scan URL

URL: https://www.senahugheslauer.com/?source=abc
Title: senahugheslauer.comMy sister, without whom this site would not exist (it was her idea), is a communications consultant who can make your business shine. Here's her site so you can hire her, because she rocks.

Search URL Search Domain Scan URL

URL: https://feedback.userreport.com/f3ba274c-3e8b-474b-b478-1b39ccbe5f9a/
Title: Feedback + Ideas?

Search URL Search Domain Scan URL

URL: http://jakelauer.com/
Title: Jake Lauer

Search URL Search Domain Scan URL

URL: https://reddit.com/u/HelloControl_
Title: HelloControl_

Search URL Search Domain Scan URL

URL: https://github.com/jakelauer/allbadcards

Search URL Search Domain Scan URL

URL: https://reddit.com/r/allbadcards

Search URL Search Domain Scan URL

URL: http://twitter.com/allbadcards/

Search URL Search Domain Scan URL

URL: http://patreon.com/allbadcards/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://allbad.cards/ HTTP 301
https://allbad.cards/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://cdw-dcl.userreport.com/gs/init/pixel.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=userreport_ddp&google_cm&google_hm=YTQ5M2M4ZWItODg0YmJhZjExZTE4LTFjNjg2Nzg5YTE3Ng== HTTP 302
https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESEL1ax6gvC50XKKvRUZZCVrY&google_cver=1

Request Chain 42

https://dmp.adform.net/serving/cookie/match/?party=1001&cid=6ce68c0f-3d69-48bd-9b50-12518b75b29f HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1001&cid=6ce68c0f-3d69-48bd-9b50-12518b75b29f HTTP 302
https://audex.userreport.com/sync/put/adform?adfusr=2522809065866497561

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
allbad.cards/
Redirect Chain

http://allbad.cards/
https://allbad.cards/

5 KB
2 KB

408ms
391ms

Document
text/html

2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8a558a67bd069322be114c9fe1ebd7d51189a8d75afded6c982b951e5a00a78d

Request headers

:method: GET
:authority: allbad.cards
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 22 Sep 2020 22:08:01 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dac5dd90b1f4763bf103d21b2721c38351600812481; expires=Thu, 22-Oct-20 22:08:01 GMT; path=/; domain=.allbad.cards; HttpOnly; SameSite=Lax; Secure
x-powered-by: Express
cache-control: public, max-age=86400
last-modified: Fri, 11 Sep 2020 22:59:28 GMT
cf-cache-status: DYNAMIC
cf-request-id: 05597513a30000dfd79a0e6200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d6f57990b88dfd7-FRA
content-encoding: br

Redirect headers

Date: Tue, 22 Sep 2020 22:08:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 22 Sep 2020 23:08:01 GMT
Location: https://allbad.cards/
cf-request-id: 05597513730000978afbb2b200000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5d6f5798ba4f978a-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 127 KB
44 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea46b288dab13c7ee0dc8437a5a1f8572b255febe07261a30bebb2526deafd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45081
x-xss-protection: 0
server: cafe
etag: 802539841268293540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Sep 2020 22:08:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
889 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

188758e036889a5f1419b73098114f84134d958481b1837f602f1dead768d4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Sep 2020 20:47:14 GMT
server: ESF
date: Tue, 22 Sep 2020 22:08:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Sep 2020 22:08:01 GMT

GET
H2 200 ojx3ein.css
use.typekit.net/ 5 KB
1004 B 71ms
32ms Stylesheet
text/css 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ojx3ein.css

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

nginx /

Resource Hash

73464c26729123915c5e4a3bdfedc63a2b115f565d825861a10ad0600e010521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Tue, 22 Sep 2020 22:08:01 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 804

GET
H2 200 main.b9537d7a.chunk.css
allbad.cards/static/css/ 243 B
281 B 31ms
29ms Stylesheet
text/css 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/static/css/main.b9537d7a.chunk.css
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7491bf66eaa004eb4a3af6feba4d388cb0ce586550cdb5685cb8a5bfdfdd4b33

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:01 GMT
content-encoding: br
etag: W/"f3-1747f652080"
cf-cache-status: HIT
last-modified: Fri, 11 Sep 2020 22:59:28 GMT
server: cloudflare
age: 23530
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
status: 200
cache-control: public, max-age=86400
cf-ray: 5d6f579b8e67dfd7-FRA
cf-request-id: 05597515330000dfd79a0f9200000001

GET
H2 200 launcher.js Show response
sak.userreport.com/allbadcards/ 24 KB
9 KB 2021ms
456ms Script
application/javascript 99.84.144.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sak.userreport.com/allbadcards/launcher.js
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.17 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-17.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0bdf00e66ed2ddfc058454debedb0a0019e5bdec4d7b8670b0f962de9226c32c

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: rOpMe.OmWpPv0YFK4zl51CkwVWVho1gw
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 06:54:23 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "9f30eb93bb482e00d4452c113f863c7e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=7200, s-maxage=60
date: Tue, 22 Sep 2020 22:08:04 GMT
x-amz-cf-id: T1mr5rpeMbn8bz1VJTuh67opK2JUuz0Yc_NUIFzUsu6qCoqorLQBag==
via: 1.1 81db6db0bc548ca5046f3395364a3667.cloudfront.net (CloudFront)

GET
H2 200 4.9b49e9ef.chunk.js Show response
allbad.cards/static/js/ 1 MB
316 KB 54ms
52ms Script
application/javascript 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/static/js/4.9b49e9ef.chunk.js
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 26de50e9b76acbd14efcf009aba7719293f372c8462580aedc74d99593974c80

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:01 GMT
content-encoding: br
etag: W/"13dff2-1747f652080"
cf-cache-status: HIT
last-modified: Fri, 11 Sep 2020 22:59:28 GMT
server: cloudflare
age: 15719
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=86400
cf-ray: 5d6f579b8e69dfd7-FRA
cf-request-id: 05597515330000dfd79a0fa200000001

GET
H2 200 main.998fe5cd.chunk.js Show response
allbad.cards/static/js/ 90 KB
22 KB 20ms
19ms Script
application/javascript 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/static/js/main.998fe5cd.chunk.js
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 431c3e4c7f81ed4cf9081c189d77f3f75d08d81d84d6537f49f56e98cb784bfd

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:01 GMT
content-encoding: br
etag: W/"16842-1747f652080"
cf-cache-status: HIT
last-modified: Fri, 11 Sep 2020 22:59:28 GMT
server: cloudflare
age: 23530
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=86400
cf-ray: 5d6f579b8e6adfd7-FRA
cf-request-id: 05597515330000dfd79a0fb200000001

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200918/r20190131/ 228 KB
87 KB 50ms
34ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200918/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb84fc29f9f6477a18a73d902c024e36306161202484b90ced2b4d0d8333aeed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87755
x-xss-protection: 0
server: cafe
etag: 16334082744721417551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Sep 2020 22:08:01 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200918/r20190131/ Frame 0176 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200918/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200918/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://allbad.cards/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://allbad.cards/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 21 Sep 2020 23:18:56 GMT
expires: Mon, 05 Oct 2020 23:18:56 GMT
content-type: text/html; charset=UTF-8
etag: 17942277541989656716
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4728
x-xss-protection: 0
age: 82145
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 26ms
9ms Stylesheet
text/css 2a02:26f0:eb:3af::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ojx3ein&ht=tk&f=42262.42263.42264.42265.42268.42269&a=48185717&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ojx3ein.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:3af::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/ojx3ein.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:01 GMT
last-modified: Thu, 25 Jun 2020 00:18:22 GMT
server: nginx
etag: "5ef3ed4e-5"
status: 200
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 status Show response
allbad.cards/auth/ 111 B
373 B 382ms
381ms Fetch
application/json 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/auth/status
Requested by: Host: allbad.cards
URL: https://allbad.cards/static/js/main.998fe5cd.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 786aea7e234a7365912bae1000ee57fbc35a4e7ac3fe4192e8c5a0c462765da0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
content-encoding: br
etag: W/"6f-OSdb9hlknjyc3Ajgtx+xr2JRcP4"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
cf-ray: 5d6f579c5f39dfd7-FRA
cf-request-id: 05597515b90000dfd79a0ff200000001

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: allbad.cards
URL: https://allbad.cards/static/js/4.9b49e9ef.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 5661
date: Tue, 22 Sep 2020 20:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 22 Sep 2020 22:33:41 GMT

GET
H2 200 logo-tiny-inverted.png
allbad.cards/ 26 KB
26 KB 11ms
10ms Image
image/png 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allbad.cards/logo-tiny-inverted.png
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 222804ee3c7cd25f35c2c81ac30072ec439ded8e5b7be3908b001708c85c903e

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
cf-cache-status: HIT
age: 42887
x-powered-by: Express
status: 200
content-length: 26158
cf-request-id: 055975160b0000dfd79a102200000001
last-modified: Wed, 22 Jul 2020 15:02:40 GMT
server: cloudflare
etag: W/"662e-173770c4680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 5d6f579cdfe2dfd7-FRA

GET
H2 200 l
use.typekit.net/af/e6c9d7/00000000000000003b9b3294/27/ 23 KB
24 KB 66ms
27ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e6c9d7/00000000000000003b9b3294/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ojx3ein.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4c04951d681e82b0b141d736cae0d3b0e0b7a6d302f7a4af0ed78ef3a3d77692

Request headers

Origin: https://allbad.cards
Referer: https://use.typekit.net/ojx3ein.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
server: nginx
etag: "87149461203978cb8a20f384d3517fbfdd673607"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 24020

GET
H2 200 l
use.typekit.net/af/b02f9e/00000000000000003b9b3290/27/ 23 KB
23 KB 69ms
30ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b02f9e/00000000000000003b9b3290/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ojx3ein.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 82a9ebaec2ea9d2e7ef7a6c9a954e7389b3cd08fe9af01193dba3bb4245a8934

Request headers

Origin: https://allbad.cards
Referer: https://use.typekit.net/ojx3ein.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
server: nginx
etag: "9e7bc2c13bceb665fce4ff5a558d3619b4d7611e"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 23744

GET
H2 200 l
use.typekit.net/af/215c75/00000000000000003b9b328e/27/ 24 KB
24 KB 67ms
29ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/215c75/00000000000000003b9b328e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ojx3ein.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3d69def0f2cadaf060f3b2ce1473afb6f6e72caa5ba08f0e8c67f70a03b43e6e

Request headers

Origin: https://allbad.cards
Referer: https://use.typekit.net/ojx3ein.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
server: nginx
etag: "2569c3a598e958cd16f36951458bed384577229e"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 24508

GET
H2 200 register Show response
allbad.cards/api/user/ 20 B
346 B 189ms
188ms Fetch
application/json 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://allbad.cards/api/user/register
Requested by: Host: allbad.cards
URL: https://allbad.cards/static/js/main.998fe5cd.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2de04bd385da81bcc68bd071924074fdd9d4dce3b0d2366f417063cfa45c9b9c

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
content-encoding: br
etag: W/"14-9rF+/gT9Rzqu6i6zoOcAN/yys4k"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
cf-ray: 5d6f579d283ddfd7-FRA
cf-request-id: 055975163c0000dfd79a107200000001

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=allbad.cards

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200918/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=allbad.cards

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200918/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 77AB 0
0 55ms
54ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8346501809638313&output=html&adk=1812271804&adf=3025194257&lmt=1599865168&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fallbad.cards%2F&ea=0&flash=0&pra=5&wgl=1&dt=1600812481883&bpp=12&bdt=48&idt=239&shv=r20200918&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7320047980567&frm=20&pv=2&ga_vid=2027261320.1600812482&ga_sid=1600812482&ga_hid=250423489&ga_fc=0&iag=0&icsg=43663&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2743485752004039&pem=432&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200918/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8346501809638313&output=html&adk=1812271804&adf=3025194257&lmt=1599865168&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fallbad.cards%2F&ea=0&flash=0&pra=5&wgl=1&dt=1600812481883&bpp=12&bdt=48&idt=239&shv=r20200918&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7320047980567&frm=20&pv=2&ga_vid=2027261320.1600812482&ga_sid=1600812482&ga_hid=250423489&ga_fc=0&iag=0&icsg=43663&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2743485752004039&pem=432&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=253
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://allbad.cards/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://allbad.cards/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Sep 2020 22:08:02 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 22-Sep-2020 22:23:02 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Sep 2020 22:08:02 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200918/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1109f4331a2b98162695b55b54a61fb6b0d010e90ab72ecc4543c89f617fa90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600688589454019"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27590
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:08:02 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=250423489&t=pageview&_s=1&dl=https%3A%2F%2Fallbad.cards%2F&dp=%2F&ul=en-us&de=UTF-8&dt=All%20Bad%20Cards%20%7C%20Be%20rude.%20Be%20irreverent.%20Be%20Hilarious!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=179264550&gjid=221972269&cid=2027261320.1600812482&tid=UA-23730353-5&_gid=526343446.1600812482&_r=1&_slc=1&z=193834088

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:08:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://allbad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 6ms
5ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=250423489&t=event&_s=2&dl=https%3A%2F%2Fallbad.cards%2F&ul=en-us&de=UTF-8&dt=All%20Bad%20Cards%20%7C%20Be%20rude.%20Be%20irreverent.%20Be%20Hilarious!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Game&ea=Register-User&_u=IAhAAEABAAAAAC~&jid=&gjid=&cid=2027261320.1600812482&tid=UA-23730353-5&_gid=526343446.1600812482&z=1682241929

Requested by

Host: allbad.cards
URL: https://allbad.cards/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 00:07:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 79235
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-23730353-5&cid=2027261320.1600812482&jid=179264550&gjid=221972269&_gid=526343446.1600812482&_u=IAhAAEAAAAAAAC~&z=57852426

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Sep 2020 22:08:02 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://allbad.cards
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 carepod.png
allbad.cards/sponsors/ 17 KB
17 KB 14ms
11ms Image
image/png 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allbad.cards/sponsors/carepod.png
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 13cef9f9b1f6bf1ee90df0a799fc67f550c6392a56967ef1cd3d8e3da49c3361

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
cf-cache-status: HIT
age: 20091
x-powered-by: Express
status: 200
content-length: 16900
cf-request-id: 05597517560000dfd79a114200000001
last-modified: Mon, 20 Apr 2020 00:24:28 GMT
server: cloudflare
etag: W/"4204-17194f8d660"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 5d6f579efa57dfd7-FRA

GET
H2 200 justlikejane.jpg
allbad.cards/sponsors/ 14 KB
14 KB 20ms
17ms Image
image/jpeg 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allbad.cards/sponsors/justlikejane.jpg
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: abce4e8b7cfac7513a0c708dc10a92630f7ca228e163cc840eb4363bf9a4905f

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
cf-cache-status: HIT
age: 6119
x-powered-by: Express
status: 200
content-length: 14152
cf-request-id: 05597517560000dfd79a115200000001
last-modified: Tue, 28 Apr 2020 00:34:12 GMT
server: cloudflare
etag: W/"3748-171be349fa0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 5d6f579efa58dfd7-FRA

GET
H2 200 novellusauesthetics2.jpeg
allbad.cards/sponsors/ 55 KB
55 KB 25ms
23ms Image
image/jpeg 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allbad.cards/sponsors/novellusauesthetics2.jpeg
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4d2fb3640c01f25bb8c56d76817abb04667bd99432af6bb18670868a01ca30f9

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
cf-cache-status: HIT
age: 6119
x-powered-by: Express
status: 200
content-length: 56325
cf-request-id: 05597517560000dfd79a116200000001
last-modified: Sun, 10 May 2020 22:37:20 GMT
server: cloudflare
etag: W/"dc05-17200bc4d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 5d6f579efa5adfd7-FRA

GET
H2 200 damndirtydrivein.jpg
allbad.cards/sponsors/ 123 KB
123 KB 16ms
14ms Image
image/jpeg 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allbad.cards/sponsors/damndirtydrivein.jpg
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1c77e797222a0058fd7124599f83bf6ee69af2a94fae2e95fa01b387bb44cb05

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
cf-cache-status: HIT
age: 20090
x-powered-by: Express
status: 200
content-length: 125823
cf-request-id: 05597517560000dfd79a117200000001
last-modified: Wed, 20 May 2020 01:41:56 GMT
server: cloudflare
etag: W/"1eb7f-1722fbe8aa0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 5d6f579efa5cdfd7-FRA

GET
H2 200 leisurelandps.png
allbad.cards/sponsors/ 27 KB
27 KB 15ms
13ms Image
image/png 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allbad.cards/sponsors/leisurelandps.png
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d1e6e38d8dab728116205e31dd091e9c4e22fd6c303b68a0da9e7bfce0cca18d

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
cf-cache-status: HIT
age: 20090
x-powered-by: Express
status: 200
content-length: 27604
cf-request-id: 05597517560000dfd79a118200000001
last-modified: Mon, 13 Jul 2020 15:03:50 GMT
server: cloudflare
etag: W/"6bd4-17348b41bf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 5d6f579efa5edfd7-FRA

GET
H2 200 shl.png
allbad.cards/sponsors/ 30 KB
30 KB 13ms
12ms Image
image/png 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allbad.cards/sponsors/shl.png
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4320db553756aab6c865889a5de1391674202a8c6c8ecef2ecc152aa4824ed85

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
cf-cache-status: HIT
age: 6119
x-powered-by: Express
status: 200
content-length: 30331
cf-request-id: 05597517560000dfd79a119200000001
last-modified: Sat, 25 Apr 2020 21:10:54 GMT
server: cloudflare
etag: W/"767b-171b32dc730"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 5d6f579efa5fdfd7-FRA

GET
H2 200 logo-large.png
allbad.cards/ 419 KB
420 KB 16ms
14ms Image
image/png 2606:4700:3030::6812:3f89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allbad.cards/logo-large.png?1
Requested by: Host: allbad.cards
URL: https://allbad.cards/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3f89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 19b352b3496598e55d14b193009292c473affd6265596ca2efb10f29da667be0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:02 GMT
cf-cache-status: HIT
age: 6119
x-powered-by: Express
status: 200
content-length: 429249
cf-request-id: 05597517670000dfd79a11b200000001
last-modified: Wed, 22 Jul 2020 15:02:40 GMT
server: cloudflare
etag: W/"68cc1-173770c4680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 5d6f579f0a85dfd7-FRA

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4A0B 0
0 328ms
327ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8346501809638313&output=html&h=90&slotname=6335602272&adk=1410688466&adf=2096668710&w=1200&lmt=1599865168&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fallbad.cards%2F&flash=0&wgl=1&adsid=NT&dt=1600812482383&bpp=8&bdt=548&idt=8&shv=r20200918&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7320047980567&frm=20&pv=1&ga_vid=2027261320.1600812482&ga_sid=1600812482&ga_hid=250423489&ga_fc=0&iag=0&icsg=567951&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2743485752004039&pem=432&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cm%7CeE%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q5JbDXP8g7&p=https%3A//allbad.cards&dtd=25

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200918/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8346501809638313&output=html&h=90&slotname=6335602272&adk=1410688466&adf=2096668710&w=1200&lmt=1599865168&rafmt=11&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x90&url=https%3A%2F%2Fallbad.cards%2F&flash=0&wgl=1&adsid=NT&dt=1600812482383&bpp=8&bdt=548&idt=8&shv=r20200918&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7320047980567&frm=20&pv=1&ga_vid=2027261320.1600812482&ga_sid=1600812482&ga_hid=250423489&ga_fc=0&iag=0&icsg=567951&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=393&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=2743485752004039&pem=432&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7Cm%7CeE%7Cp&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Q5JbDXP8g7&p=https%3A//allbad.cards&dtd=25
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://allbad.cards/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://allbad.cards/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Sep 2020 22:08:02 GMT
server: cafe
content-length: 28947
x-xss-protection: 0
set-cookie: IDE=AHWqTUniqk_x6xuYtsZphH1R90xzBbduI2mWW_0QTv0UW_HSu9ga9MkaEfl_Vffy; expires=Sun, 17-Oct-2021 22:08:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Sep 2020 22:08:02 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 36ms
23ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200918&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200918/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8404963ef71521f2f734cf00aa1b9d316748206317a227d7a77586705b4229a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6354
x-xss-protection: 0

GET
H2 200 userreport.js Show response
cdn.userreport.com/ 240 KB
72 KB 57ms
15ms Script
application/x-javascript 2600:9000:21c7:d600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/userreport.js
Requested by: Host: sak.userreport.com
URL: https://sak.userreport.com/allbadcards/launcher.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:d600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 371fd8b4a85096e3e7b6eb19cea4fda07aa01a30659868d920f084a127e8376c

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: mve1EG.mx7x.PA25badidEj9bKeSq1cI
content-encoding: gzip
etag: "59a7c939f4d9dedb7fa6cd1b28019178"
age: 2155
x-cache: Hit from cloudfront
status: 200
content-length: 72863
last-modified: Tue, 22 Sep 2020 14:29:23 GMT
server: AmazonS3
date: Tue, 22 Sep 2020 21:32:08 GMT
content-type: application/x-javascript
via: 1.1 d2322e4264977966de69a888b2e0eba9.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
x-amz-cf-id: 9G8aeEbF7l_Ik7oE4KuMdfQGt6eO2yAuXbH7N540I3L20pKFrxbY5A==

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200918/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:08:03 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 2681 0
0 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://allbad.cards/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://allbad.cards/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 22 Sep 2020 21:36:33 GMT
expires: Wed, 22 Sep 2021 21:36:33 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1890
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 settings.js Show response
cdn.userreport.com/w_f3ba274c-3e8b-474b-b478-1b39ccbe5f9a/ 5 KB
2 KB 88ms
88ms Script
text/javascript 2600:9000:21c7:d600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/w_f3ba274c-3e8b-474b-b478-1b39ccbe5f9a/settings.js
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:d600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94d78fe5843043310f92bc42679b31a2e15816856de64b194797494df7e2643f

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 47oHuUSRw24iNBpxwxTw7JmEx9JrIDu3
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 06:56:13 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
etag: "903aaf119cb9114d0c08051c8b04d829"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=0
date: Tue, 22 Sep 2020 22:08:05 GMT
accept-ranges: bytes
content-length: 1653
via: 1.1 d2322e4264977966de69a888b2e0eba9.cloudfront.net (CloudFront)
x-amz-cf-id: jOwlpv-CxrhhS4KevEJd_uR7ebC9lQDVRsIkPK3B_YO4NkGRvWC2lw==

GET
H2 200 SystemSettings.js Show response
cdn.userreport.com/ 894 B
845 B 109ms
108ms Script
text/javascript 2600:9000:21c7:d600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/SystemSettings.js
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:d600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9464552e64337889ef3a9dc120396d91f87b2015ad60a8bc0b61d846839f28af

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: gQ1hO0YgbYhTxRfqxYszZJ_hqU5aLpvt
content-encoding: gzip
last-modified: Wed, 14 Mar 2018 15:46:54 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
etag: "fbcd727c30fa10bc139aca4aec81f8e3"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=0
date: Tue, 22 Sep 2020 22:08:05 GMT
accept-ranges: bytes
content-length: 442
via: 1.1 d2322e4264977966de69a888b2e0eba9.cloudfront.net (CloudFront)
x-amz-cf-id: Y61mGVTCxRpNaOLObaoqrYOP_EAWtY-XiIJMfEvxDvcYOpYAjOSVHA==

GET
H2 200 server.html
tag.userreport.com/ Frame 8B07 0
0 42ms
14ms Document
text/html 2600:9000:20e8:e200:11:af01:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.userreport.com/server.html
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e200:11:af01:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash

Request headers

:method: GET
:authority: tag.userreport.com
:scheme: https
:path: /server.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://allbad.cards/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://allbad.cards/

Response headers

status: 200
content-type: text/html
date: Tue, 22 Sep 2020 21:24:25 GMT
server: nginx/1.12.2
last-modified: Tue, 14 Apr 2020 13:55:12 GMT
etag: W/"5e95c0c0-97d8"
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: max-age=3600
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9d11c99c18949c4780bf1400ceca8369.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: BPTXQrtDd7Oc01rERh6ETRfMwobLBjNlRBUYV12LYu21wYLVN17pQQ==
age: 2619

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 44ms
41ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200918&jk=2743485752004039&bg=!-Pul--NY8ZRQP-9_YBQCAAAAbFIAAAAPCgHaF2HfGNBoI_35ht6dxp-59O9bm6sJs5yH99c3mDyl5eabYin7arZoxAJ9YMBT2iLBWbNWi3PJVqBD5lzW1Ictc3avSQdgdB4GfbIJ6pyrpxa66bww-QdT5DJfmPLNLM2V_j7sjkVOrbnkzHxr9EeyYYcRixR92HtBO4CwSQjlZDkbOaxchJYtzDOpNL0d1Q7BZoxiEGoP9dsSIj30w1vHmomg1BTddRGpw9XhY0BzDdokHW56IaGhYq_G-rLhDfy501ad6gfWXSs1CPJt04p9S16oX_URWAxq5ptBqAg6g-3R27M5a-hAQHQWNDUPZd0xWmHyqsfEArqa0ZP5uIJ0QfhIeh6KMlSDoIe_sn6L7pA4Nm73CvCvlNX6r6oUESBUEK9uwRSlM8pGRa0h8zDCyvzABxf-7x4u5dLDPg7C9rfCqOaqOo_SW9B8U82tdd8k9CFGA45ec5XBXox9fWpXeZ6vaCek1WNB7mhztfaD8qlOfXyp6CL9-xMqzVejItHYyHNS8oGuQEnB0NNs5edo4FyKPNN2waYVzQ_UPEexWu2nKOqGhHnZNXM8k35F43N9iubSqvZF_XRKxT8bCNyeBj0qogTM_BsjbUcymSr958UU7sI7BOcODAjWmQGluUYnpyCK5qlKfJufITcY5eDYbJgQLKRv7UHOxgZPM3e7gZxxDk6x0BuQJRMFzm5qvm8sSdsE7oCJJSww1OOUhuyirGzJGL1UyyXoeUhu82WC8Z66LN86YUjeg7Ic2OAgxYdofcNcMy85WZk-1hbuj_lRYv4MFwpIUaKpcECYkOzTQE_f7w-vSRdGOOtEwzFmWFICDTDxzmV3pmq3HnG8x0iGck-Fjz3KTBxttNQJ1X8cLVuqzpOkdCz77OZIdEkSSY0L2zgiixtG1m-ttsJy34MQ2Y7iC12OZjzdGBJqWhUlylmHp5gttahlZVZTbE2xbywIRWklLFE2q9Ig3omRrfYjoN_yDBEQ_3vE5djki4IJAewdZoWUrLuoCD9-liY0sFDffSQiuq2Obi4GA5pcCHfbewVAqe-EqxmEnwKLTJv5cPdtx6lKjZfHjF4feYrgtB0qQ9mw8EJ9DjhY3bUAKmnhG-ld2bxBo7hSAdIXKa-adJgdMcoZrsFz5Km0xc9APrr8Yfit-5blPtqFGJIVATIagZXuTrqb1cn6yTNzjoMmbhw6sg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:08:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics-tags.js Show response
cdn.userreport.com/ 265 B
651 B 13ms
12ms Script
application/javascript 2600:9000:21c7:d600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/analytics-tags.js
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:d600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d8c62049816b4a834204bb3a79b014f88a6c6dc916e7ab26abf0d40c2e69ed4

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: BQ4neG9T5yHFyGCIm7yA158D1GNg0I81
via: 1.1 d2322e4264977966de69a888b2e0eba9.cloudfront.net (CloudFront)
last-modified: Fri, 03 Aug 2018 07:14:09 GMT
server: AmazonS3
age: 3199
etag: "b9c284ba1fea2a6f6c2de5d0d9904ee9"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
date: Tue, 22 Sep 2020 21:14:45 GMT
x-amz-cf-pop: AMS54-C1
accept-ranges: bytes
content-length: 265
x-amz-cf-id: Z5S7dNp-CbcO6wOu2dLAhSyekHqXwAQ_Y5nAD9lf816p6JMJsZt3aQ==

GET
H/1.1

200
OK

receive
cdw-dcl.userreport.com/gs/
Redirect Chain

https://cdw-dcl.userreport.com/gs/init/pixel.gif
https://cm.g.doubleclick.net/pixel?google_nid=userreport_ddp&google_cm&google_hm=YTQ5M2M4ZWItODg0YmJhZjExZTE4LTFjNjg2Nzg5YTE3Ng==
https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESEL1ax6gvC50XKKvRUZZCVrY&google_cver=1

35 B
419 B

33ms
33ms

Image
image/gif

13.224.193.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESEL1ax6gvC50XKKvRUZZCVrY&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.57 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-57.fra2.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:08:04 GMT
Via: 1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
Server: nginx/1.16.1
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Cache-Control: s-maxage=3600, max-age=0
Connection: keep-alive
Content-Length: 35
X-Amz-Cf-Id: ni9WoStA0pg-sSLsl2NFwritsjGIwTx3d6utCT7BZ6VfobmrphCYWA==

Redirect headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:08:04 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESEL1ax6gvC50XKKvRUZZCVrY&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

adform
audex.userreport.com/sync/put/
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1001&cid=6ce68c0f-3d69-48bd-9b50-12518b75b29f
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1001&cid=6ce68c0f-3d69-48bd-9b50-12518b75b29f
https://audex.userreport.com/sync/put/adform?adfusr=2522809065866497561

35 B
425 B

124ms
54ms

Image
image/gif

99.84.144.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/adform?adfusr=2522809065866497561
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.69 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-69.txl52.r.cloudfront.net
Software: nginx/1.16.1 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://allbad.cards/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:08:04 GMT
Via: 1.1 960b0b60c4f1507c51c75d8f9ab0dc91.cloudfront.net (CloudFront)
Server: nginx/1.16.1
X-Amz-Cf-Pop: TXL52-C1
X-Cache: Miss from cloudfront
Content-Type: image/gif
Cache-Control: s-maxage=68400, max-age=43200
Connection: keep-alive
Content-Length: 35
X-Amz-Cf-Id: ms8182ol406hgD9Ec1GzPuxyg2VAaajz5dIhVXyOKvKhgFTyvQPQ3A==

Redirect headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:08:04 GMT
server: nginx
status: 302
location: https://audex.userreport.com/sync/put/adform?adfusr=2522809065866497561
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
expires: -1

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 12:40:16	Name: DSID Value: NO_DATA
.allbad.cards/	1970-01-19 13:23:24	Name: auth Value: 26e4b8adfb5f24b08012de470e94b9cefcd91c9bde2428546ecf97b358b0f7cd26ab5af718a683172ac43ec0fe821c7309110a6ec1d3b8e6cb04afc54e38183c2074927faa03910ceaf0cd85c856b08a
allbad.cards/	1971-01-19 03:54:36	Name: secret Value: 5a98577778f100059c3c9ccdc9e7c7b2621ac1dc6b6f030ee3a971331df40b3b82702c963db7473d207a9a6d48b88523b28c0f52f1d4c8eb72a73107c7a5ce12
allbad.cards/	1971-01-19 03:54:36	Name: guid Value: J572Azm1P
.allbad.cards/	1970-01-19 12:40:12	Name: _gat Value: 1
.allbad.cards/	1970-01-19 12:41:38	Name: _gid Value: GA1.2.526343446.1600812482
.allbad.cards/	1970-01-20 06:11:24	Name: _ga Value: GA1.2.2027261320.1600812482
.doubleclick.net/	1970-01-19 22:01:48	Name: IDE Value: AHWqTUniqk_x6xuYtsZphH1R90xzBbduI2mWW_0QTv0UW_HSu9ga9MkaEfl_Vffy
.allbad.cards/	1970-01-19 13:23:24	Name: __cfduid Value: dac5dd90b1f4763bf103d21b2721c38351600812481

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://allbad.cards/static/js/4.9b49e9ef.chunk.js(Line 1) Message: [react-ga] ReactGA.initialize must be called first or GoogleAnalytics should be loaded manually

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
allbad.cards
audex.userreport.com
cdn.userreport.com
cdw-dcl.userreport.com
cm.g.doubleclick.net
dmp.adform.net
fonts.googleapis.com
googleads.g.doubleclick.net
p.typekit.net
pagead2.googlesyndication.com
sak.userreport.com
stats.g.doubleclick.net
tag.userreport.com
tpc.googlesyndication.com
use.typekit.net
www.google-analytics.com
www.googletagservices.com
13.224.193.57
2600:9000:20e8:e200:11:af01:b40:93a1
2600:9000:21c7:d600:19:d208:7940:93a1
2606:4700:3030::6812:3f89
2a00:1450:4001:801::2001
2a00:1450:4001:802::200a
2a00:1450:4001:819::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:400c:c07::9d
2a01:4a0:1338:28::c38a:ff0b
2a02:26f0:eb:3af::19fd
37.157.6.241
99.84.144.17
99.84.144.69
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0bdf00e66ed2ddfc058454debedb0a0019e5bdec4d7b8670b0f962de9226c32c
13cef9f9b1f6bf1ee90df0a799fc67f550c6392a56967ef1cd3d8e3da49c3361
188758e036889a5f1419b73098114f84134d958481b1837f602f1dead768d4ac
19b352b3496598e55d14b193009292c473affd6265596ca2efb10f29da667be0
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c77e797222a0058fd7124599f83bf6ee69af2a94fae2e95fa01b387bb44cb05
222804ee3c7cd25f35c2c81ac30072ec439ded8e5b7be3908b001708c85c903e
26de50e9b76acbd14efcf009aba7719293f372c8462580aedc74d99593974c80
2de04bd385da81bcc68bd071924074fdd9d4dce3b0d2366f417063cfa45c9b9c
371fd8b4a85096e3e7b6eb19cea4fda07aa01a30659868d920f084a127e8376c
3d69def0f2cadaf060f3b2ce1473afb6f6e72caa5ba08f0e8c67f70a03b43e6e
431c3e4c7f81ed4cf9081c189d77f3f75d08d81d84d6537f49f56e98cb784bfd
4320db553756aab6c865889a5de1391674202a8c6c8ecef2ecc152aa4824ed85
4c04951d681e82b0b141d736cae0d3b0e0b7a6d302f7a4af0ed78ef3a3d77692
4d2fb3640c01f25bb8c56d76817abb04667bd99432af6bb18670868a01ca30f9
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73464c26729123915c5e4a3bdfedc63a2b115f565d825861a10ad0600e010521
7491bf66eaa004eb4a3af6feba4d388cb0ce586550cdb5685cb8a5bfdfdd4b33
786aea7e234a7365912bae1000ee57fbc35a4e7ac3fe4192e8c5a0c462765da0
7d8c62049816b4a834204bb3a79b014f88a6c6dc916e7ab26abf0d40c2e69ed4
82a9ebaec2ea9d2e7ef7a6c9a954e7389b3cd08fe9af01193dba3bb4245a8934
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8404963ef71521f2f734cf00aa1b9d316748206317a227d7a77586705b4229a5
8a558a67bd069322be114c9fe1ebd7d51189a8d75afded6c982b951e5a00a78d
9464552e64337889ef3a9dc120396d91f87b2015ad60a8bc0b61d846839f28af
94d78fe5843043310f92bc42679b31a2e15816856de64b194797494df7e2643f
abce4e8b7cfac7513a0c708dc10a92630f7ca228e163cc840eb4363bf9a4905f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1109f4331a2b98162695b55b54a61fb6b0d010e90ab72ecc4543c89f617fa90
cb84fc29f9f6477a18a73d902c024e36306161202484b90ced2b4d0d8333aeed
d1e6e38d8dab728116205e31dd091e9c4e22fd6c303b68a0da9e7bfce0cca18d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea46b288dab13c7ee0dc8437a5a1f8572b255febe07261a30bebb2526deafd11

allbad.cards Open in urlscan Pro 2606:4700:3030::6812:3f89 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

75 %IPv6

11 Domains

19 Subdomains

15 IPs

5 Countries

1400 kBTransfer

2928 kBSize

9 Cookies

15 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

allbad.cards Open in urlscan Pro
2606:4700:3030::6812:3f89 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

75 %
IPv6

11
Domains

19
Subdomains

15
IPs

5
Countries

1400 kB
Transfer

2928 kB
Size

9
Cookies

44 HTTP transactions
0 data transactions